@guardion/guardion 0.3.0 → 0.4.1

package/dist/core/mcp-protect.d.ts

@@ -0,0 +1,69 @@
+export interface McpServerCfg {
+    command?: string;
+    args?: string[];
+    env?: Record<string, string>;
+    url?: string;
+    type?: string;
+    headers?: Record<string, string>;
+    [k: string]: unknown;
+}
+/** npm package that ships the `guardion mcp` wrapper (used in the injected npx prefix). */
+export declare const NPX_PKG = "@guardion/guardion";
+/** Absolute path to the interposer script (lives beside this core module; dist mirrors source). */
+export declare function interposerPath(): string;
+/** Known agent-app MCP config locations (existing ones are acted on). */
+export declare function knownAppConfigs(home?: string, cwd?: string): Array<{
+    app: string;
+    path: string;
+}>;
+/** The key under which a given config object holds its MCP servers. */
+export declare function serversKey(obj: any): 'mcpServers' | 'servers' | null;
+/** True if a server entry is already pointing at our wrapper (idempotency). Detects
+ *  both the npx form (`npx -y @guardion/guardion mcp …`) and the local node form. */
+export declare function isWrapped(cfg: McpServerCfg, interposer?: string): boolean;
+/** Pick the interposer transport for a URL server: legacy SSE vs streamable HTTP. */
+export declare function urlTransport(cfg: McpServerCfg): 'sse_bridge' | 'http_forward';
+export interface WrapOpts {
+    /** DLP mode baked into the prefix: dlp (default) | enforce | monitor */
+    mode?: string;
+    /** Optional policy slug for this server */
+    policy?: string;
+    /** Dev: inject `node <abs>/mcp-interpose.cjs` instead of the npx form */
+    local?: boolean;
+    nodeBin?: string;
+    interposer?: string;
+}
+/** Wrap one MCP server config so the host launches `guardion mcp` + the real server.
+ *  By default the prefix is the npx form (`npx -y @guardion/guardion mcp …`) so no
+ *  global install is needed; `--local` injects the repo's interposer directly. stdio
+ *  servers keep the `-- cmd args` form; URL servers bridge over http_forward / sse_bridge
+ *  so they get the same governance instead of being skipped. */
+export declare function wrapServer(name: string, original: McpServerCfg, opts?: WrapOpts): McpServerCfg;
+export interface RewriteResult {
+    obj: any;
+    wrapped: string[];
+    skipped: string[];
+}
+/** Pure: rewrite all MCP servers in a parsed config object. Both stdio (command)
+ *  and URL (http/sse) servers are wrapped — URL servers bridge through the
+ *  interposer over http_forward / sse_bridge. Idempotent. */
+export declare function rewriteServers(obj: any, opts?: WrapOpts): RewriteResult;
+/** Restore a config object: unwrap any interposer-wrapped servers back to original. */
+export declare function unwrapServers(obj: any, interposer?: string): RewriteResult;
+export interface ProtectFileResult {
+    app: string;
+    path: string;
+    wrapped: string[];
+    skipped: string[];
+    error?: string;
+}
+/** Protect a single config file (backup + rewrite). Best-effort; never throws. */
+export declare function protectFile(app: string, file: string, dryRun?: boolean, opts?: WrapOpts): ProtectFileResult;
+/** Revert a single config file from its backup (or unwrap in place). */
+export declare function revertFile(app: string, file: string): ProtectFileResult;
+/** Protect (or --revert) every discovered agent-app MCP config. */
+export declare function protectAll(opts?: {
+    revert?: boolean;
+    dryRun?: boolean;
+} & WrapOpts): ProtectFileResult[];
+//# sourceMappingURL=mcp-protect.d.ts.map

package/dist/core/mcp-protect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-protect.d.ts","sourceRoot":"","sources":["../../core/mcp-protect.ts"],"names":[],"mappings":"AAWA,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChE,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9D,CAAC,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACtB;AAED,2FAA2F;AAC3F,eAAO,MAAM,OAAO,uBAAuB,CAAC;AAE5C,mGAAmG;AACnG,wBAAgB,cAAc,IAAI,MAAM,CAEvC;AAED,yEAAyE;AACzE,wBAAgB,eAAe,CAAC,IAAI,SAAe,EAAE,GAAG,SAAgB,GAAG,KAAK,CAAC;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CAY9G;AAED,uEAAuE;AACvE,wBAAgB,UAAU,CAAC,GAAG,EAAE,GAAG,GAAG,YAAY,GAAG,SAAS,GAAG,IAAI,CAIpE;AAED;qFACqF;AACrF,wBAAgB,SAAS,CAAC,GAAG,EAAE,YAAY,EAAE,UAAU,SAAmB,GAAG,OAAO,CAKnF;AAED,qFAAqF;AACrF,wBAAgB,YAAY,CAAC,GAAG,EAAE,YAAY,GAAG,YAAY,GAAG,cAAc,CAK7E;AAUD,MAAM,WAAW,QAAQ;IACvB,wEAAwE;IACxE,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,2CAA2C;IAC3C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;gEAIgE;AAChE,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,GAAE,QAAa,GAAG,YAAY,CAalG;AAED,MAAM,WAAW,aAAa;IAAG,GAAG,EAAE,GAAG,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAA;CAAE;AAEjF;;6DAE6D;AAC7D,wBAAgB,cAAc,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,GAAE,QAAa,GAAG,aAAa,CAc3E;AAED,uFAAuF;AACvF,wBAAgB,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,UAAU,SAAmB,GAAG,aAAa,CA+BpF;AAID,MAAM,WAAW,iBAAiB;IAAG,GAAG,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE;AAEtH,kFAAkF;AAClF,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,UAAQ,EAAE,IAAI,GAAE,QAAa,GAAG,iBAAiB,CAa7G;AAED,wEAAwE;AACxE,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,iBAAiB,CAevE;AAED,mEAAmE;AACnE,wBAAgB,UAAU,CACxB,IAAI,GAAE;IAAE,MAAM,CAAC,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,QAAa,GAC3D,iBAAiB,EAAE,CAIrB"}

package/dist/core/mcp-protect.js

@@ -0,0 +1,205 @@
+// `guardion mcp-protect` — universal MCP interposition install. Discovers the MCP
+// config of every agent app on this machine (Claude Desktop, ChatGPT Desktop,
+// Cursor, Cline, Windsurf, VS Code, Claude Code, project .mcp.json) and rewrites
+// each stdio MCP server so the host launches the Guardion interposer
+// (hooks/mcp-interpose.cjs) wrapping the real server — so every MCP tool
+// input/output is scanned for ANY host, no per-app hook required.
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+/** npm package that ships the `guardion mcp` wrapper (used in the injected npx prefix). */
+export const NPX_PKG = '@guardion/guardion';
+/** Absolute path to the interposer script (lives beside this core module; dist mirrors source). */
+export function interposerPath() {
+    return path.resolve(path.dirname(fileURLToPath(import.meta.url)), 'mcp-interpose.cjs');
+}
+/** Known agent-app MCP config locations (existing ones are acted on). */
+export function knownAppConfigs(home = os.homedir(), cwd = process.cwd()) {
+    const appSup = path.join(home, 'Library', 'Application Support'); // macOS
+    return [
+        { app: 'Claude Desktop', path: path.join(appSup, 'Claude', 'claude_desktop_config.json') },
+        { app: 'ChatGPT Desktop', path: path.join(appSup, 'ChatGPT', 'mcp.json') },
+        { app: 'Cursor', path: path.join(home, '.cursor', 'mcp.json') },
+        { app: 'Windsurf', path: path.join(home, '.codeium', 'windsurf', 'mcp_config.json') },
+        { app: 'Cline', path: path.join(appSup, 'Code', 'User', 'globalStorage', 'saoudrizwan.claude-dev', 'settings', 'cline_mcp_settings.json') },
+        { app: 'Claude Code', path: path.join(home, '.claude.json') },
+        { app: 'VS Code (project)', path: path.join(cwd, '.vscode', 'mcp.json') },
+        { app: 'Project .mcp.json', path: path.join(cwd, '.mcp.json') },
+    ];
+}
+/** The key under which a given config object holds its MCP servers. */
+export function serversKey(obj) {
+    if (obj && typeof obj.mcpServers === 'object')
+        return 'mcpServers';
+    if (obj && typeof obj.servers === 'object')
+        return 'servers';
+    return null;
+}
+/** True if a server entry is already pointing at our wrapper (idempotency). Detects
+ *  both the npx form (`npx -y @guardion/guardion mcp …`) and the local node form. */
+export function isWrapped(cfg, interposer = interposerPath()) {
+    if (!cfg || !Array.isArray(cfg.args))
+        return false;
+    return cfg.args.includes(interposer)
+        || cfg.args.includes(NPX_PKG)
+        || cfg.args.some((a) => typeof a === 'string' && a.endsWith('mcp-interpose.cjs'));
+}
+/** Pick the interposer transport for a URL server: legacy SSE vs streamable HTTP. */
+export function urlTransport(cfg) {
+    const t = String(cfg.type || '').toLowerCase();
+    const url = String(cfg.url || '');
+    if (t === 'sse' || /\/sse(\b|\/|\?|$)/.test(url))
+        return 'sse_bridge';
+    return 'http_forward';
+}
+/** Header config (object) → repeated `--header 'K: V'` interposer flags. */
+function headerFlags(headers) {
+    if (!headers || typeof headers !== 'object')
+        return [];
+    const out = [];
+    for (const [k, v] of Object.entries(headers))
+        out.push('--header', `${k}: ${v}`);
+    return out;
+}
+/** Wrap one MCP server config so the host launches `guardion mcp` + the real server.
+ *  By default the prefix is the npx form (`npx -y @guardion/guardion mcp …`) so no
+ *  global install is needed; `--local` injects the repo's interposer directly. stdio
+ *  servers keep the `-- cmd args` form; URL servers bridge over http_forward / sse_bridge
+ *  so they get the same governance instead of being skipped. */
+export function wrapServer(name, original, opts = {}) {
+    const mode = opts.mode || 'dlp';
+    const wrapArgs = ['--mode', mode, '--server', name];
+    if (opts.policy)
+        wrapArgs.push('--policy', opts.policy);
+    if (original.url) {
+        wrapArgs.push('--transport', urlTransport(original), '--url', String(original.url), ...headerFlags(original.headers));
+    }
+    else {
+        wrapArgs.push('--', original.command, ...(original.args || []));
+    }
+    const launch = opts.local
+        ? { command: opts.nodeBin || process.execPath, args: [opts.interposer || interposerPath(), ...wrapArgs] }
+        : { command: 'npx', args: ['-y', NPX_PKG, 'mcp', ...wrapArgs] };
+    return { ...launch, ...(original.env ? { env: original.env } : {}) };
+}
+/** Pure: rewrite all MCP servers in a parsed config object. Both stdio (command)
+ *  and URL (http/sse) servers are wrapped — URL servers bridge through the
+ *  interposer over http_forward / sse_bridge. Idempotent. */
+export function rewriteServers(obj, opts = {}) {
+    const key = serversKey(obj);
+    const wrapped = [];
+    const skipped = [];
+    if (!key)
+        return { obj, wrapped, skipped };
+    const servers = obj[key];
+    const out = {};
+    for (const [name, cfg] of Object.entries(servers)) {
+        if (!cfg || typeof cfg !== 'object') {
+            out[name] = cfg;
+            continue;
+        }
+        if (isWrapped(cfg)) {
+            out[name] = cfg;
+            continue;
+        } // already protected
+        if (!cfg.command && !cfg.url) {
+            out[name] = cfg;
+            skipped.push(name);
+            continue;
+        }
+        out[name] = wrapServer(name, cfg, opts);
+        wrapped.push(name);
+    }
+    return { obj: { ...obj, [key]: out }, wrapped, skipped };
+}
+/** Restore a config object: unwrap any interposer-wrapped servers back to original. */
+export function unwrapServers(obj, interposer = interposerPath()) {
+    const key = serversKey(obj);
+    const wrapped = [];
+    const skipped = [];
+    if (!key)
+        return { obj, wrapped, skipped };
+    const servers = obj[key];
+    const out = {};
+    for (const [name, cfg] of Object.entries(servers)) {
+        if (isWrapped(cfg, interposer)) {
+            const a = cfg.args || [];
+            const urlIdx = a.indexOf('--url');
+            if (urlIdx >= 0) { // URL server (http_forward / sse_bridge)
+                const tIdx = a.indexOf('--transport');
+                const kind = tIdx >= 0 ? a[tIdx + 1] : 'http_forward';
+                const headers = {};
+                for (let j = 0; j < a.length - 1; j++) {
+                    if (a[j] === '--header') {
+                        const h = a[j + 1];
+                        const c = h.indexOf(':');
+                        if (c > 0)
+                            headers[h.slice(0, c).trim()] = h.slice(c + 1).trim();
+                    }
+                }
+                out[name] = {
+                    type: kind === 'sse_bridge' ? 'sse' : 'http', url: a[urlIdx + 1],
+                    ...(Object.keys(headers).length ? { headers } : {}),
+                    ...(cfg.env ? { env: cfg.env } : {}),
+                };
+            }
+            else { // stdio server
+                const i = a.indexOf('--');
+                const realArgs = i >= 0 ? a.slice(i + 1) : [];
+                out[name] = { command: realArgs[0], ...(realArgs.length > 1 ? { args: realArgs.slice(1) } : {}), ...(cfg.env ? { env: cfg.env } : {}) };
+            }
+            wrapped.push(name);
+        }
+        else {
+            out[name] = cfg;
+        }
+    }
+    return { obj: { ...obj, [key]: out }, wrapped, skipped };
+}
+const BACKUP = '.guardion.bak';
+/** Protect a single config file (backup + rewrite). Best-effort; never throws. */
+export function protectFile(app, file, dryRun = false, opts = {}) {
+    try {
+        if (!fs.existsSync(file))
+            return { app, path: file, wrapped: [], skipped: [], error: 'not found' };
+        const obj = JSON.parse(fs.readFileSync(file, 'utf8'));
+        const { obj: next, wrapped, skipped } = rewriteServers(obj, opts);
+        if (wrapped.length && !dryRun) {
+            if (!fs.existsSync(file + BACKUP))
+                fs.copyFileSync(file, file + BACKUP);
+            fs.writeFileSync(file, JSON.stringify(next, null, 2) + '\n');
+        }
+        return { app, path: file, wrapped, skipped };
+    }
+    catch (e) {
+        return { app, path: file, wrapped: [], skipped: [], error: e.message };
+    }
+}
+/** Revert a single config file from its backup (or unwrap in place). */
+export function revertFile(app, file) {
+    try {
+        if (fs.existsSync(file + BACKUP)) {
+            fs.copyFileSync(file + BACKUP, file);
+            fs.unlinkSync(file + BACKUP);
+            return { app, path: file, wrapped: ['(restored from backup)'], skipped: [] };
+        }
+        if (!fs.existsSync(file))
+            return { app, path: file, wrapped: [], skipped: [], error: 'not found' };
+        const obj = JSON.parse(fs.readFileSync(file, 'utf8'));
+        const { obj: next, wrapped } = unwrapServers(obj);
+        if (wrapped.length)
+            fs.writeFileSync(file, JSON.stringify(next, null, 2) + '\n');
+        return { app, path: file, wrapped, skipped: [] };
+    }
+    catch (e) {
+        return { app, path: file, wrapped: [], skipped: [], error: e.message };
+    }
+}
+/** Protect (or --revert) every discovered agent-app MCP config. */
+export function protectAll(opts = {}) {
+    return knownAppConfigs()
+        .filter((c) => fs.existsSync(c.path))
+        .map((c) => (opts.revert ? revertFile(c.app, c.path) : protectFile(c.app, c.path, opts.dryRun, opts)));
+}
+//# sourceMappingURL=mcp-protect.js.map

package/dist/core/mcp-protect.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-protect.js","sourceRoot":"","sources":["../../core/mcp-protect.ts"],"names":[],"mappings":"AAAA,kFAAkF;AAClF,8EAA8E;AAC9E,iFAAiF;AACjF,qEAAqE;AACrE,yEAAyE;AACzE,kEAAkE;AAClE,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAQzC,2FAA2F;AAC3F,MAAM,CAAC,MAAM,OAAO,GAAG,oBAAoB,CAAC;AAE5C,mGAAmG;AACnG,MAAM,UAAU,cAAc;IAC5B,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,mBAAmB,CAAC,CAAC;AACzF,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,eAAe,CAAC,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,EAAE,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE;IACtE,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,qBAAqB,CAAC,CAAC,CAAC,QAAQ;IAC1E,OAAO;QACL,EAAE,GAAG,EAAE,gBAAgB,EAAG,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,4BAA4B,CAAC,EAAE;QAC3F,EAAE,GAAG,EAAE,iBAAiB,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE;QAC1E,EAAE,GAAG,EAAE,QAAQ,EAAW,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE;QACxE,EAAE,GAAG,EAAE,UAAU,EAAS,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,iBAAiB,CAAC,EAAE;QAC5F,EAAE,GAAG,EAAE,OAAO,EAAY,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,wBAAwB,EAAE,UAAU,EAAE,yBAAyB,CAAC,EAAE;QACrJ,EAAE,GAAG,EAAE,aAAa,EAAM,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,EAAE;QACjE,EAAE,GAAG,EAAE,mBAAmB,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE;QACzE,EAAE,GAAG,EAAE,mBAAmB,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE;KAChE,CAAC;AACJ,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,UAAU,CAAC,GAAQ;IACjC,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,UAAU,KAAK,QAAQ;QAAE,OAAO,YAAY,CAAC;IACnE,IAAI,GAAG,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAC;IAC7D,OAAO,IAAI,CAAC;AACd,CAAC;AAED;qFACqF;AACrF,MAAM,UAAU,SAAS,CAAC,GAAiB,EAAE,UAAU,GAAG,cAAc,EAAE;IACxE,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACnD,OAAO,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;WAC/B,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;WAC1B,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;AACtF,CAAC;AAED,qFAAqF;AACrF,MAAM,UAAU,YAAY,CAAC,GAAiB;IAC5C,MAAM,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAC/C,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC,CAAC;IAClC,IAAI,CAAC,KAAK,KAAK,IAAI,mBAAmB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,YAAY,CAAC;IACtE,OAAO,cAAc,CAAC;AACxB,CAAC;AAED,4EAA4E;AAC5E,SAAS,WAAW,CAAC,OAAgC;IACnD,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACvD,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;QAAE,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACjF,OAAO,GAAG,CAAC;AACb,CAAC;AAaD;;;;gEAIgE;AAChE,MAAM,UAAU,UAAU,CAAC,IAAY,EAAE,QAAsB,EAAE,OAAiB,EAAE;IAClF,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC;IAChC,MAAM,QAAQ,GAAa,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;IAC9D,IAAI,IAAI,CAAC,MAAM;QAAE,QAAQ,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;QACjB,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,YAAY,CAAC,QAAQ,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IACxH,CAAC;SAAM,CAAC;QACN,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,OAAiB,EAAE,GAAG,CAAE,QAAQ,CAAC,IAAiB,IAAI,EAAE,CAAC,CAAC,CAAC;IAC1F,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK;QACvB,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,IAAI,CAAC,UAAU,IAAI,cAAc,EAAE,EAAE,GAAG,QAAQ,CAAC,EAAE;QACzG,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,QAAQ,CAAC,EAAE,CAAC;IAClE,OAAO,EAAE,GAAG,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;AACvE,CAAC;AAID;;6DAE6D;AAC7D,MAAM,UAAU,cAAc,CAAC,GAAQ,EAAE,OAAiB,EAAE;IAC1D,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,OAAO,GAAa,EAAE,CAAC;IAAC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC3D,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;IAC3C,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAiC,CAAC;IACzD,MAAM,GAAG,GAAiC,EAAE,CAAC;IAC7C,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC;YAAC,SAAS;QAAC,CAAC;QACnE,IAAI,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;YAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC;YAAC,SAAS;QAAC,CAAC,CAAC,oBAAoB;QACvE,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;YAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC;YAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAAC,SAAS;QAAC,CAAC;QAChF,GAAG,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;QACxC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC3D,CAAC;AAED,uFAAuF;AACvF,MAAM,UAAU,aAAa,CAAC,GAAQ,EAAE,UAAU,GAAG,cAAc,EAAE;IACnE,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,OAAO,GAAa,EAAE,CAAC;IAAC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC3D,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;IAC3C,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAiC,CAAC;IACzD,MAAM,GAAG,GAAiC,EAAE,CAAC;IAC7C,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAClD,IAAI,SAAS,CAAC,GAAG,EAAE,UAAU,CAAC,EAAE,CAAC;YAC/B,MAAM,CAAC,GAAI,GAAG,CAAC,IAAiB,IAAI,EAAE,CAAC;YACvC,MAAM,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAClC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC,CAAmC,yCAAyC;gBAC5F,MAAM,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;gBACtC,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC;gBACtD,MAAM,OAAO,GAA2B,EAAE,CAAC;gBAC3C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,UAAU,EAAE,CAAC;wBAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;wBAAC,MAAM,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;wBAAC,IAAI,CAAC,GAAG,CAAC;4BAAE,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAAC,CAAC;gBAC9I,CAAC;gBACD,GAAG,CAAC,IAAI,CAAC,GAAG;oBACV,IAAI,EAAE,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;oBAChE,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACnD,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACrC,CAAC;YACJ,CAAC;iBAAM,CAAC,CAA6C,eAAe;gBAClE,MAAM,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC1B,MAAM,QAAQ,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC9C,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;YAC1I,CAAC;YACD,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;aAAM,CAAC;YAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC;QAAC,CAAC;IAC7B,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,EAAE,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC3D,CAAC;AAED,MAAM,MAAM,GAAG,eAAe,CAAC;AAI/B,kFAAkF;AAClF,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,IAAY,EAAE,MAAM,GAAG,KAAK,EAAE,OAAiB,EAAE;IACxF,IAAI,CAAC;QACH,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;QACnG,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAClE,IAAI,OAAO,CAAC,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;YAC9B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,GAAG,MAAM,CAAC;gBAAE,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,IAAI,GAAG,MAAM,CAAC,CAAC;YACxE,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC/D,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;IAC/C,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;IACzE,CAAC;AACH,CAAC;AAED,wEAAwE;AACxE,MAAM,UAAU,UAAU,CAAC,GAAW,EAAE,IAAY;IAClD,IAAI,CAAC;QACH,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,GAAG,MAAM,CAAC,EAAE,CAAC;YACjC,EAAE,CAAC,YAAY,CAAC,IAAI,GAAG,MAAM,EAAE,IAAI,CAAC,CAAC;YACrC,EAAE,CAAC,UAAU,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC;YAC7B,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,wBAAwB,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;QAC/E,CAAC;QACD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;QACnG,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC;QACtD,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QAClD,IAAI,OAAO,CAAC,MAAM;YAAE,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACjF,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACnD,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC;IACzE,CAAC;AACH,CAAC;AAED,mEAAmE;AACnE,MAAM,UAAU,UAAU,CACxB,OAA0D,EAAE;IAE5D,OAAO,eAAe,EAAE;SACrB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;SACpC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;AAC3G,CAAC"}

package/dist/core/mcp-scan.d.ts

@@ -0,0 +1,40 @@
+import { type ScannedTool } from './inventory.js';
+export interface McpServerConfig {
+    type?: string;
+    command?: string;
+    args?: string[];
+    env?: Record<string, string>;
+    url?: string;
+    headers?: Record<string, string>;
+}
+interface McpTool {
+    name: string;
+    description?: string;
+    inputSchema?: any;
+}
+/** Read configured MCP servers (name → raw config) from settings.json / .mcp.json. */
+export declare function discoverMcpServers(cwd: string): Record<string, McpServerConfig>;
+/** JSON-Schema inputSchema → our {name,type,description} param list (for schema_hash). */
+export declare function inputSchemaToParams(schema: any): Array<{
+    name: string;
+    type?: string;
+    description?: string;
+}>;
+/** stdio MCP client: spawn the server, handshake, tools/list. Never throws. */
+export declare function fetchToolsStdio(cfg: McpServerConfig, timeoutMs?: number): Promise<McpTool[]>;
+/** http (Streamable HTTP) MCP client — best-effort JSON; handles SSE-wrapped replies. */
+export declare function fetchToolsHttp(cfg: McpServerConfig, timeoutMs?: number): Promise<McpTool[]>;
+export interface McpScanResult {
+    server: string;
+    tools: ScannedTool[];
+    error?: string;
+}
+/** Connect to every configured MCP server and collect its live tools as ScannedTool[]. */
+export declare function mcpScan(cwd: string, timeoutMs?: number): Promise<McpScanResult[]>;
+/** Fingerprint+pin (P1) and submit the live tools to Guard for poisoning/rug-pull. */
+export declare function submitMcpScan(apiUrl: string, token: string, results: McpScanResult[], policy?: string, application?: string): Promise<{
+    status: number;
+    count: number;
+}>;
+export {};
+//# sourceMappingURL=mcp-scan.d.ts.map

package/dist/core/mcp-scan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-scan.d.ts","sourceRoot":"","sources":["../../core/mcp-scan.ts"],"names":[],"mappings":"AAYA,OAAO,EAAE,KAAK,WAAW,EAAiC,MAAM,gBAAgB,CAAC;AAEjF,MAAM,WAAW,eAAe;IAC9B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED,UAAU,OAAO;IAAG,IAAI,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,GAAG,CAAA;CAAE;AAE3E,sFAAsF;AACtF,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAmB/E;AAED,0FAA0F;AAC1F,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,GAAG,GAAG,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAO7G;AASD,+EAA+E;AAC/E,wBAAgB,eAAe,CAAC,GAAG,EAAE,eAAe,EAAE,SAAS,SAAO,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAkC1F;AAED,yFAAyF;AACzF,wBAAgB,cAAc,CAAC,GAAG,EAAE,eAAe,EAAE,SAAS,SAAO,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CA0CzF;AAQD,MAAM,WAAW,aAAa;IAAG,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,WAAW,EAAE,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE;AAEvF,0FAA0F;AAC1F,wBAAsB,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,SAAO,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC,CAiBrF;AAED,sFAAsF;AACtF,wBAAsB,aAAa,CACjC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,WAAW,CAAC,EAAE,MAAM,GAC7F,OAAO,CAAC;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAK5C"}

package/dist/core/mcp-scan.js

@@ -0,0 +1,201 @@
+// `guardion mcp-scan` — connect to each configured MCP server, fetch its LIVE
+// tool definitions (tools/list), and submit them to Guard for tool-poisoning +
+// rug-pull (P1 fingerprint) scanning. This is the one thing the PreToolUse/
+// PostToolUse hooks can't see (they get calls, not the server's declared tools),
+// and is the mcp-scan / AGT-SDK static-scan equivalent — no proxy.
+import fs from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+import http from 'node:http';
+import https from 'node:https';
+import { spawn } from 'node:child_process';
+import { pinInventory, submitInventory } from './inventory.js';
+/** Read configured MCP servers (name → raw config) from settings.json / .mcp.json. */
+export function discoverMcpServers(cwd) {
+    const out = {};
+    const paths = [
+        path.join(os.homedir(), '.claude', 'settings.json'),
+        path.join(cwd, '.mcp.json'),
+        path.join(cwd, '.claude', 'settings.json'),
+    ];
+    for (const p of paths) {
+        try {
+            const json = JSON.parse(fs.readFileSync(p, 'utf8'));
+            const servers = json.mcpServers || (p.endsWith('.mcp.json') ? json : null);
+            if (servers && typeof servers === 'object') {
+                for (const [name, cfg] of Object.entries(servers)) {
+                    if (!out[name] && cfg && typeof cfg === 'object')
+                        out[name] = cfg;
+                }
+            }
+        }
+        catch { /* skip missing/invalid */ }
+    }
+    return out;
+}
+/** JSON-Schema inputSchema → our {name,type,description} param list (for schema_hash). */
+export function inputSchemaToParams(schema) {
+    const props = schema && schema.properties && typeof schema.properties === 'object' ? schema.properties : {};
+    return Object.keys(props).map((k) => ({
+        name: k,
+        type: typeof props[k]?.type === 'string' ? props[k].type : (Array.isArray(props[k]?.type) ? props[k].type.join('|') : ''),
+        description: typeof props[k]?.description === 'string' ? props[k].description : '',
+    }));
+}
+const INIT = {
+    jsonrpc: '2.0', id: 1, method: 'initialize',
+    params: { protocolVersion: '2025-06-18', capabilities: {}, clientInfo: { name: 'guardion-mcp-scan', version: '0.3.0' } },
+};
+const INITED = { jsonrpc: '2.0', method: 'notifications/initialized' };
+const LIST = { jsonrpc: '2.0', id: 2, method: 'tools/list', params: {} };
+/** stdio MCP client: spawn the server, handshake, tools/list. Never throws. */
+export function fetchToolsStdio(cfg, timeoutMs = 8000) {
+    return new Promise((resolve) => {
+        let child;
+        try {
+            child = spawn(cfg.command, cfg.args || [], { env: { ...process.env, ...(cfg.env || {}) }, stdio: ['pipe', 'pipe', 'ignore'] });
+        }
+        catch {
+            return resolve([]);
+        }
+        let buf = '';
+        let done = false;
+        const finish = (tools) => {
+            if (done)
+                return;
+            done = true;
+            clearTimeout(timer);
+            try {
+                child.kill();
+            }
+            catch { /* ignore */ }
+            resolve(tools);
+        };
+        const timer = setTimeout(() => finish([]), timeoutMs);
+        const send = (o) => { try {
+            child.stdin.write(JSON.stringify(o) + '\n');
+        }
+        catch { /* ignore */ } };
+        child.stdout.setEncoding('utf8');
+        child.stdout.on('data', (d) => {
+            buf += d;
+            let nl;
+            while ((nl = buf.indexOf('\n')) >= 0) {
+                const line = buf.slice(0, nl).trim();
+                buf = buf.slice(nl + 1);
+                if (!line)
+                    continue;
+                let msg;
+                try {
+                    msg = JSON.parse(line);
+                }
+                catch {
+                    continue;
+                }
+                if (msg.id === 1 && msg.result) {
+                    send(INITED);
+                    send(LIST);
+                }
+                if (msg.id === 2 && msg.result && Array.isArray(msg.result.tools))
+                    finish(msg.result.tools);
+            }
+        });
+        child.on('error', () => finish([]));
+        send(INIT);
+    });
+}
+/** http (Streamable HTTP) MCP client — best-effort JSON; handles SSE-wrapped replies. */
+export function fetchToolsHttp(cfg, timeoutMs = 8000) {
+    const post = (body, sessionId) => new Promise((resolve) => {
+        let url;
+        try {
+            url = new URL(cfg.url);
+        }
+        catch {
+            return resolve({ json: null });
+        }
+        const transport = url.protocol === 'https:' ? https : http;
+        const data = JSON.stringify(body);
+        const req = transport.request({
+            hostname: url.hostname, port: url.port, path: url.pathname + url.search, method: 'POST',
+            timeout: timeoutMs,
+            headers: {
+                'Content-Type': 'application/json',
+                'Accept': 'application/json, text/event-stream',
+                'Content-Length': Buffer.byteLength(data),
+                ...(cfg.headers || {}),
+                ...(sessionId ? { 'Mcp-Session-Id': sessionId } : {}),
+            },
+        }, (res) => {
+            const sid = res.headers['mcp-session-id'] || sessionId;
+            let raw = '';
+            res.setEncoding('utf8');
+            res.on('data', (c) => { raw += c; });
+            res.on('end', () => {
+                // SSE frames: take the last `data:` line; else parse as JSON.
+                let json = null;
+                const sse = raw.split('\n').filter((l) => l.startsWith('data:')).map((l) => l.slice(5).trim());
+                const candidate = sse.length ? sse[sse.length - 1] : raw;
+                try {
+                    json = JSON.parse(candidate);
+                }
+                catch {
+                    json = null;
+                }
+                resolve({ json, sessionId: sid });
+            });
+        });
+        req.on('error', () => resolve({ json: null }));
+        req.on('timeout', () => { req.destroy(); resolve({ json: null }); });
+        req.write(data);
+        req.end();
+    });
+    return (async () => {
+        const init = await post(INIT);
+        const sid = init.sessionId;
+        await post(INITED, sid);
+        const list = await post(LIST, sid);
+        const tools = list.json && list.json.result && Array.isArray(list.json.result.tools) ? list.json.result.tools : [];
+        return tools;
+    })();
+}
+function fetchTools(cfg, timeoutMs) {
+    if (cfg.url)
+        return fetchToolsHttp(cfg, timeoutMs);
+    if (cfg.command)
+        return fetchToolsStdio(cfg, timeoutMs);
+    return Promise.resolve([]);
+}
+/** Connect to every configured MCP server and collect its live tools as ScannedTool[]. */
+export async function mcpScan(cwd, timeoutMs = 8000) {
+    const servers = discoverMcpServers(cwd);
+    const results = [];
+    for (const [server, cfg] of Object.entries(servers)) {
+        let live = [];
+        try {
+            live = await fetchTools(cfg, timeoutMs);
+        }
+        catch {
+            live = [];
+        }
+        const tools = live.map((t) => ({
+            name: t.name,
+            description: t.description || '',
+            server,
+            source: 'mcp',
+            snapshot_source: 'mcp_scan',
+            parameters: inputSchemaToParams(t.inputSchema),
+        }));
+        results.push({ server, tools, error: live.length === 0 ? 'no tools (unreachable or empty)' : undefined });
+    }
+    return results;
+}
+/** Fingerprint+pin (P1) and submit the live tools to Guard for poisoning/rug-pull. */
+export async function submitMcpScan(apiUrl, token, results, policy, application) {
+    const tools = pinInventory(results.flatMap((r) => r.tools));
+    if (tools.length === 0)
+        return { status: 0, count: 0 };
+    const res = await submitInventory({ apiUrl, token, tools, policy, application });
+    return { status: res.status, count: tools.length };
+}
+//# sourceMappingURL=mcp-scan.js.map

package/dist/core/mcp-scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-scan.js","sourceRoot":"","sources":["../../core/mcp-scan.ts"],"names":[],"mappings":"AAAA,8EAA8E;AAC9E,+EAA+E;AAC/E,4EAA4E;AAC5E,iFAAiF;AACjF,mEAAmE;AACnE,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,KAAK,MAAM,YAAY,CAAC;AAC/B,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAE3C,OAAO,EAAoB,YAAY,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAajF,sFAAsF;AACtF,MAAM,UAAU,kBAAkB,CAAC,GAAW;IAC5C,MAAM,GAAG,GAAoC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG;QACZ,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,eAAe,CAAC;QACnD,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,eAAe,CAAC;KAC3C,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;YACpD,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAC3E,IAAI,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;gBAC3C,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;oBAClD,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;wBAAE,GAAG,CAAC,IAAI,CAAC,GAAG,GAAsB,CAAC;gBACvF,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC,CAAC,0BAA0B,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,0FAA0F;AAC1F,MAAM,UAAU,mBAAmB,CAAC,MAAW;IAC7C,MAAM,KAAK,GAAG,MAAM,IAAI,MAAM,CAAC,UAAU,IAAI,OAAO,MAAM,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;IAC5G,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACpC,IAAI,EAAE,CAAC;QACP,IAAI,EAAE,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACzH,WAAW,EAAE,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE;KACnF,CAAC,CAAC,CAAC;AACN,CAAC;AAED,MAAM,IAAI,GAAG;IACX,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,YAAY;IAC3C,MAAM,EAAE,EAAE,eAAe,EAAE,YAAY,EAAE,YAAY,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE;CACzH,CAAC;AACF,MAAM,MAAM,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;AACvE,MAAM,IAAI,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;AAEzE,+EAA+E;AAC/E,MAAM,UAAU,eAAe,CAAC,GAAoB,EAAE,SAAS,GAAG,IAAI;IACpE,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,IAAI,KAA+B,CAAC;QACpC,IAAI,CAAC;YACH,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,OAAiB,EAAE,GAAG,CAAC,IAAI,IAAI,EAAE,EACjD,EAAE,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC;QACxF,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,OAAO,CAAC,EAAE,CAAC,CAAC;QAAC,CAAC;QAE/B,IAAI,GAAG,GAAG,EAAE,CAAC;QACb,IAAI,IAAI,GAAG,KAAK,CAAC;QACjB,MAAM,MAAM,GAAG,CAAC,KAAgB,EAAE,EAAE;YAClC,IAAI,IAAI;gBAAE,OAAO;YAAC,IAAI,GAAG,IAAI,CAAC;YAC9B,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,IAAI,CAAC;gBAAC,KAAK,CAAC,IAAI,EAAE,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;YAC5C,OAAO,CAAC,KAAK,CAAC,CAAC;QACjB,CAAC,CAAC;QACF,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,SAAS,CAAC,CAAC;QACtD,MAAM,IAAI,GAAG,CAAC,CAAM,EAAE,EAAE,GAAG,IAAI,CAAC;YAAC,KAAK,CAAC,KAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;QAE1G,KAAK,CAAC,MAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAClC,KAAK,CAAC,MAAO,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE;YACrC,GAAG,IAAI,CAAC,CAAC;YACT,IAAI,EAAU,CAAC;YACf,OAAO,CAAC,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBAAC,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;gBAC9D,IAAI,CAAC,IAAI;oBAAE,SAAS;gBACpB,IAAI,GAAQ,CAAC;gBAAC,IAAI,CAAC;oBAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAAC,CAAC;gBAAC,MAAM,CAAC;oBAAC,SAAS;gBAAC,CAAC;gBACjE,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;oBAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAAC,CAAC;gBAC7D,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;oBAAE,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC9F,CAAC;QACH,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QACpC,IAAI,CAAC,IAAI,CAAC,CAAC;IACb,CAAC,CAAC,CAAC;AACL,CAAC;AAED,yFAAyF;AACzF,MAAM,UAAU,cAAc,CAAC,GAAoB,EAAE,SAAS,GAAG,IAAI;IACnE,MAAM,IAAI,GAAG,CAAC,IAAS,EAAE,SAAkB,EAA8C,EAAE,CACzF,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QACtB,IAAI,GAAQ,CAAC;QAAC,IAAI,CAAC;YAAC,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAa,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAAC,CAAC;QACjG,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAC3D,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC;YAC5B,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM;YACvF,OAAO,EAAE,SAAS;YAClB,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,QAAQ,EAAE,qCAAqC;gBAC/C,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;gBACzC,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;gBACtB,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACtD;SACF,EAAE,CAAC,GAAG,EAAE,EAAE;YACT,MAAM,GAAG,GAAI,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAY,IAAI,SAAS,CAAC;YACnE,IAAI,GAAG,GAAG,EAAE,CAAC;YAAC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACtC,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,EAAE,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACrC,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBACjB,8DAA8D;gBAC9D,IAAI,IAAI,GAAQ,IAAI,CAAC;gBACrB,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC/F,MAAM,SAAS,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBACzD,IAAI,CAAC;oBAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBAAC,CAAC;gBAAC,MAAM,CAAC;oBAAC,IAAI,GAAG,IAAI,CAAC;gBAAC,CAAC;gBAC5D,OAAO,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;YACpC,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC/C,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAAC,GAAG,CAAC,GAAG,EAAE,CAAC;IAC7B,CAAC,CAAC,CAAC;IAEL,OAAO,CAAC,KAAK,IAAI,EAAE;QACjB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC;QAC3B,MAAM,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QACxB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACnC,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QACnH,OAAO,KAAkB,CAAC;IAC5B,CAAC,CAAC,EAAE,CAAC;AACP,CAAC;AAED,SAAS,UAAU,CAAC,GAAoB,EAAE,SAAiB;IACzD,IAAI,GAAG,CAAC,GAAG;QAAE,OAAO,cAAc,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACnD,IAAI,GAAG,CAAC,OAAO;QAAE,OAAO,eAAe,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACxD,OAAO,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;AAC7B,CAAC;AAID,0FAA0F;AAC1F,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,GAAW,EAAE,SAAS,GAAG,IAAI;IACzD,MAAM,OAAO,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,OAAO,GAAoB,EAAE,CAAC;IACpC,KAAK,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,IAAI,IAAI,GAAc,EAAE,CAAC;QACzB,IAAI,CAAC;YAAC,IAAI,GAAG,MAAM,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,IAAI,GAAG,EAAE,CAAC;QAAC,CAAC;QACrE,MAAM,KAAK,GAAkB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5C,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,EAAE;YAChC,MAAM;YACN,MAAM,EAAE,KAAK;YACb,eAAe,EAAE,UAAU;YAC3B,UAAU,EAAE,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC;SAC/C,CAAC,CAAC,CAAC;QACJ,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IAC5G,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,sFAAsF;AACtF,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAc,EAAE,KAAa,EAAE,OAAwB,EAAE,MAAe,EAAE,WAAoB;IAE9F,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;IAC5D,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IACvD,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,CAAC;IACjF,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC;AACrD,CAAC"}

package/dist/core/mock-server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mock-server.d.ts","sourceRoot":"","sources":["../../core/mock-server.ts"],"names":[],"mappings":"AA2DA,wBAAgB,eAAe,CAAC,IAAI,SAAe,QAwJlD"}

package/dist/{mock-server.js → core/mock-server.js}

@@ -2,7 +2,17 @@ import express from 'express';
 import chalk from 'chalk';
 const DEFAULT_PORT = 4100;
 const EVENTS_PATH = '/v1/hooks/events'; // matches real Guard API — fixed from v1
+const GUARD_PATH = '/v1/guard'; // policy evaluation (DLP / interposer)
 const HEALTH_PATH = '/health';
+// Mirror Guard's MessagesRole enum (guard/guard/core/schemas.py) so the mock
+// rejects an invalid role exactly like real Guard would (422). This is what
+// catches the `tool_output` (should be `tool_response`) class of contract bug —
+// the unit suite hits fakes, but anything pointed at the mock is held to the
+// real role contract.
+const VALID_ROLES = new Set([
+    'user', 'assistant', 'system', 'developer', 'context',
+    'tool', 'tool_input', 'tool_response', 'tool_schema',
+]);
 let nextId = 1;
 const logs = [];
 function ts() {
@@ -69,6 +79,37 @@ export function startMockServer(port = DEFAULT_PORT) {
         });
         res.json({ action: 'allow' });
     });
+    // ── Policy evaluation (/v1/guard) ────────────────────────────────────────────
+    // Validates the role contract and echoes a simple verdict. Redacts any leaf
+    // whose content matches a demo PII pattern (email) so the interposer's
+    // structure-preserving write-back can be exercised end-to-end against the mock.
+    app.post(GUARD_PATH, (req, res) => {
+        const start = Date.now();
+        const body = (req.body ?? {});
+        const messages = Array.isArray(body.messages) ? body.messages : [];
+        const bad = messages.find((m) => !VALID_ROLES.has(String(m?.role)));
+        if (bad) {
+            const detail = `invalid role: ${String(bad.role)}`;
+            console.log(chalk.red(`[${ts()}] 422 ${GUARD_PATH} — ${detail}`));
+            addLog('POST', GUARD_PATH, 422, Date.now() - start, body, { error: detail });
+            return res.status(422).json({ detail });
+        }
+        const EMAIL = /\b[\w.+-]+@[\w-]+\.[\w.-]+\b/g;
+        const choices = messages.map((m) => {
+            const content = typeof m.content === 'string' ? m.content : '';
+            return { role: m.role, name: m.name, content: content.replace(EMAIL, '[EMAIL]') };
+        });
+        const redacted = choices.some((c, i) => c.content !== (messages[i].content ?? ''));
+        console.log(`${chalk.dim(`[${ts()}]`)} ${chalk.bold(chalk.green('guard'))} ${chalk.dim(`msgs=${messages.length} redacted=${redacted}`)}`);
+        addLog('POST', GUARD_PATH, 200, Date.now() - start, body, { messages: messages.length, redacted });
+        res.json({
+            id: `eval-${Date.now()}`,
+            flagged: redacted,
+            deny: false,
+            redacted,
+            ...(redacted ? { correction: { choices } } : {}),
+        });
+    });
     // ── Log queries ────────────────────────────────────────────────────────────
     app.get('/api/logs/stream', (req, res) => {
         res.setHeader('Content-Type', 'text/event-stream');

package/dist/core/mock-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mock-server.js","sourceRoot":"","sources":["../../core/mock-server.ts"],"names":[],"mappings":"AAAA,OAAO,OAAO,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,MAAM,YAAY,GAAG,IAAI,CAAC;AAC1B,MAAM,WAAW,GAAG,kBAAkB,CAAC,CAAC,yCAAyC;AACjF,MAAM,UAAU,GAAG,WAAW,CAAC,CAAC,uCAAuC;AACvE,MAAM,WAAW,GAAG,SAAS,CAAC;AAE9B,6EAA6E;AAC7E,4EAA4E;AAC5E,gFAAgF;AAChF,6EAA6E;AAC7E,sBAAsB;AACtB,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC;IAC1B,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,SAAS;IACrD,MAAM,EAAE,YAAY,EAAE,eAAe,EAAE,aAAa;CACrD,CAAC,CAAC;AAaH,IAAI,MAAM,GAAG,CAAC,CAAC;AACf,MAAM,IAAI,GAAe,EAAE,CAAC;AAE5B,SAAS,EAAE;IACT,OAAO,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC;AAED,SAAS,MAAM,CACb,MAAc,EACd,CAAS,EACT,MAAc,EACd,WAAmB,EACnB,IAAa,EACb,OAAgC,EAAE;IAElC,MAAM,KAAK,GAAa;QACtB,EAAE,EAAE,MAAM,EAAE;QACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,MAAM;QACN,IAAI,EAAE,CAAC;QACP,MAAM;QACN,WAAW;QACX,IAAI;QACJ,IAAI;KACL,CAAC;IACF,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjB,IAAI,IAAI,CAAC,MAAM,GAAG,IAAI;QAAE,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,IAAI,GAAG,YAAY;IACjD,MAAM,GAAG,GAAG,OAAO,EAAE,CAAC;IACtB,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;IAEzC,8EAA8E;IAE9E,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QACjC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IACrE,CAAC,CAAC,CAAC;IAEH,8EAA8E;IAE9E,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACjC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,GAAG,CAAC,IAA+B,CAAC;QACjD,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,KAAK,IAAI,SAAS,CAAC,CAAC;QACtE,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,IAAI,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAElE,OAAO,CAAC,GAAG,CACT,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,IAAI,KAAK,CAAC,GAAG,CAAC,WAAW,OAAO,EAAE,CAAC,EAAE,CAC1G,CAAC;QAEF,IAAI,IAAI,CAAC,UAAU,IAAI,OAAO,IAAI,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,KAAK,GAAG,IAAI,CAAC,UAAqC,CAAC;YACzD,MAAM,OAAO,GAAG,MAAM,CACpB,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,KAAK,IAAI,EAAE,CACvE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAChB,IAAI,OAAO;gBAAE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,OAAO,EAAE,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,IAAI,IAAI,CAAC,MAAM;YACb,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3E,IAAI,IAAI,CAAC,UAAU;YACjB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QACzE,IAAI,IAAI,CAAC,aAAa;YACpB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CACP,OAAO,IAAI,CAAC,UAAU,KAAK,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CACtE,CACF,CAAC;QAEJ,IAAI,IAAI,CAAC,QAAQ,IAAI,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACvD,MAAM,CAAC,GAAG,IAAI,CAAC,QAAmC,CAAC;YACnD,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,cAAc,CAAC;iBAClD,MAAM,CAAC,OAAO,CAAC;iBACf,IAAI,CAAC,KAAK,CAAC,CAAC;YACf,IAAI,GAAG;gBAAE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC,CAAC;YACnD,IAAI,CAAC,CAAC,UAAU;gBACd,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,UAAU,IAAI,GAAG,EAAE,CAAC,CAC5D,CAAC;QACN,CAAC;QAED,MAAM,CAAC,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE;YACzD,eAAe,EAAE,KAAK;YACtB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;QAEH,GAAG,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,gFAAgF;IAChF,4EAA4E;IAC5E,uEAAuE;IACvE,gFAAgF;IAEhF,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAA4B,CAAC;QACzD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAE,IAAI,CAAC,QAA2C,CAAC,CAAC,CAAC,EAAE,CAAC;QAEvG,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;QACpE,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,MAAM,GAAG,iBAAiB,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,SAAS,UAAU,MAAM,MAAM,EAAE,CAAC,CAAC,CAAC;YAClE,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;YAC7E,OAAO,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1C,CAAC;QAED,MAAM,KAAK,GAAG,+BAA+B,CAAC;QAC9C,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACjC,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/D,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE,CAAC;QACpF,CAAC,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;QAEnF,OAAO,CAAC,GAAG,CACT,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,QAAQ,QAAQ,CAAC,MAAM,aAAa,QAAQ,EAAE,CAAC,EAAE,CAC7H,CAAC;QACF,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE,EAAE,QAAQ,EAAE,QAAQ,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;QAEnG,GAAG,CAAC,IAAI,CAAC;YACP,EAAE,EAAE,QAAQ,IAAI,CAAC,GAAG,EAAE,EAAE;YACxB,OAAO,EAAE,QAAQ;YACjB,IAAI,EAAE,KAAK;YACX,QAAQ;YACR,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjD,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,8EAA8E;IAE9E,GAAG,CAAC,GAAG,CAAC,kBAAkB,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACvC,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,mBAAmB,CAAC,CAAC;QACnD,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;QAC3C,GAAG,CAAC,SAAS,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;QAC1C,GAAG,CAAC,YAAY,EAAE,CAAC;QACnB,IAAI,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC;QACvB,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,EAAE;YAC1B,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,GAAG,CAAC,KAAK,CAAC,SAAS,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAClD,CAAC;YACD,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC;QACrB,CAAC,EAAE,GAAG,CAAC,CAAC;QACR,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAA2B,CAAC;QACpD,MAAM,QAAQ,GAAG,KAAK;YACpB,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAE,CAAC,CAAC,IAAI,CAAC,eAA0B,KAAK,KAAK,CAAC;YAClE,CAAC,CAAC,IAAI,CAAC;QACT,GAAG,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,8EAA8E;IAE9E,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE;QACzB,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;QAC3C,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,SAAS,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAClE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE;QACpB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,CAAC,IAAI,CAAC,oBAAoB,IAAI,GAAG,CAAC,EAAE,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CACT,mBAAmB,KAAK,CAAC,IAAI,CAAC,oBAAoB,IAAI,GAAG,WAAW,EAAE,CAAC,EAAE,CAC1E,CAAC;QACF,OAAO,CAAC,GAAG,CACT,mBAAmB,KAAK,CAAC,IAAI,CAAC,oBAAoB,IAAI,GAAG,WAAW,EAAE,CAAC,EAAE,CAC1E,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,aAAa;IACpB,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAuED,CAAC;AACT,CAAC"}