@hasna/testers 0.0.14 → 0.0.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dashboard/dist/assets/index-BSYf1bIR.css +1 -0
- package/dashboard/dist/assets/index-Bdn52878.js +49 -0
- package/dashboard/dist/index.html +2 -2
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +9882 -5519
- package/dist/db/api-checks.d.ts +28 -0
- package/dist/db/api-checks.d.ts.map +1 -0
- package/dist/db/database.d.ts.map +1 -1
- package/dist/db/environments.d.ts +10 -0
- package/dist/db/environments.d.ts.map +1 -1
- package/dist/db/golden-answers.d.ts +89 -0
- package/dist/db/golden-answers.d.ts.map +1 -0
- package/dist/db/personas.d.ts +9 -0
- package/dist/db/personas.d.ts.map +1 -0
- package/dist/db/projects.d.ts +3 -6
- package/dist/db/projects.d.ts.map +1 -1
- package/dist/db/results.d.ts +3 -0
- package/dist/db/results.d.ts.map +1 -1
- package/dist/db/runs.d.ts.map +1 -1
- package/dist/index.js +2352 -1207
- package/dist/lib/ai-client.d.ts +55 -1
- package/dist/lib/ai-client.d.ts.map +1 -1
- package/dist/lib/ai-profiler.d.ts +29 -0
- package/dist/lib/ai-profiler.d.ts.map +1 -0
- package/dist/lib/api-runner.d.ts +20 -0
- package/dist/lib/api-runner.d.ts.map +1 -0
- package/dist/lib/browser.d.ts +9 -0
- package/dist/lib/browser.d.ts.map +1 -1
- package/dist/lib/ci.d.ts +5 -0
- package/dist/lib/ci.d.ts.map +1 -1
- package/dist/lib/compliance-report.d.ts +33 -0
- package/dist/lib/compliance-report.d.ts.map +1 -0
- package/dist/lib/config.d.ts.map +1 -1
- package/dist/lib/eval-runner.d.ts +94 -0
- package/dist/lib/eval-runner.d.ts.map +1 -0
- package/dist/lib/generator.d.ts +34 -0
- package/dist/lib/generator.d.ts.map +1 -0
- package/dist/lib/golden-monitor.d.ts +28 -0
- package/dist/lib/golden-monitor.d.ts.map +1 -0
- package/dist/lib/healer.d.ts +26 -0
- package/dist/lib/healer.d.ts.map +1 -0
- package/dist/lib/health-scan.d.ts +6 -1
- package/dist/lib/health-scan.d.ts.map +1 -1
- package/dist/lib/judge.d.ts +72 -0
- package/dist/lib/judge.d.ts.map +1 -0
- package/dist/lib/openapi-import.d.ts +7 -0
- package/dist/lib/openapi-import.d.ts.map +1 -1
- package/dist/lib/persona-diff.d.ts +27 -0
- package/dist/lib/persona-diff.d.ts.map +1 -0
- package/dist/lib/pipeline-runner.d.ts +48 -0
- package/dist/lib/pipeline-runner.d.ts.map +1 -0
- package/dist/lib/runner.d.ts +8 -0
- package/dist/lib/runner.d.ts.map +1 -1
- package/dist/lib/scanners/a11y.d.ts +41 -0
- package/dist/lib/scanners/a11y.d.ts.map +1 -0
- package/dist/lib/scanners/injection.d.ts +54 -0
- package/dist/lib/scanners/injection.d.ts.map +1 -0
- package/dist/lib/scanners/pii-scanner.d.ts +19 -0
- package/dist/lib/scanners/pii-scanner.d.ts.map +1 -0
- package/dist/lib/scanners/pii.d.ts +17 -0
- package/dist/lib/scanners/pii.d.ts.map +1 -0
- package/dist/lib/session-converter.d.ts +29 -0
- package/dist/lib/session-converter.d.ts.map +1 -0
- package/dist/lib/webhooks.d.ts +20 -1
- package/dist/lib/webhooks.d.ts.map +1 -1
- package/dist/mcp/index.d.ts +3 -0
- package/dist/mcp/index.d.ts.map +1 -0
- package/dist/mcp/index.js +7048 -4351
- package/dist/server/index.js +7856 -5067
- package/dist/types/index.d.ts +218 -3
- package/dist/types/index.d.ts.map +1 -1
- package/package.json +1 -1
- package/dashboard/dist/assets/index-FZ9gzLaz.js +0 -49
- package/dashboard/dist/assets/index-PT-52SEY.css +0 -1
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Multi-agent pipeline tester.
|
|
3
|
+
*
|
|
4
|
+
* Runs a sequence of AI endpoint calls where each step's output feeds into
|
|
5
|
+
* the next step's input via template substitution ({{prev.field}} / {{input.key}}).
|
|
6
|
+
*
|
|
7
|
+
* Each step can assert its output before proceeding, enabling fail-fast or
|
|
8
|
+
* continue-on-fail pipelines.
|
|
9
|
+
*/
|
|
10
|
+
import type { JudgeRubric, JudgeConfig, JudgeResult } from "./judge.js";
|
|
11
|
+
export interface PipelineStep {
|
|
12
|
+
name: string;
|
|
13
|
+
endpoint: string;
|
|
14
|
+
method?: string;
|
|
15
|
+
headers?: Record<string, string>;
|
|
16
|
+
inputTemplate: string;
|
|
17
|
+
outputCapture: string;
|
|
18
|
+
assertions: JudgeRubric[];
|
|
19
|
+
onFail?: "stop" | "continue";
|
|
20
|
+
}
|
|
21
|
+
export interface PipelineConfig {
|
|
22
|
+
steps: PipelineStep[];
|
|
23
|
+
input?: Record<string, string>;
|
|
24
|
+
judgeModel?: string;
|
|
25
|
+
judgeProvider?: string;
|
|
26
|
+
baseUrl?: string;
|
|
27
|
+
}
|
|
28
|
+
export interface PipelineStepResult {
|
|
29
|
+
stepName: string;
|
|
30
|
+
passed: boolean;
|
|
31
|
+
output: string | null;
|
|
32
|
+
assertionResults: JudgeResult[];
|
|
33
|
+
error?: string;
|
|
34
|
+
durationMs: number;
|
|
35
|
+
}
|
|
36
|
+
export interface PipelineRunResult {
|
|
37
|
+
passed: boolean;
|
|
38
|
+
stepsCompleted: number;
|
|
39
|
+
stepResults: PipelineStepResult[];
|
|
40
|
+
durationMs: number;
|
|
41
|
+
tokensUsed: number;
|
|
42
|
+
}
|
|
43
|
+
export declare function substituteTemplate(template: string, prevOutput: unknown, inputVars: Record<string, string>): string;
|
|
44
|
+
export declare function runPipeline(config: PipelineConfig, options: {
|
|
45
|
+
baseUrl: string;
|
|
46
|
+
judgeConfig?: JudgeConfig;
|
|
47
|
+
}): Promise<PipelineRunResult>;
|
|
48
|
+
//# sourceMappingURL=pipeline-runner.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pipeline-runner.d.ts","sourceRoot":"","sources":["../../src/lib/pipeline-runner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAIxE,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,WAAW,EAAE,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,GAAG,UAAU,CAAC;CAC9B;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,YAAY,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,gBAAgB,EAAE,WAAW,EAAE,CAAC;IAChC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,OAAO,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,kBAAkB,EAAE,CAAC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAkBD,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,OAAO,EACnB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAChC,MAAM,CAUR;AAqCD,wBAAsB,WAAW,CAC/B,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,WAAW,CAAA;CAAE,GACtD,OAAO,CAAC,iBAAiB,CAAC,CA0H5B"}
|
package/dist/lib/runner.d.ts
CHANGED
|
@@ -10,6 +10,14 @@ export interface RunOptions {
|
|
|
10
10
|
apiKey?: string;
|
|
11
11
|
screenshotDir?: string;
|
|
12
12
|
engine?: "playwright" | "lightpanda";
|
|
13
|
+
personaId?: string;
|
|
14
|
+
personaIds?: string[];
|
|
15
|
+
samples?: number;
|
|
16
|
+
flakinessThreshold?: number;
|
|
17
|
+
a11y?: boolean | {
|
|
18
|
+
level?: "A" | "AA" | "AAA";
|
|
19
|
+
};
|
|
20
|
+
selfHeal?: boolean;
|
|
13
21
|
}
|
|
14
22
|
export interface RunEvent {
|
|
15
23
|
type: "scenario:start" | "scenario:pass" | "scenario:fail" | "scenario:error" | "screenshot:captured" | "run:complete" | "step:tool_call" | "step:tool_result" | "step:thinking" | "scenario:timeout_warning";
|
package/dist/lib/runner.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runner.d.ts","sourceRoot":"","sources":["../../src/lib/runner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"runner.d.ts","sourceRoot":"","sources":["../../src/lib/runner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAgB/D,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,YAAY,GAAG,YAAY,CAAC;IACrC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,IAAI,CAAC,EAAE,OAAO,GAAG;QAAE,KAAK,CAAC,EAAE,GAAG,GAAG,IAAI,GAAG,KAAK,CAAA;KAAE,CAAC;IAChD,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EACA,gBAAgB,GAChB,eAAe,GACf,eAAe,GACf,gBAAgB,GAChB,qBAAqB,GACrB,cAAc,GACd,gBAAgB,GAChB,kBAAkB,GAClB,eAAe,GACf,0BAA0B,CAAC;IAC/B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,MAAM,eAAe,GAAG,CAAC,KAAK,EAAE,QAAQ,KAAK,IAAI,CAAC;AAIxD,wBAAgB,UAAU,CAAC,OAAO,EAAE,eAAe,GAAG,IAAI,CAEzD;AA+BD,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,QAAQ,EAClB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,UAAU,GAClB,OAAO,CAAC,MAAM,CAAC,CA+IjB;AAED,wBAAsB,QAAQ,CAC5B,SAAS,EAAE,QAAQ,EAAE,EACrB,OAAO,EAAE,UAAU,GAClB,OAAO,CAAC;IAAE,GAAG,EAAE,GAAG,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC,CAyL1C;AAED,wBAAsB,WAAW,CAC/B,OAAO,EAAE,UAAU,GAAG;IAAE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,GACnF,OAAO,CAAC;IAAE,GAAG,EAAE,GAAG,CAAC;IAAC,OAAO,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC,CAuB1C;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAC3B,OAAO,EAAE,UAAU,GAAG;IAAE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,GACnF;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,aAAa,EAAE,MAAM,CAAA;CAAE,CAmF1C"}
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* WCAG Accessibility scanner using axe-core.
|
|
3
|
+
*
|
|
4
|
+
* Injects axe-core into the live browser page and runs a full WCAG audit.
|
|
5
|
+
* Works in authenticated, dynamically-loaded states — unlike static scanners.
|
|
6
|
+
*
|
|
7
|
+
* Usage:
|
|
8
|
+
* import { scanPageA11y } from "./scanners/a11y.js";
|
|
9
|
+
* const violations = await scanPageA11y(page, { wcagLevel: "AA" });
|
|
10
|
+
*/
|
|
11
|
+
import type { Page } from "playwright";
|
|
12
|
+
import type { ScanResult } from "../../types/index.js";
|
|
13
|
+
export type WcagLevel = "A" | "AA" | "AAA";
|
|
14
|
+
export type A11yImpact = "critical" | "serious" | "moderate" | "minor";
|
|
15
|
+
export interface A11yViolation {
|
|
16
|
+
id: string;
|
|
17
|
+
impact: A11yImpact;
|
|
18
|
+
description: string;
|
|
19
|
+
wcagCriteria: string[];
|
|
20
|
+
nodes: Array<{
|
|
21
|
+
selector: string;
|
|
22
|
+
html: string;
|
|
23
|
+
failureSummary: string;
|
|
24
|
+
}>;
|
|
25
|
+
}
|
|
26
|
+
export interface A11yScanOptions {
|
|
27
|
+
wcagLevel?: WcagLevel;
|
|
28
|
+
include?: string[];
|
|
29
|
+
exclude?: string[];
|
|
30
|
+
runOnly?: string[];
|
|
31
|
+
}
|
|
32
|
+
export declare function scanPageA11y(page: Page, options?: A11yScanOptions): Promise<A11yViolation[]>;
|
|
33
|
+
export declare function scanA11y(options: {
|
|
34
|
+
url: string;
|
|
35
|
+
pages?: string[];
|
|
36
|
+
wcagLevel?: WcagLevel;
|
|
37
|
+
headed?: boolean;
|
|
38
|
+
timeoutMs?: number;
|
|
39
|
+
projectId?: string;
|
|
40
|
+
}): Promise<ScanResult>;
|
|
41
|
+
//# sourceMappingURL=a11y.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"a11y.d.ts","sourceRoot":"","sources":["../../../src/lib/scanners/a11y.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,EAAa,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAIlE,MAAM,MAAM,SAAS,GAAG,GAAG,GAAG,IAAI,GAAG,KAAK,CAAC;AAC3C,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,SAAS,GAAG,UAAU,GAAG,OAAO,CAAC;AAEvE,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,UAAU,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,KAAK,EAAE,KAAK,CAAC;QACX,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC,CAAC;CACJ;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB;AA0BD,wBAAsB,YAAY,CAChC,IAAI,EAAE,IAAI,EACV,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,aAAa,EAAE,CAAC,CA4D1B;AAID,wBAAsB,QAAQ,CAAC,OAAO,EAAE;IACtC,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,GAAG,OAAO,CAAC,UAAU,CAAC,CAsDtB"}
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Prompt injection security scanner.
|
|
3
|
+
*
|
|
4
|
+
* Submits adversarial payloads to AI endpoints (via API or browser form)
|
|
5
|
+
* and uses the judge engine to detect unsafe behaviors:
|
|
6
|
+
* - System prompt leakage
|
|
7
|
+
* - Compliance with injected instructions
|
|
8
|
+
* - Sensitive data exfiltration
|
|
9
|
+
* - Role override success
|
|
10
|
+
*
|
|
11
|
+
* OWASP LLM Top 10 #1 — prompt injection.
|
|
12
|
+
*/
|
|
13
|
+
import type { ScanResult } from "../../types/index.js";
|
|
14
|
+
import type { JudgeConfig } from "../judge.js";
|
|
15
|
+
export interface InjectionPayload {
|
|
16
|
+
id: string;
|
|
17
|
+
category: "extraction" | "role_override" | "jailbreak" | "data_exfil" | "indirect";
|
|
18
|
+
payload: string;
|
|
19
|
+
description: string;
|
|
20
|
+
severity: "critical" | "high" | "medium";
|
|
21
|
+
}
|
|
22
|
+
export declare const INJECTION_PAYLOADS: InjectionPayload[];
|
|
23
|
+
export interface InjectionScanOptions {
|
|
24
|
+
url: string;
|
|
25
|
+
endpoint?: string;
|
|
26
|
+
method?: string;
|
|
27
|
+
inputField?: string;
|
|
28
|
+
outputField?: string;
|
|
29
|
+
headers?: Record<string, string>;
|
|
30
|
+
payloadCategories?: InjectionPayload["category"][];
|
|
31
|
+
judgeConfig?: JudgeConfig;
|
|
32
|
+
timeoutMs?: number;
|
|
33
|
+
browser?: boolean;
|
|
34
|
+
headed?: boolean;
|
|
35
|
+
formSelector?: string;
|
|
36
|
+
}
|
|
37
|
+
export interface InjectionFinding {
|
|
38
|
+
payloadId: string;
|
|
39
|
+
category: InjectionPayload["category"];
|
|
40
|
+
severity: InjectionPayload["severity"];
|
|
41
|
+
description: string;
|
|
42
|
+
payload: string;
|
|
43
|
+
response: string;
|
|
44
|
+
vulnerabilityDetected: boolean;
|
|
45
|
+
judgeScore: number;
|
|
46
|
+
judgeReason: string;
|
|
47
|
+
}
|
|
48
|
+
export interface InjectionScanResult extends ScanResult {
|
|
49
|
+
findings: InjectionFinding[];
|
|
50
|
+
vulnerableCount: number;
|
|
51
|
+
payloadsTested: number;
|
|
52
|
+
}
|
|
53
|
+
export declare function scanInjection(options: InjectionScanOptions): Promise<InjectionScanResult>;
|
|
54
|
+
//# sourceMappingURL=injection.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"injection.d.ts","sourceRoot":"","sources":["../../../src/lib/scanners/injection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAa,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAElE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAI/C,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,YAAY,GAAG,eAAe,GAAG,WAAW,GAAG,YAAY,GAAG,UAAU,CAAC;IACnF,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;CAC1C;AAED,eAAO,MAAM,kBAAkB,EAAE,gBAAgB,EA6BhD,CAAC;AAIF,MAAM,WAAW,oBAAoB;IACnC,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,iBAAiB,CAAC,EAAE,gBAAgB,CAAC,UAAU,CAAC,EAAE,CAAC;IACnD,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,gBAAgB,CAAC,UAAU,CAAC,CAAC;IACvC,QAAQ,EAAE,gBAAgB,CAAC,UAAU,CAAC,CAAC;IACvC,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAoB,SAAQ,UAAU;IACrD,QAAQ,EAAE,gBAAgB,EAAE,CAAC;IAC7B,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;CACxB;AA8ED,wBAAsB,aAAa,CAAC,OAAO,EAAE,oBAAoB,GAAG,OAAO,CAAC,mBAAmB,CAAC,CAmE/F"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* PII scanner for health-scan integration.
|
|
3
|
+
*
|
|
4
|
+
* Hits an API endpoint with a set of test prompts and scans each response
|
|
5
|
+
* for PII using the pii.ts detector. Issues are reported as ScanIssues.
|
|
6
|
+
*/
|
|
7
|
+
import type { ScanResult } from "../../types/index.js";
|
|
8
|
+
export interface PiiScanOptions {
|
|
9
|
+
url: string;
|
|
10
|
+
endpoint?: string;
|
|
11
|
+
method?: string;
|
|
12
|
+
headers?: Record<string, string>;
|
|
13
|
+
inputField?: string;
|
|
14
|
+
seedPii?: string[];
|
|
15
|
+
timeoutMs?: number;
|
|
16
|
+
testPrompts?: string[];
|
|
17
|
+
}
|
|
18
|
+
export declare function scanPiiEndpoint(options: PiiScanOptions): Promise<ScanResult>;
|
|
19
|
+
//# sourceMappingURL=pii-scanner.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pii-scanner.d.ts","sourceRoot":"","sources":["../../../src/lib/scanners/pii-scanner.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAa,MAAM,sBAAsB,CAAC;AAGlE,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAuDD,wBAAsB,eAAe,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,UAAU,CAAC,CAgClF"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* PII and data leak detector for AI responses.
|
|
3
|
+
*
|
|
4
|
+
* Scans text for sensitive information patterns (email, phone, SSN, credit card,
|
|
5
|
+
* API keys, private IP addresses) and custom seed patterns.
|
|
6
|
+
*
|
|
7
|
+
* Use it to detect when AI endpoints accidentally leak PII from context/training data.
|
|
8
|
+
*/
|
|
9
|
+
export interface PiiDetection {
|
|
10
|
+
type: "email" | "phone" | "ssn" | "credit_card" | "api_key" | "ip_private" | "custom";
|
|
11
|
+
value: string;
|
|
12
|
+
position: number;
|
|
13
|
+
severity: "critical" | "high" | "medium";
|
|
14
|
+
context: string;
|
|
15
|
+
}
|
|
16
|
+
export declare function scanForPii(text: string, seedPii?: string[]): PiiDetection[];
|
|
17
|
+
//# sourceMappingURL=pii.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pii.d.ts","sourceRoot":"","sources":["../../../src/lib/scanners/pii.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,OAAO,GAAG,OAAO,GAAG,KAAK,GAAG,aAAa,GAAG,SAAS,GAAG,YAAY,GAAG,QAAQ,CAAC;IACtF,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,OAAO,EAAE,MAAM,CAAC;CACjB;AAoFD,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,YAAY,EAAE,CA+D3E"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
export type SessionFormat = "rrweb" | "har" | "testers";
|
|
2
|
+
export interface SessionEvent {
|
|
3
|
+
type: "navigate" | "click" | "input" | "scroll" | "network";
|
|
4
|
+
timestamp: number;
|
|
5
|
+
url?: string;
|
|
6
|
+
selector?: string;
|
|
7
|
+
value?: string;
|
|
8
|
+
networkUrl?: string;
|
|
9
|
+
networkMethod?: string;
|
|
10
|
+
}
|
|
11
|
+
export interface ConvertedScenario {
|
|
12
|
+
name: string;
|
|
13
|
+
description: string;
|
|
14
|
+
steps: string[];
|
|
15
|
+
tags: string[];
|
|
16
|
+
targetPath?: string;
|
|
17
|
+
}
|
|
18
|
+
export declare function parseRrwebSession(events: unknown[]): SessionEvent[];
|
|
19
|
+
export declare function parseHarSession(har: unknown): SessionEvent[];
|
|
20
|
+
export declare function convertSessionToScenario(events: SessionEvent[], options?: {
|
|
21
|
+
name?: string;
|
|
22
|
+
model?: string;
|
|
23
|
+
}): Promise<ConvertedScenario>;
|
|
24
|
+
export declare function convertSessionFile(filePath: string, format: SessionFormat, options?: {
|
|
25
|
+
name?: string;
|
|
26
|
+
model?: string;
|
|
27
|
+
}): Promise<ConvertedScenario>;
|
|
28
|
+
export declare function detectSessionFormat(filePath: string): SessionFormat;
|
|
29
|
+
//# sourceMappingURL=session-converter.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session-converter.d.ts","sourceRoot":"","sources":["../../src/lib/session-converter.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,KAAK,GAAG,SAAS,CAAC;AAExD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,UAAU,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,CAAC;IAC5D,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAsBD,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,EAAE,CAqDnE;AAkBD,wBAAgB,eAAe,CAAC,GAAG,EAAE,OAAO,GAAG,YAAY,EAAE,CAqD5D;AAsDD,wBAAsB,wBAAwB,CAC5C,MAAM,EAAE,YAAY,EAAE,EACtB,OAAO,CAAC,EAAE;IACR,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GACA,OAAO,CAAC,iBAAiB,CAAC,CA0D5B;AAED,wBAAsB,kBAAkB,CACtC,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,aAAa,EACrB,OAAO,CAAC,EAAE;IACR,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,GACA,OAAO,CAAC,iBAAiB,CAAC,CAoC5B;AAED,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,CAiBnE"}
|
package/dist/lib/webhooks.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type { Run } from "../types/index.js";
|
|
1
|
+
import type { Run, ApiCheck, ApiCheckResult } from "../types/index.js";
|
|
2
2
|
export interface Webhook {
|
|
3
3
|
id: string;
|
|
4
4
|
url: string;
|
|
@@ -37,5 +37,24 @@ export declare function dispatchWebhooks(event: string, run: Run, schedule?: {
|
|
|
37
37
|
name: string;
|
|
38
38
|
cronExpression: string;
|
|
39
39
|
}): Promise<void>;
|
|
40
|
+
export interface ApiCheckWebhookPayload {
|
|
41
|
+
event: "api_check_failed";
|
|
42
|
+
check: {
|
|
43
|
+
id: string;
|
|
44
|
+
name: string;
|
|
45
|
+
method: string;
|
|
46
|
+
url: string;
|
|
47
|
+
};
|
|
48
|
+
result: {
|
|
49
|
+
id: string;
|
|
50
|
+
status: string;
|
|
51
|
+
statusCode: number | null;
|
|
52
|
+
responseTimeMs: number | null;
|
|
53
|
+
assertionsFailed: string[];
|
|
54
|
+
error: string | null;
|
|
55
|
+
};
|
|
56
|
+
timestamp: string;
|
|
57
|
+
}
|
|
58
|
+
export declare function dispatchApiCheckWebhooks(check: ApiCheck, result: ApiCheckResult): Promise<void>;
|
|
40
59
|
export declare function testWebhook(id: string): Promise<boolean>;
|
|
41
60
|
//# sourceMappingURL=webhooks.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webhooks.d.ts","sourceRoot":"","sources":["../../src/lib/webhooks.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"webhooks.d.ts","sourceRoot":"","sources":["../../src/lib/webhooks.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAcvE,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,EAAE,OAAO,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAgBD,wBAAgB,aAAa,CAAC,KAAK,EAAE;IACnC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,GAAG,OAAO,CAYV;AAED,wBAAgB,UAAU,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,GAAG,IAAI,CAUrD;AAED,wBAAgB,YAAY,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,EAAE,CAW1D;AAED,wBAAgB,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAMjD;AAID,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE;QACH,EAAE,EAAE,MAAM,CAAC;QACX,GAAG,EAAE,MAAM,CAAC;QACZ,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;QACf,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;IACF,QAAQ,CAAC,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AAwCD,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,GAAG,EACR,QAAQ,CAAC,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,cAAc,EAAE,MAAM,CAAA;CAAE,GAClD,OAAO,CAAC,IAAI,CAAC,CAgDf;AAED,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,kBAAkB,CAAC;IAC1B,KAAK,EAAE;QACL,EAAE,EAAE,MAAM,CAAC;QACX,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,MAAM,EAAE;QACN,EAAE,EAAE,MAAM,CAAC;QACX,MAAM,EAAE,MAAM,CAAC;QACf,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;QAC1B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;QAC9B,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;KACtB,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,wBAAwB,CAC5C,KAAK,EAAE,QAAQ,EACf,MAAM,EAAE,cAAc,GACrB,OAAO,CAAC,IAAI,CAAC,CAmCf;AAED,wBAAsB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAwB9D"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/mcp/index.ts"],"names":[],"mappings":""}
|