@goplus/agentguard 1.1.1 → 1.1.4

package/dist/config.js

@@ -0,0 +1,133 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAgentGuardPaths = getAgentGuardPaths;
+exports.defaultConfig = defaultConfig;
+exports.ensureAgentGuardHome = ensureAgentGuardHome;
+exports.ensureConfig = ensureConfig;
+exports.loadConfig = loadConfig;
+exports.saveConfig = saveConfig;
+exports.connectCloud = connectCloud;
+exports.maskApiKey = maskApiKey;
+exports.validateApiKey = validateApiKey;
+exports.normalizeCloudUrl = normalizeCloudUrl;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const node_os_1 = require("node:os");
+const DEFAULT_CLOUD_URL = 'https://agentguard.gopluslabs.io';
+const API_KEY_PATTERN = /^ag_live_[A-Za-z0-9_-]{8,}$/;
+function getAgentGuardPaths() {
+    const home = process.env.AGENTGUARD_HOME || (0, node_path_1.join)((0, node_os_1.homedir)(), '.agentguard');
+    return {
+        home,
+        configPath: (0, node_path_1.join)(home, 'config.json'),
+        policyCachePath: (0, node_path_1.join)(home, 'policy-cache.json'),
+        auditPath: (0, node_path_1.join)(home, 'audit.jsonl'),
+        eventSpoolPath: (0, node_path_1.join)(home, 'events-spool.jsonl'),
+    };
+}
+function defaultConfig() {
+    const paths = getAgentGuardPaths();
+    return {
+        version: 1,
+        level: 'balanced',
+        cloudUrl: DEFAULT_CLOUD_URL,
+        policyCachePath: paths.policyCachePath,
+        auditPath: paths.auditPath,
+        eventSpoolPath: paths.eventSpoolPath,
+    };
+}
+function ensureAgentGuardHome() {
+    const paths = getAgentGuardPaths();
+    (0, node_fs_1.mkdirSync)(paths.home, { recursive: true, mode: 0o700 });
+    chmodBestEffort(paths.home, 0o700);
+    return paths;
+}
+function ensureConfig() {
+    const paths = ensureAgentGuardHome();
+    if (!(0, node_fs_1.existsSync)(paths.configPath)) {
+        const config = defaultConfig();
+        saveConfig(config);
+        return config;
+    }
+    return loadConfig();
+}
+function loadConfig() {
+    const fallback = defaultConfig();
+    try {
+        const paths = getAgentGuardPaths();
+        const parsed = JSON.parse((0, node_fs_1.readFileSync)(paths.configPath, 'utf8'));
+        return {
+            ...fallback,
+            ...parsed,
+            version: 1,
+            level: normalizeLevel(parsed.level) ?? fallback.level,
+            cloudUrl: parsed.cloudUrl || fallback.cloudUrl,
+            policyCachePath: parsed.policyCachePath || fallback.policyCachePath,
+            auditPath: parsed.auditPath || fallback.auditPath,
+            eventSpoolPath: parsed.eventSpoolPath || fallback.eventSpoolPath,
+        };
+    }
+    catch {
+        return fallback;
+    }
+}
+function saveConfig(config) {
+    const paths = ensureAgentGuardHome();
+    (0, node_fs_1.mkdirSync)((0, node_path_1.dirname)(paths.configPath), { recursive: true });
+    (0, node_fs_1.writeFileSync)(paths.configPath, `${JSON.stringify(config, null, 2)}\n`, { mode: 0o600 });
+    chmodBestEffort(paths.configPath, 0o600);
+}
+function connectCloud(options) {
+    const current = ensureConfig();
+    validateApiKey(options.apiKey);
+    const next = {
+        ...current,
+        cloudUrl: normalizeCloudUrl(options.cloudUrl || current.cloudUrl || DEFAULT_CLOUD_URL),
+        apiKey: options.apiKey,
+        connectedAt: new Date().toISOString(),
+    };
+    saveConfig(next);
+    return next;
+}
+function maskApiKey(apiKey) {
+    if (!apiKey)
+        return 'not configured';
+    if (apiKey.length <= 12)
+        return `${apiKey.slice(0, 4)}…`;
+    return `${apiKey.slice(0, 8)}…${apiKey.slice(-4)}`;
+}
+function validateApiKey(apiKey) {
+    if (!API_KEY_PATTERN.test(apiKey)) {
+        throw new Error('Invalid AgentGuard API key format. Expected an ag_live_ key.');
+    }
+}
+const LOOPBACK_HOSTS = new Set(['localhost', '127.0.0.1', '::1', '0.0.0.0']);
+function normalizeCloudUrl(value) {
+    const normalized = value.replace(/\/+$/, '');
+    let parsed;
+    try {
+        parsed = new URL(normalized);
+    }
+    catch {
+        throw new Error('Invalid Cloud URL.');
+    }
+    const isLoopback = LOOPBACK_HOSTS.has(parsed.hostname);
+    if (parsed.protocol !== 'https:' && !(parsed.protocol === 'http:' && isLoopback)) {
+        throw new Error('Invalid Cloud URL. AgentGuard Cloud URLs must use https:// (http:// allowed only for loopback hosts).');
+    }
+    return normalized;
+}
+function normalizeLevel(value) {
+    return value === 'strict' || value === 'balanced' || value === 'permissive'
+        ? value
+        : null;
+}
+function chmodBestEffort(path, mode) {
+    try {
+        (0, node_fs_1.chmodSync)(path, mode);
+    }
+    catch {
+        // Best-effort hardening for platforms/filesystems that support chmod.
+    }
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":";;AA0BA,gDASC;AAED,sCAUC;AAED,oDAKC;AAED,oCAQC;AAED,gCAkBC;AAED,gCAKC;AAED,oCAWC;AAED,gCAIC;AAED,wCAIC;AAID,8CAeC;AAvID,qCAAwF;AACxF,yCAA0C;AAC1C,qCAAkC;AAqBlC,MAAM,iBAAiB,GAAG,kCAAkC,CAAC;AAC7D,MAAM,eAAe,GAAG,6BAA6B,CAAC;AAEtD,SAAgB,kBAAkB;IAChC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,aAAa,CAAC,CAAC;IAC3E,OAAO;QACL,IAAI;QACJ,UAAU,EAAE,IAAA,gBAAI,EAAC,IAAI,EAAE,aAAa,CAAC;QACrC,eAAe,EAAE,IAAA,gBAAI,EAAC,IAAI,EAAE,mBAAmB,CAAC;QAChD,SAAS,EAAE,IAAA,gBAAI,EAAC,IAAI,EAAE,aAAa,CAAC;QACpC,cAAc,EAAE,IAAA,gBAAI,EAAC,IAAI,EAAE,oBAAoB,CAAC;KACjD,CAAC;AACJ,CAAC;AAED,SAAgB,aAAa;IAC3B,MAAM,KAAK,GAAG,kBAAkB,EAAE,CAAC;IACnC,OAAO;QACL,OAAO,EAAE,CAAC;QACV,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,iBAAiB;QAC3B,eAAe,EAAE,KAAK,CAAC,eAAe;QACtC,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,cAAc,EAAE,KAAK,CAAC,cAAc;KACrC,CAAC;AACJ,CAAC;AAED,SAAgB,oBAAoB;IAClC,MAAM,KAAK,GAAG,kBAAkB,EAAE,CAAC;IACnC,IAAA,mBAAS,EAAC,KAAK,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACxD,eAAe,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACnC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAgB,YAAY;IAC1B,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAC;IACrC,IAAI,CAAC,IAAA,oBAAU,EAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;QAC/B,UAAU,CAAC,MAAM,CAAC,CAAC;QACnB,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,UAAU,EAAE,CAAC;AACtB,CAAC;AAED,SAAgB,UAAU;IACxB,MAAM,QAAQ,GAAG,aAAa,EAAE,CAAC;IACjC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,kBAAkB,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,sBAAY,EAAC,KAAK,CAAC,UAAU,EAAE,MAAM,CAAC,CAA8B,CAAC;QAC/F,OAAO;YACL,GAAG,QAAQ;YACX,GAAG,MAAM;YACT,OAAO,EAAE,CAAC;YACV,KAAK,EAAE,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,KAAK;YACrD,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,QAAQ,CAAC,QAAQ;YAC9C,eAAe,EAAE,MAAM,CAAC,eAAe,IAAI,QAAQ,CAAC,eAAe;YACnE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,QAAQ,CAAC,SAAS;YACjD,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,QAAQ,CAAC,cAAc;SACjE,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,QAAQ,CAAC;IAClB,CAAC;AACH,CAAC;AAED,SAAgB,UAAU,CAAC,MAAwB;IACjD,MAAM,KAAK,GAAG,oBAAoB,EAAE,CAAC;IACrC,IAAA,mBAAS,EAAC,IAAA,mBAAO,EAAC,KAAK,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1D,IAAA,uBAAa,EAAC,KAAK,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACzF,eAAe,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;AAC3C,CAAC;AAED,SAAgB,YAAY,CAAC,OAA8C;IACzE,MAAM,OAAO,GAAG,YAAY,EAAE,CAAC;IAC/B,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC/B,MAAM,IAAI,GAAqB;QAC7B,GAAG,OAAO;QACV,QAAQ,EAAE,iBAAiB,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,IAAI,iBAAiB,CAAC;QACtF,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACtC,CAAC;IACF,UAAU,CAAC,IAAI,CAAC,CAAC;IACjB,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAgB,UAAU,CAAC,MAAe;IACxC,IAAI,CAAC,MAAM;QAAE,OAAO,gBAAgB,CAAC;IACrC,IAAI,MAAM,CAAC,MAAM,IAAI,EAAE;QAAE,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC;IACzD,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,SAAgB,cAAc,CAAC,MAAc;IAC3C,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAC;IAClF,CAAC;AACH,CAAC;AAED,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,CAAC;AAE7E,SAAgB,iBAAiB,CAAC,KAAa;IAC7C,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC7C,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACvD,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,UAAU,CAAC,EAAE,CAAC;QACjF,MAAM,IAAI,KAAK,CACb,uGAAuG,CACxG,CAAC;IACJ,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,cAAc,CAAC,KAAc;IACpC,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,YAAY;QACzE,CAAC,CAAC,KAAK;QACP,CAAC,CAAC,IAAI,CAAC;AACX,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,IAAY;IACjD,IAAI,CAAC;QACH,IAAA,mBAAS,EAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;IACxE,CAAC;AACH,CAAC"}

package/dist/feed/selfcheck.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Self-check engine — runs a single threat-feed advisory against the locally
+ * installed skills / plugins / MCP servers and reports which artifacts match.
+ *
+ * Designed to be cheap (read-only filesystem ops, hashing only when an
+ * advisory actually asks for a hash) and never crash on a single bad artifact.
+ */
+import type { Advisory, SelfCheckResult } from './types.js';
+/**
+ * Default search locations for each ecosystem.
+ *
+ * Skill locations cover the four agent frameworks that use the agentskills.io
+ * SKILL.md standard: Claude Code, OpenClaw, Hermes Agent, Cursor (project
+ * scope only — caller can supply extra roots). MCP server locations cover
+ * Claude Code's `~/.claude.json` and Codex's `~/.codex/config.toml` install
+ * conventions, but inspection of those is config-aware and lives elsewhere.
+ */
+export declare const DEFAULT_SKILL_ROOTS: string[];
+export interface RunSelfCheckOptions {
+    /** Override the default per-ecosystem search roots. */
+    skillRoots?: string[];
+    /** Cap on hashing work: skill dirs beyond this count are skipped. */
+    maxArtifacts?: number;
+}
+/**
+ * Run one advisory against the local environment. Never throws — failures
+ * become warnings on the result so the caller can keep iterating advisories.
+ */
+export declare function runSelfCheckForAdvisory(advisory: Advisory, options?: RunSelfCheckOptions): Promise<SelfCheckResult>;
+export declare function safeRegexTest(pattern: string, body: string): boolean;
+/**
+ * Simple glob match supporting `*` as a single-segment wildcard. Sufficient
+ * for `slack-webhook-*` style advisories without pulling in a glob lib.
+ */
+export declare function globMatch(pattern: string, value: string): boolean;
+//# sourceMappingURL=selfcheck.d.ts.map

package/dist/feed/selfcheck.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"selfcheck.d.ts","sourceRoot":"","sources":["../../src/feed/selfcheck.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAOH,OAAO,KAAK,EACV,QAAQ,EAGR,eAAe,EAChB,MAAM,YAAY,CAAC;AAEpB;;;;;;;;GAQG;AACH,eAAO,MAAM,mBAAmB,UAK/B,CAAC;AAEF,MAAM,WAAW,mBAAmB;IAClC,uDAAuD;IACvD,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,qEAAqE;IACrE,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;;GAGG;AACH,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,QAAQ,EAClB,OAAO,GAAE,mBAAwB,GAChC,OAAO,CAAC,eAAe,CAAC,CAqC1B;AAgGD,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAiBpE;AAED;;;GAGG;AACH,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAOjE"}

package/dist/feed/selfcheck.js

@@ -0,0 +1,198 @@
+"use strict";
+/**
+ * Self-check engine — runs a single threat-feed advisory against the locally
+ * installed skills / plugins / MCP servers and reports which artifacts match.
+ *
+ * Designed to be cheap (read-only filesystem ops, hashing only when an
+ * advisory actually asks for a hash) and never crash on a single bad artifact.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_SKILL_ROOTS = void 0;
+exports.runSelfCheckForAdvisory = runSelfCheckForAdvisory;
+exports.safeRegexTest = safeRegexTest;
+exports.globMatch = globMatch;
+const node_fs_1 = require("node:fs");
+const promises_1 = require("node:fs/promises");
+const node_os_1 = require("node:os");
+const node_path_1 = require("node:path");
+const hash_js_1 = require("../utils/hash.js");
+/**
+ * Default search locations for each ecosystem.
+ *
+ * Skill locations cover the four agent frameworks that use the agentskills.io
+ * SKILL.md standard: Claude Code, OpenClaw, Hermes Agent, Cursor (project
+ * scope only — caller can supply extra roots). MCP server locations cover
+ * Claude Code's `~/.claude.json` and Codex's `~/.codex/config.toml` install
+ * conventions, but inspection of those is config-aware and lives elsewhere.
+ */
+exports.DEFAULT_SKILL_ROOTS = [
+    (0, node_path_1.join)((0, node_os_1.homedir)(), '.claude', 'skills'),
+    (0, node_path_1.join)((0, node_os_1.homedir)(), '.openclaw', 'skills'),
+    (0, node_path_1.join)((0, node_os_1.homedir)(), '.openclaw', 'workspace', 'skills'),
+    (0, node_path_1.join)((0, node_os_1.homedir)(), '.hermes', 'skills'),
+];
+/**
+ * Run one advisory against the local environment. Never throws — failures
+ * become warnings on the result so the caller can keep iterating advisories.
+ */
+async function runSelfCheckForAdvisory(advisory, options = {}) {
+    const startedAt = Date.now();
+    const matches = [];
+    const warnings = [];
+    if (advisory.withdrawnAt) {
+        return { advisoryId: advisory.id, matchedArtifacts: [], elapsedMs: 0, warnings };
+    }
+    if (advisory.ecosystem !== 'skill') {
+        warnings.push(`ecosystem "${advisory.ecosystem}" not implemented; only "skill" is supported in this build`);
+        return { advisoryId: advisory.id, matchedArtifacts: [], elapsedMs: Date.now() - startedAt, warnings };
+    }
+    const roots = options.skillRoots ?? exports.DEFAULT_SKILL_ROOTS;
+    const skillDirs = await listSkillDirs(roots);
+    const cap = options.maxArtifacts ?? 500;
+    const considered = skillDirs.slice(0, cap);
+    if (skillDirs.length > cap) {
+        warnings.push(`only checked first ${cap} of ${skillDirs.length} skill directories`);
+    }
+    for (const dir of considered) {
+        try {
+            const m = await matchSkillDir(dir, advisory.affected);
+            if (m)
+                matches.push(m);
+        }
+        catch (err) {
+            warnings.push(`skipped ${dir}: ${err.message}`);
+        }
+    }
+    return {
+        advisoryId: advisory.id,
+        matchedArtifacts: matches,
+        elapsedMs: Date.now() - startedAt,
+        warnings,
+    };
+}
+/** Enumerate every immediate subdirectory of `roots` that contains a SKILL.md. */
+async function listSkillDirs(roots) {
+    const found = [];
+    for (const root of roots) {
+        if (!(0, node_fs_1.existsSync)(root))
+            continue;
+        let entries;
+        try {
+            entries = await (0, promises_1.readdir)(root, { withFileTypes: true });
+        }
+        catch {
+            continue;
+        }
+        for (const entry of entries) {
+            if (!entry.isDirectory())
+                continue;
+            const skillPath = (0, node_path_1.join)(root, entry.name);
+            const manifest = (0, node_path_1.join)(skillPath, 'SKILL.md');
+            if ((0, node_fs_1.existsSync)(manifest))
+                found.push(skillPath);
+        }
+    }
+    return found;
+}
+/**
+ * Match one skill directory against an advisory's affected[] matchers.
+ * Returns the first match found (per matcher precedence: hash > regex > name).
+ * Returns null when nothing matched.
+ */
+async function matchSkillDir(skillDir, affected) {
+    const name = (0, node_path_1.basename)(skillDir);
+    const manifestPath = (0, node_path_1.join)(skillDir, 'SKILL.md');
+    // Canonical hash input: the SKILL.md content. The cloud publishes
+    // SKILL.md hashes (not directory rollups), so this is the field that
+    // must match server-side for `sha256` matchers to be meaningful.
+    let localHash = null;
+    const wantsHash = affected.some((m) => m.sha256);
+    if (wantsHash && (0, node_fs_1.existsSync)(manifestPath)) {
+        try {
+            localHash = await (0, hash_js_1.hashFile)(manifestPath);
+        }
+        catch {
+            localHash = null;
+        }
+    }
+    // Regex matching needs the manifest body — only read if some matcher asks.
+    let body = null;
+    const wantsBody = affected.some((m) => m.bodyRegex);
+    if (wantsBody) {
+        try {
+            body = await (0, promises_1.readFile)(manifestPath, 'utf8');
+            // Cap body length to keep regex evaluation bounded.
+            if (body.length > MAX_BODY_BYTES)
+                body = body.slice(0, MAX_BODY_BYTES);
+        }
+        catch {
+            body = '';
+        }
+    }
+    for (const matcher of affected) {
+        if (matcher.sha256 && localHash && matcher.sha256.toLowerCase() === localHash.toLowerCase()) {
+            return { path: skillDir, matchedBy: 'sha256', hash: localHash };
+        }
+        if (matcher.bodyRegex && body !== null) {
+            if (safeRegexTest(matcher.bodyRegex, body)) {
+                return { path: skillDir, matchedBy: 'bodyRegex' };
+            }
+        }
+        if (matcher.namePattern && globMatch(matcher.namePattern, name)) {
+            return { path: skillDir, matchedBy: 'namePattern' };
+        }
+    }
+    return null;
+}
+/**
+ * Defense against catastrophic backtracking and malformed regex coming
+ * from upstream advisory data:
+ *   - cap the pattern length
+ *   - reject patterns with obvious nested-quantifier shapes that explode
+ *     under ReDoS (e.g. `(.+)+`, `(a*)*`, `(a|a)*`)
+ *   - swallow compile errors silently (treated as "no match")
+ *
+ * Node's RegExp has no built-in timeout; the cheap-but-effective fix is
+ * to bound both the pattern and the body. We accept a slight false-negative
+ * rate over freezing on a hostile feed.
+ */
+const MAX_REGEX_LEN = 256;
+const MAX_BODY_BYTES = 256 * 1024;
+const CATASTROPHIC = [
+    /\([^)]*[+*]\)[+*]/, // nested quantifier: (x+)+
+    /\(([^|()]+\|)+\1\)[+*]/, // alternation duplicate: (a|a)*
+];
+function safeRegexTest(pattern, body) {
+    if (typeof pattern !== 'string' || pattern.length === 0)
+        return false;
+    if (pattern.length > MAX_REGEX_LEN)
+        return false;
+    for (const danger of CATASTROPHIC) {
+        if (danger.test(pattern))
+            return false;
+    }
+    let re;
+    try {
+        re = new RegExp(pattern);
+    }
+    catch {
+        return false;
+    }
+    try {
+        return re.test(body);
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Simple glob match supporting `*` as a single-segment wildcard. Sufficient
+ * for `slack-webhook-*` style advisories without pulling in a glob lib.
+ */
+function globMatch(pattern, value) {
+    const re = new RegExp('^' +
+        pattern.replace(/[.+^${}()|[\]\\]/g, '\\$&').replace(/\*/g, '[^/]*') +
+        '$');
+    return re.test(value);
+}
+//# sourceMappingURL=selfcheck.js.map

package/dist/feed/selfcheck.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"selfcheck.js","sourceRoot":"","sources":["../../src/feed/selfcheck.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAyCH,0DAwCC;AAgGD,sCAiBC;AAMD,8BAOC;AA7MD,qCAAqC;AACrC,+CAAqD;AACrD,qCAAkC;AAClC,yCAA2C;AAC3C,8CAA4C;AAQ5C;;;;;;;;GAQG;AACU,QAAA,mBAAmB,GAAG;IACjC,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,SAAS,EAAE,QAAQ,CAAC;IACpC,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,WAAW,EAAE,QAAQ,CAAC;IACtC,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,WAAW,EAAE,WAAW,EAAE,QAAQ,CAAC;IACnD,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,SAAS,EAAE,QAAQ,CAAC;CACrC,CAAC;AASF;;;GAGG;AACI,KAAK,UAAU,uBAAuB,CAC3C,QAAkB,EAClB,UAA+B,EAAE;IAEjC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAqB,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;QACzB,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,EAAE,EAAE,gBAAgB,EAAE,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC;IACnF,CAAC;IAED,IAAI,QAAQ,CAAC,SAAS,KAAK,OAAO,EAAE,CAAC;QACnC,QAAQ,CAAC,IAAI,CAAC,cAAc,QAAQ,CAAC,SAAS,4DAA4D,CAAC,CAAC;QAC5G,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,EAAE,EAAE,gBAAgB,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,EAAE,QAAQ,EAAE,CAAC;IACxG,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,IAAI,2BAAmB,CAAC;IACxD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,GAAG,GAAG,OAAO,CAAC,YAAY,IAAI,GAAG,CAAC;IACxC,MAAM,UAAU,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC3C,IAAI,SAAS,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC,sBAAsB,GAAG,OAAO,SAAS,CAAC,MAAM,oBAAoB,CAAC,CAAC;IACtF,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,MAAM,aAAa,CAAC,GAAG,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACtD,IAAI,CAAC;gBAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACzB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,IAAI,CAAC,WAAW,GAAG,KAAM,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU,EAAE,QAAQ,CAAC,EAAE;QACvB,gBAAgB,EAAE,OAAO;QACzB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;QACjC,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,kFAAkF;AAClF,KAAK,UAAU,aAAa,CAAC,KAAe;IAC1C,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,IAAA,oBAAU,EAAC,IAAI,CAAC;YAAE,SAAS;QAChC,IAAI,OAAO,CAAC;QACZ,IAAI,CAAC;YACH,OAAO,GAAG,MAAM,IAAA,kBAAO,EAAC,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;gBAAE,SAAS;YACnC,MAAM,SAAS,GAAG,IAAA,gBAAI,EAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YACzC,MAAM,QAAQ,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,UAAU,CAAC,CAAC;YAC7C,IAAI,IAAA,oBAAU,EAAC,QAAQ,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,aAAa,CAC1B,QAAgB,EAChB,QAA4B;IAE5B,MAAM,IAAI,GAAG,IAAA,oBAAQ,EAAC,QAAQ,CAAC,CAAC;IAChC,MAAM,YAAY,GAAG,IAAA,gBAAI,EAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAEhD,kEAAkE;IAClE,qEAAqE;IACrE,iEAAiE;IACjE,IAAI,SAAS,GAAkB,IAAI,CAAC;IACpC,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACjD,IAAI,SAAS,IAAI,IAAA,oBAAU,EAAC,YAAY,CAAC,EAAE,CAAC;QAC1C,IAAI,CAAC;YACH,SAAS,GAAG,MAAM,IAAA,kBAAQ,EAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,SAAS,GAAG,IAAI,CAAC;QACnB,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,IAAI,IAAI,GAAkB,IAAI,CAAC;IAC/B,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IACpD,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,IAAA,mBAAQ,EAAC,YAAY,EAAE,MAAM,CAAC,CAAC;YAC5C,oDAAoD;YACpD,IAAI,IAAI,CAAC,MAAM,GAAG,cAAc;gBAAE,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC;QACzE,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,GAAG,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,CAAC,MAAM,IAAI,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC;YAC5F,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;QAClE,CAAC;QACD,IAAI,OAAO,CAAC,SAAS,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YACvC,IAAI,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,EAAE,CAAC;gBAC3C,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC;YACpD,CAAC;QACH,CAAC;QACD,IAAI,OAAO,CAAC,WAAW,IAAI,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE,CAAC;YAChE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC;QACtD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,aAAa,GAAG,GAAG,CAAC;AAC1B,MAAM,cAAc,GAAG,GAAG,GAAG,IAAI,CAAC;AAClC,MAAM,YAAY,GAAG;IACnB,mBAAmB,EAAE,2BAA2B;IAChD,wBAAwB,EAAE,gCAAgC;CAC3D,CAAC;AAEF,SAAgB,aAAa,CAAC,OAAe,EAAE,IAAY;IACzD,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACtE,IAAI,OAAO,CAAC,MAAM,GAAG,aAAa;QAAE,OAAO,KAAK,CAAC;IACjD,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;QAClC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO,KAAK,CAAC;IACzC,CAAC;IACD,IAAI,EAAU,CAAC;IACf,IAAI,CAAC;QACH,EAAE,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,SAAS,CAAC,OAAe,EAAE,KAAa;IACtD,MAAM,EAAE,GAAG,IAAI,MAAM,CACnB,GAAG;QACD,OAAO,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC;QACpE,GAAG,CACN,CAAC;IACF,OAAO,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACxB,CAAC"}

package/dist/feed/state.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Local feed-subscription state I/O.
+ *
+ * Persisted at `~/.agentguard/feed-state.json` so the `subscribe` command
+ * doesn't re-process the same advisory across invocations / cron ticks.
+ *
+ * Kept tiny (single JSON object) on purpose — bigger ledgers go through the
+ * audit log path, not here.
+ */
+import type { FeedState } from './types.js';
+export declare function loadFeedState(): FeedState;
+export declare function saveFeedState(state: FeedState): void;
+export declare function markAdvisorySeen(state: FeedState, advisoryId: string): FeedState;
+//# sourceMappingURL=state.d.ts.map

package/dist/feed/state.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../src/feed/state.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAQ5C,wBAAgB,aAAa,IAAI,SAAS,CAezC;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,SAAS,GAAG,IAAI,CAQpD;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,GAAG,SAAS,CAOhF"}

package/dist/feed/state.js

@@ -0,0 +1,57 @@
+"use strict";
+/**
+ * Local feed-subscription state I/O.
+ *
+ * Persisted at `~/.agentguard/feed-state.json` so the `subscribe` command
+ * doesn't re-process the same advisory across invocations / cron ticks.
+ *
+ * Kept tiny (single JSON object) on purpose — bigger ledgers go through the
+ * audit log path, not here.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadFeedState = loadFeedState;
+exports.saveFeedState = saveFeedState;
+exports.markAdvisorySeen = markAdvisorySeen;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const config_js_1 = require("../config.js");
+const SEEN_ID_LIMIT = 1000;
+function statePath() {
+    return (0, node_path_1.join)((0, config_js_1.getAgentGuardPaths)().home, 'feed-state.json');
+}
+function loadFeedState() {
+    const file = statePath();
+    if (!(0, node_fs_1.existsSync)(file))
+        return {};
+    try {
+        const raw = (0, node_fs_1.readFileSync)(file, 'utf8');
+        const parsed = JSON.parse(raw);
+        return {
+            lastPulledAt: parsed.lastPulledAt,
+            seenAdvisoryIds: parsed.seenAdvisoryIds ?? [],
+        };
+    }
+    catch {
+        // Corrupt state file: pretend it's empty rather than crash. The next
+        // successful subscribe will overwrite it.
+        return {};
+    }
+}
+function saveFeedState(state) {
+    const file = statePath();
+    (0, node_fs_1.mkdirSync)((0, node_path_1.dirname)(file), { recursive: true });
+    const trimmed = {
+        lastPulledAt: state.lastPulledAt,
+        seenAdvisoryIds: (state.seenAdvisoryIds ?? []).slice(-SEEN_ID_LIMIT),
+    };
+    (0, node_fs_1.writeFileSync)(file, `${JSON.stringify(trimmed, null, 2)}\n`, { mode: 0o600 });
+}
+function markAdvisorySeen(state, advisoryId) {
+    const set = new Set(state.seenAdvisoryIds ?? []);
+    set.add(advisoryId);
+    return {
+        ...state,
+        seenAdvisoryIds: [...set],
+    };
+}
+//# sourceMappingURL=state.js.map

package/dist/feed/state.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"state.js","sourceRoot":"","sources":["../../src/feed/state.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AAaH,sCAeC;AAED,sCAQC;AAED,4CAOC;AA7CD,qCAA6E;AAC7E,yCAA0C;AAC1C,4CAAkD;AAGlD,MAAM,aAAa,GAAG,IAAI,CAAC;AAE3B,SAAS,SAAS;IAChB,OAAO,IAAA,gBAAI,EAAC,IAAA,8BAAkB,GAAE,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;AAC5D,CAAC;AAED,SAAgB,aAAa;IAC3B,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,IAAI,CAAC,IAAA,oBAAU,EAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAA,sBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAuB,CAAC;QACrD,OAAO;YACL,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,eAAe,EAAE,MAAM,CAAC,eAAe,IAAI,EAAE;SAC9C,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,qEAAqE;QACrE,0CAA0C;QAC1C,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAgB,aAAa,CAAC,KAAgB;IAC5C,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,IAAA,mBAAS,EAAC,IAAA,mBAAO,EAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAc;QACzB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,eAAe,EAAE,CAAC,KAAK,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,aAAa,CAAC;KACrE,CAAC;IACF,IAAA,uBAAa,EAAC,IAAI,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AAChF,CAAC;AAED,SAAgB,gBAAgB,CAAC,KAAgB,EAAE,UAAkB;IACnE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC;IACjD,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACpB,OAAO;QACL,GAAG,KAAK;QACR,eAAe,EAAE,CAAC,GAAG,GAAG,CAAC;KAC1B,CAAC;AACJ,CAAC"}

package/dist/feed/types.d.ts

@@ -0,0 +1,102 @@
+/**
+ * Threat-feed advisory types.
+ *
+ * AgentGuard Cloud publishes `Advisory` objects describing newly discovered
+ * supply-chain threats (malicious skills, rugged MCP servers, prompt-injection
+ * patterns in popular plugins). Subscribing local guards pull the feed,
+ * run a targeted self-check, and report back which local artifacts matched.
+ *
+ * Schema intentionally mirrors the OSV.dev advisory shape (signed JSON over
+ * HTTPS, `affected[]` array of identifier matchers) so the feed can later be
+ * federated with OSV and OSS Insight.
+ */
+/** Supply-chain ecosystem an advisory targets. */
+export type AdvisoryEcosystem = 'skill' | 'plugin' | 'mcp_server';
+export type AdvisorySeverity = 'low' | 'medium' | 'high' | 'critical';
+/**
+ * One matcher inside `Advisory.affected[]`. A local artifact matches the
+ * advisory if ANY matcher matches. A matcher matches if ALL of its fields
+ * that are set match the artifact (so name + hash narrows the match).
+ */
+export interface AdvisoryAffected {
+    /**
+     * Glob-ish name pattern matched against the skill's `name` field or the
+     * containing directory name. Supports `*` as a single-segment wildcard.
+     * Example: `slack-webhook-*`.
+     */
+    namePattern?: string;
+    /**
+     * Specific SHA-256 hash (hex, lowercase) of the artifact's content
+     * (a directory hash for skill dirs, file hash for single-file artifacts).
+     * Exact match.
+     */
+    sha256?: string;
+    /**
+     * Optional semver range. Reserved for future use — current matchers
+     * ignore version unless explicitly set. Tools should treat unknown ranges
+     * as "match any version" rather than fail closed.
+     */
+    versionRange?: string;
+    /**
+     * Optional regex applied to the textual body of `SKILL.md` (or the file
+     * contents for non-skill artifacts). Use this when the threat manifests as
+     * a code/text pattern rather than a known hash.
+     */
+    bodyRegex?: string;
+}
+export interface Advisory {
+    /** Stable identifier, e.g. `AGS-2026-0042`. */
+    id: string;
+    ecosystem: AdvisoryEcosystem;
+    severity: AdvisorySeverity;
+    /** Short headline. <= 120 chars. */
+    summary: string;
+    /** Long-form markdown body. May include remediation steps. */
+    detailsMd: string;
+    /** Matchers — local artifact matches the advisory if ANY entry matches. */
+    affected: AdvisoryAffected[];
+    /** ISO-8601 timestamp when published. */
+    publishedAt: string;
+    /** Optional withdrawal timestamp — if set, the advisory was retracted. */
+    withdrawnAt?: string | null;
+    /**
+     * Optional HMAC-SHA256 hex signature of the canonical JSON payload, signed
+     * with the cloud's per-publisher key. Subscribers can verify integrity if
+     * they have the verifier key. Empty when the cloud doesn't sign yet.
+     */
+    signature?: string;
+    /** External references — Snyk, NVD, GHSA, blog posts. */
+    references?: string[];
+}
+/**
+ * Local feed-subscription state. Persisted between `subscribe` runs so the
+ * client doesn't re-process advisories it has already seen.
+ */
+export interface FeedState {
+    /** ISO-8601 timestamp of the latest advisory `publishedAt` we've processed. */
+    lastPulledAt?: string;
+    /** Stable IDs of advisories already evaluated; bounded LRU. */
+    seenAdvisoryIds?: string[];
+}
+/**
+ * Result of running a single advisory's checks against the local environment.
+ */
+export interface SelfCheckResult {
+    advisoryId: string;
+    /** Always populated, even when empty (means "we checked, nothing matched"). */
+    matchedArtifacts: SelfCheckMatch[];
+    /** Wall-clock duration in milliseconds. */
+    elapsedMs: number;
+    /** Errors per-matcher that prevented a definitive answer. Non-fatal. */
+    warnings: string[];
+}
+export interface SelfCheckMatch {
+    /** Local path to the matched artifact (skill dir / file). Redaction is the
+     *  caller's responsibility before reporting upstream. */
+    path: string;
+    /** Which matcher hit. Useful for explaining "why" to the user. */
+    matchedBy: 'namePattern' | 'sha256' | 'bodyRegex';
+    /** When matched by hash, this is the local hash that equalled the advisory's. */
+    hash?: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/feed/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/feed/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,kDAAkD;AAClD,MAAM,MAAM,iBAAiB,GAAG,OAAO,GAAG,QAAQ,GAAG,YAAY,CAAC;AAElE,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAEtE;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;OAIG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;OAIG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,QAAQ;IACvB,+CAA+C;IAC/C,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,iBAAiB,CAAC;IAC7B,QAAQ,EAAE,gBAAgB,CAAC;IAC3B,oCAAoC;IACpC,OAAO,EAAE,MAAM,CAAC;IAChB,8DAA8D;IAC9D,SAAS,EAAE,MAAM,CAAC;IAClB,2EAA2E;IAC3E,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAC7B,yCAAyC;IACzC,WAAW,EAAE,MAAM,CAAC;IACpB,0EAA0E;IAC1E,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B;;;;OAIG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,yDAAyD;IACzD,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AAED;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,+EAA+E;IAC/E,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,+DAA+D;IAC/D,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,+EAA+E;IAC/E,gBAAgB,EAAE,cAAc,EAAE,CAAC;IACnC,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,wEAAwE;IACxE,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B;6DACyD;IACzD,IAAI,EAAE,MAAM,CAAC;IACb,kEAAkE;IAClE,SAAS,EAAE,aAAa,GAAG,QAAQ,GAAG,WAAW,CAAC;IAClD,iFAAiF;IACjF,IAAI,CAAC,EAAE,MAAM,CAAC;CACf"}

package/dist/feed/types.js

@@ -0,0 +1,15 @@
+"use strict";
+/**
+ * Threat-feed advisory types.
+ *
+ * AgentGuard Cloud publishes `Advisory` objects describing newly discovered
+ * supply-chain threats (malicious skills, rugged MCP servers, prompt-injection
+ * patterns in popular plugins). Subscribing local guards pull the feed,
+ * run a targeted self-check, and report back which local artifacts matched.
+ *
+ * Schema intentionally mirrors the OSV.dev advisory shape (signed JSON over
+ * HTTPS, `affected[]` array of identifier matchers) so the feed can later be
+ * federated with OSV and OSS Insight.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/feed/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/feed/types.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG"}

package/dist/index.d.ts

@@ -13,6 +13,13 @@ export { ActionScanner, GoPlusClient, type ActionScannerOptions, } from './actio
 export { DEFAULT_POLICIES, RESTRICTIVE_CAPABILITY, PERMISSIVE_CAPABILITY, CAPABILITY_PRESETS, type PolicyConfig, } from './policy/default.js';
 export { containsSensitiveData, maskSensitiveData, extractDomain, isDomainAllowed, SENSITIVE_PATTERNS, } from './utils/patterns.js';
 export { ClaudeCodeAdapter, OpenClawAdapter, evaluateHook, registerOpenClawPlugin, loadConfig, type HookAdapter, type HookInput, type HookOutput, type EngineOptions, } from './adapters/index.js';
+export { ensureConfig, loadConfig as loadAgentGuardConfig, saveConfig as saveAgentGuardConfig, connectCloud, getAgentGuardPaths, type AgentGuardConfig, } from './config.js';
+export { AgentGuardCloudClient } from './cloud/client.js';
+export { evaluateLocalAction } from './runtime/evaluator.js';
+export { protectAction, formatProtectResult, exitCodeForDecision, type ProtectOptions, type ProtectResult, } from './runtime/protect.js';
+export { redactText, redactPreview, redactReasons } from './runtime/redaction.js';
+export { getDefaultEffectiveRuntimePolicy, loadCachedPolicy, saveCachedPolicy, resolveRuntimePolicy, } from './runtime/policy.js';
+export type { EffectiveRuntimePolicy, RuntimeAction, RuntimeDecision, RuntimeAuditEvent, RuntimeActionType, RuntimeAgentHost, CloudPolicyDecision, } from './runtime/types.js';
 import { SkillScanner } from './scanner/index.js';
 import { SkillRegistry } from './registry/index.js';
 import { ActionScanner } from './action/index.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,YAAY,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,EACL,aAAa,EACb,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,aAAa,EACb,YAAY,EACZ,KAAK,oBAAoB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,qBAAqB,EACrB,kBAAkB,EAClB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,YAAY,EACZ,sBAAsB,EACtB,UAAU,EACV,KAAK,WAAW,EAChB,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,aAAa,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE;IACzC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,8EAA8E;IAC9E,mBAAmB,CAAC,EAAE,eAAe,CAAC;CACvC;;;;EAmBA;AAGD,eAAe,gBAAgB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,YAAY,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,EACL,aAAa,EACb,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,aAAa,EACb,YAAY,EACZ,KAAK,oBAAoB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,qBAAqB,EACrB,kBAAkB,EAClB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,YAAY,EACZ,sBAAsB,EACtB,UAAU,EACV,KAAK,WAAW,EAChB,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,aAAa,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,YAAY,EACZ,UAAU,IAAI,oBAAoB,EAClC,UAAU,IAAI,oBAAoB,EAClC,YAAY,EACZ,kBAAkB,EAClB,KAAK,gBAAgB,GACtB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,mBAAmB,EACnB,KAAK,cAAc,EACnB,KAAK,aAAa,GACnB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAClF,OAAO,EACL,gCAAgC,EAChC,gBAAgB,EAChB,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAC7B,YAAY,EACV,sBAAsB,EACtB,aAAa,EACb,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,gBAAgB,EAChB,mBAAmB,GACpB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE;IACzC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,8EAA8E;IAC9E,mBAAmB,CAAC,EAAE,eAAe,CAAC;CACvC;;;;EAmBA;AAGD,eAAe,gBAAgB,CAAC"}