@jshookmcp/jshook 0.2.3 → 0.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (583) hide show
  1. package/README.md +14 -5
  2. package/README.zh.md +18 -3
  3. package/dist/packages/extension-sdk/src/bridges/shared.js +2 -2
  4. package/dist/packages/extension-sdk/src/plugin.d.ts +5 -0
  5. package/dist/packages/extension-sdk/src/plugin.js +119 -33
  6. package/dist/packages/extension-sdk/src/workflow.d.ts +171 -0
  7. package/dist/packages/extension-sdk/src/workflow.js +272 -0
  8. package/dist/src/config/search-defaults.js +161 -0
  9. package/dist/src/constants.d.ts +3 -0
  10. package/dist/src/constants.js +4 -1
  11. package/dist/src/index.d.ts +1 -1
  12. package/dist/src/index.js +13 -17
  13. package/dist/src/modules/analyzer/CodeAnalyzer.d.ts +1 -3
  14. package/dist/src/modules/analyzer/CodeAnalyzer.js +16 -28
  15. package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.d.ts +1 -2
  16. package/dist/src/modules/analyzer/CodeAnalyzerDataFlow.js +1 -45
  17. package/dist/src/modules/analyzer/IntelligentAnalyzer.d.ts +1 -37
  18. package/dist/src/modules/analyzer/IntelligentAnalyzer.js +9 -142
  19. package/dist/src/modules/analyzer/PatternDetector.js +3 -3
  20. package/dist/src/modules/analyzer/PatternDetectorAuthPatterns.js +1 -1
  21. package/dist/src/modules/browser/BrowserDiscovery.js +2 -2
  22. package/dist/src/modules/browser/BrowserModeManager.js +11 -10
  23. package/dist/src/modules/browser/BrowserPool.d.ts +49 -0
  24. package/dist/src/modules/browser/BrowserPool.js +288 -0
  25. package/dist/src/modules/browser/TabRegistry.js +2 -2
  26. package/dist/src/modules/browser/UnifiedBrowserManager.d.ts +1 -0
  27. package/dist/src/modules/browser/UnifiedBrowserManager.js +18 -3
  28. package/dist/src/modules/captcha/AICaptchaDetector.d.ts +1 -10
  29. package/dist/src/modules/captcha/AICaptchaDetector.js +7 -201
  30. package/dist/src/modules/collector/CodeCollector.js +4 -5
  31. package/dist/src/modules/collector/DOMInspector.js +48 -58
  32. package/dist/src/modules/collector/PageController.d.ts +17 -4
  33. package/dist/src/modules/collector/PageController.js +2 -5
  34. package/dist/src/modules/collector/PageScriptCollectors.js +3 -3
  35. package/dist/src/modules/crypto/CryptoDetector.d.ts +1 -4
  36. package/dist/src/modules/crypto/CryptoDetector.js +2 -42
  37. package/dist/src/modules/crypto/CryptoRules.js +1 -1
  38. package/dist/src/modules/debugger/BlackboxManager.js +1 -1
  39. package/dist/src/modules/debugger/DebuggerManager.impl.core.scope.js +1 -1
  40. package/dist/src/modules/debugger/ScriptManager.impl.extract-function-tree.js +4 -2
  41. package/dist/src/modules/debugger/WatchExpressionManager.js +1 -1
  42. package/dist/src/modules/deobfuscator/AdvancedDeobfuscator.d.ts +5 -0
  43. package/dist/src/modules/deobfuscator/AdvancedDeobfuscator.js +43 -2
  44. package/dist/src/modules/deobfuscator/Deobfuscator.d.ts +1 -4
  45. package/dist/src/modules/deobfuscator/Deobfuscator.js +9 -39
  46. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.d.ts +0 -3
  47. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.js +2 -8
  48. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.d.ts +1 -2
  49. package/dist/src/modules/deobfuscator/JSVMPDeobfuscator.restore.js +3 -55
  50. package/dist/src/modules/deobfuscator/JScramblerDeobfuscator.js +3 -4
  51. package/dist/src/modules/deobfuscator/VMDeobfuscator.d.ts +2 -10
  52. package/dist/src/modules/deobfuscator/VMDeobfuscator.js +3 -128
  53. package/dist/src/modules/deobfuscator/webcrack.js +15 -2
  54. package/dist/src/modules/emulator/AIEnvironmentAnalyzer.d.ts +5 -8
  55. package/dist/src/modules/emulator/AIEnvironmentAnalyzer.js +10 -102
  56. package/dist/src/modules/emulator/EnvironmentEmulator.d.ts +1 -5
  57. package/dist/src/modules/emulator/EnvironmentEmulator.js +7 -91
  58. package/dist/src/modules/emulator/EnvironmentEmulatorFetch.js +58 -61
  59. package/dist/src/modules/emulator/templates/chrome-env.d.ts +17 -7
  60. package/dist/src/modules/emulator/templates/chrome-env.js +14 -7
  61. package/dist/src/modules/external/ExternalToolRunner.js +25 -22
  62. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.compose.js +5 -5
  63. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.network.js +311 -311
  64. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.runtime.js +410 -410
  65. package/dist/src/modules/hook/HookGeneratorBuilders.core.generators.storage.js +122 -122
  66. package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.d.ts +13 -0
  67. package/dist/src/modules/monitor/ConsoleMonitor.impl.core.class.js +42 -0
  68. package/dist/src/modules/monitor/ConsoleMonitor.impl.core.dynamic.js +194 -194
  69. package/dist/src/modules/monitor/FetchInterceptor.d.ts +46 -0
  70. package/dist/src/modules/monitor/FetchInterceptor.js +191 -0
  71. package/dist/src/modules/monitor/PerformanceMonitor.js +8 -7
  72. package/dist/src/modules/monitor/PlaywrightNetworkMonitor.js +62 -62
  73. package/dist/src/modules/process/BaseMemoryManager.d.ts +1 -1
  74. package/dist/src/modules/process/LinuxProcessManager.js +2 -0
  75. package/dist/src/modules/process/MacProcessManager.js +25 -25
  76. package/dist/src/modules/process/MemoryManager.d.ts +1 -1
  77. package/dist/src/modules/process/MemoryManager.js +2 -2
  78. package/dist/src/modules/process/memory/AuditTrail.js +1 -1
  79. package/dist/src/modules/process/memory/availability.js +49 -49
  80. package/dist/src/modules/process/memory/injector.js +185 -185
  81. package/dist/src/modules/process/memory/reader.js +85 -53
  82. package/dist/src/modules/process/memory/regions.dump.js +51 -51
  83. package/dist/src/modules/process/memory/regions.enumerate.js +108 -108
  84. package/dist/src/modules/process/memory/regions.modules.js +80 -80
  85. package/dist/src/modules/process/memory/regions.protection.js +148 -115
  86. package/dist/src/modules/process/memory/scanner.d.ts +5 -1
  87. package/dist/src/modules/process/memory/scanner.darwin.js +98 -41
  88. package/dist/src/modules/process/memory/scanner.js +88 -4
  89. package/dist/src/modules/process/memory/scanner.windows.js +124 -124
  90. package/dist/src/modules/process/memory/writer.js +98 -58
  91. package/dist/src/modules/security/ExecutionSandbox.js +51 -52
  92. package/dist/src/modules/stealth/FingerprintManager.js +1 -1
  93. package/dist/src/modules/stealth/StealthScripts.d.ts +1 -0
  94. package/dist/src/modules/stealth/StealthScripts.js +18 -13
  95. package/dist/src/modules/stealth/StealthVerifier.js +1 -3
  96. package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.d.ts +14 -0
  97. package/dist/src/modules/symbolic/JSVMPSymbolicExecutor.js +181 -2
  98. package/dist/src/modules/trace/TraceDB.js +75 -69
  99. package/dist/src/modules/trace/TraceRecorder.js +1 -5
  100. package/dist/src/native/AntiCheatDetector.js +67 -16
  101. package/dist/src/native/CodeInjector.js +3 -3
  102. package/dist/src/native/HardwareBreakpoint.js +24 -15
  103. package/dist/src/native/HeapAnalyzer.js +2 -2
  104. package/dist/src/native/MemoryController.js +1 -1
  105. package/dist/src/native/MemoryScanSession.js +2 -2
  106. package/dist/src/native/MemoryScanner.js +4 -8
  107. package/dist/src/native/NativeMemoryManager.impl.js +2 -2
  108. package/dist/src/native/PEAnalyzer.js +14 -15
  109. package/dist/src/native/PointerChainEngine.js +2 -4
  110. package/dist/src/native/ScriptLoader.js +4 -9
  111. package/dist/src/native/Speedhack.js +1 -1
  112. package/dist/src/native/StructureAnalyzer.js +52 -33
  113. package/dist/src/native/Win32API.d.ts +1 -0
  114. package/dist/src/native/Win32API.js +13 -0
  115. package/dist/src/native/Win32Debug.js +19 -19
  116. package/dist/src/native/platform/darwin/DarwinAPI.d.ts +2 -0
  117. package/dist/src/native/platform/darwin/DarwinAPI.js +8 -0
  118. package/dist/src/native/platform/darwin/DarwinMemoryProvider.js +6 -1
  119. package/dist/src/server/MCPServer.context.d.ts +3 -1
  120. package/dist/src/server/MCPServer.d.ts +2 -1
  121. package/dist/src/server/MCPServer.domain.d.ts +1 -1
  122. package/dist/src/server/MCPServer.domain.js +81 -16
  123. package/dist/src/server/MCPServer.js +41 -14
  124. package/dist/src/server/MCPServer.resources.d.ts +2 -0
  125. package/dist/src/server/MCPServer.resources.js +91 -0
  126. package/dist/src/server/MCPServer.search.handlers.call.js +2 -1
  127. package/dist/src/server/MCPServer.search.helpers.js +1 -1
  128. package/dist/src/server/MCPServer.transport.js +12 -0
  129. package/dist/src/server/ToolCallContextGuard.js +8 -0
  130. package/dist/src/server/ToolRouter.d.ts +25 -9
  131. package/dist/src/server/ToolRouter.intent.d.ts +26 -0
  132. package/dist/src/server/ToolRouter.intent.js +77 -0
  133. package/dist/src/server/ToolRouter.js +103 -284
  134. package/dist/src/server/ToolRouter.policy.d.ts +22 -0
  135. package/dist/src/server/ToolRouter.policy.js +163 -0
  136. package/dist/src/server/ToolRouter.probe.d.ts +17 -0
  137. package/dist/src/server/ToolRouter.probe.js +103 -0
  138. package/dist/src/server/ToolRouter.renderer.d.ts +9 -0
  139. package/dist/src/server/ToolRouter.renderer.js +52 -0
  140. package/dist/src/server/activation/ActivationController.js +15 -12
  141. package/dist/src/server/activation/CompoundConditionEngine.js +1 -1
  142. package/dist/src/server/activation/PredictiveBooster.js +1 -3
  143. package/dist/src/server/domains/analysis/definitions.js +155 -655
  144. package/dist/src/server/domains/analysis/handlers.impl.js +26 -20
  145. package/dist/src/server/domains/analysis/handlers.web-tools.js +2 -1
  146. package/dist/src/server/domains/analysis/manifest.js +6 -4
  147. package/dist/src/server/domains/antidebug/definitions.js +25 -111
  148. package/dist/src/server/domains/browser/definitions.tools.advanced.js +59 -88
  149. package/dist/src/server/domains/browser/definitions.tools.behavior.js +120 -227
  150. package/dist/src/server/domains/browser/definitions.tools.page-core.js +210 -439
  151. package/dist/src/server/domains/browser/definitions.tools.page-system.js +108 -250
  152. package/dist/src/server/domains/browser/definitions.tools.runtime.js +98 -211
  153. package/dist/src/server/domains/browser/definitions.tools.security.js +194 -339
  154. package/dist/src/server/domains/browser/handlers/camoufox-browser.js +3 -2
  155. package/dist/src/server/domains/browser/handlers/captcha-solver.js +3 -3
  156. package/dist/src/server/domains/browser/handlers/dom-query.js +2 -1
  157. package/dist/src/server/domains/browser/handlers/framework-state.js +27 -9
  158. package/dist/src/server/domains/browser/handlers/indexeddb-dump.js +21 -20
  159. package/dist/src/server/domains/browser/handlers/script-management.js +1 -1
  160. package/dist/src/server/domains/browser/handlers/stealth-injection.d.ts +1 -0
  161. package/dist/src/server/domains/browser/handlers/stealth-injection.js +3 -0
  162. package/dist/src/server/domains/browser/handlers.impl.d.ts +1 -2
  163. package/dist/src/server/domains/browser/handlers.impl.js +2 -3
  164. package/dist/src/server/domains/browser/manifest.js +37 -13
  165. package/dist/src/server/domains/coordination/definitions.js +50 -216
  166. package/dist/src/server/domains/coordination/index.d.ts +2 -1
  167. package/dist/src/server/domains/coordination/index.js +1 -0
  168. package/dist/src/server/domains/debugger/definitions.tools.advanced.js +72 -189
  169. package/dist/src/server/domains/debugger/definitions.tools.core.js +114 -288
  170. package/dist/src/server/domains/debugger/manifest.js +9 -2
  171. package/dist/src/server/domains/encoding/definitions.js +43 -153
  172. package/dist/src/server/domains/encoding/handlers.base.js +2 -2
  173. package/dist/src/server/domains/evidence/definitions.d.ts +2 -0
  174. package/dist/src/server/domains/evidence/definitions.js +42 -0
  175. package/dist/src/server/domains/evidence/handlers.d.ts +582 -0
  176. package/dist/src/server/domains/evidence/handlers.js +60 -0
  177. package/dist/src/server/domains/evidence/index.d.ts +2 -0
  178. package/dist/src/server/domains/evidence/index.js +2 -0
  179. package/dist/src/server/domains/evidence/manifest.d.ts +63 -0
  180. package/dist/src/server/domains/evidence/manifest.js +78 -0
  181. package/dist/src/server/domains/graphql/definitions.js +53 -141
  182. package/dist/src/server/domains/graphql/handlers.impl.core.runtime.replay.js +92 -114
  183. package/dist/src/server/domains/graphql/handlers.impl.core.runtime.shared.js +77 -77
  184. package/dist/src/server/domains/hooks/ai-handlers.d.ts +0 -7
  185. package/dist/src/server/domains/hooks/ai-handlers.js +1 -67
  186. package/dist/src/server/domains/hooks/definitions.js +69 -335
  187. package/dist/src/server/domains/hooks/manifest.d.ts +1 -1
  188. package/dist/src/server/domains/hooks/manifest.js +1 -2
  189. package/dist/src/server/domains/instrumentation/definitions.d.ts +2 -0
  190. package/dist/src/server/domains/instrumentation/definitions.js +99 -0
  191. package/dist/src/server/domains/instrumentation/handlers.d.ts +78 -0
  192. package/dist/src/server/domains/instrumentation/handlers.js +206 -0
  193. package/dist/src/server/domains/instrumentation/index.d.ts +2 -0
  194. package/dist/src/server/domains/instrumentation/index.js +2 -0
  195. package/dist/src/server/domains/instrumentation/manifest.d.ts +63 -0
  196. package/dist/src/server/domains/instrumentation/manifest.js +114 -0
  197. package/dist/src/server/domains/macro/definitions.js +16 -43
  198. package/dist/src/server/domains/maintenance/definitions.js +60 -219
  199. package/dist/src/server/domains/maintenance/handlers.extensions.js +78 -20
  200. package/dist/src/server/domains/memory/definitions.js +387 -559
  201. package/dist/src/server/domains/memory/handlers/hooks.d.ts +55 -0
  202. package/dist/src/server/domains/memory/handlers/hooks.js +115 -0
  203. package/dist/src/server/domains/memory/handlers/integrity.d.ts +77 -0
  204. package/dist/src/server/domains/memory/handlers/integrity.js +180 -0
  205. package/dist/src/server/domains/memory/handlers/pointer-chain.d.ts +29 -0
  206. package/dist/src/server/domains/memory/handlers/pointer-chain.js +82 -0
  207. package/dist/src/server/domains/memory/handlers/readwrite.d.ts +41 -0
  208. package/dist/src/server/domains/memory/handlers/readwrite.js +78 -0
  209. package/dist/src/server/domains/memory/handlers/scan.d.ts +35 -0
  210. package/dist/src/server/domains/memory/handlers/scan.js +97 -0
  211. package/dist/src/server/domains/memory/handlers/session.d.ts +23 -0
  212. package/dist/src/server/domains/memory/handlers/session.js +49 -0
  213. package/dist/src/server/domains/memory/handlers/structure.d.ts +29 -0
  214. package/dist/src/server/domains/memory/handlers/structure.js +74 -0
  215. package/dist/src/server/domains/memory/handlers.impl.d.ts +49 -54
  216. package/dist/src/server/domains/memory/handlers.impl.js +63 -494
  217. package/dist/src/server/domains/memory/manifest.js +236 -64
  218. package/dist/src/server/domains/native-bridge/definitions.js +54 -192
  219. package/dist/src/server/domains/native-bridge/index.d.ts +1 -0
  220. package/dist/src/server/domains/native-bridge/index.js +2 -1
  221. package/dist/src/server/domains/network/auth-extractor.js +1 -1
  222. package/dist/src/server/domains/network/definitions.js +175 -578
  223. package/dist/src/server/domains/network/handlers.base.core.d.ts +64 -0
  224. package/dist/src/server/domains/network/handlers.base.core.js +623 -0
  225. package/dist/src/server/domains/network/handlers.base.d.ts +2 -124
  226. package/dist/src/server/domains/network/handlers.base.js +3 -878
  227. package/dist/src/server/domains/network/handlers.base.performance.d.ts +63 -0
  228. package/dist/src/server/domains/network/handlers.base.performance.js +193 -0
  229. package/dist/src/server/domains/network/handlers.base.types.d.ts +42 -0
  230. package/dist/src/server/domains/network/handlers.base.types.js +89 -0
  231. package/dist/src/server/domains/network/handlers.impl.core.runtime.d.ts +1 -1
  232. package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.d.ts +21 -0
  233. package/dist/src/server/domains/network/handlers.impl.core.runtime.intercept.js +186 -0
  234. package/dist/src/server/domains/network/handlers.impl.core.runtime.js +1 -1
  235. package/dist/src/server/domains/network/manifest.js +15 -0
  236. package/dist/src/server/domains/network/replay.js +1 -4
  237. package/dist/src/server/domains/platform/definitions.js +121 -112
  238. package/dist/src/server/domains/platform/handlers/bridge-handlers.d.ts +4 -0
  239. package/dist/src/server/domains/platform/handlers/bridge-handlers.js +193 -4
  240. package/dist/src/server/domains/platform/handlers/electron-asar-helpers.js +26 -6
  241. package/dist/src/server/domains/platform/handlers/electron-dual-cdp.d.ts +3 -0
  242. package/dist/src/server/domains/platform/handlers/electron-dual-cdp.js +170 -0
  243. package/dist/src/server/domains/platform/handlers/electron-fuse-handler.d.ts +3 -0
  244. package/dist/src/server/domains/platform/handlers/electron-fuse-handler.js +193 -0
  245. package/dist/src/server/domains/platform/handlers/electron-handlers.d.ts +6 -0
  246. package/dist/src/server/domains/platform/handlers/electron-handlers.js +95 -2
  247. package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.d.ts +2 -0
  248. package/dist/src/server/domains/platform/handlers/electron-ipc-sniffer.js +370 -0
  249. package/dist/src/server/domains/platform/handlers/electron-userdata-handler.d.ts +2 -0
  250. package/dist/src/server/domains/platform/handlers/electron-userdata-handler.js +78 -0
  251. package/dist/src/server/domains/platform/handlers/miniapp-handlers.js +3 -3
  252. package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.d.ts +2 -0
  253. package/dist/src/server/domains/platform/handlers/v8-bytecode-handler.js +207 -0
  254. package/dist/src/server/domains/platform/handlers.d.ts +48 -0
  255. package/dist/src/server/domains/platform/handlers.js +29 -0
  256. package/dist/src/server/domains/platform/manifest.js +38 -0
  257. package/dist/src/server/domains/process/definitions.js +163 -647
  258. package/dist/src/server/domains/process/handlers.base.d.ts +3 -95
  259. package/dist/src/server/domains/process/handlers.base.js +7 -462
  260. package/dist/src/server/domains/process/handlers.base.process.d.ts +61 -0
  261. package/dist/src/server/domains/process/handlers.base.process.js +417 -0
  262. package/dist/src/server/domains/process/handlers.base.types.d.ts +57 -0
  263. package/dist/src/server/domains/process/handlers.base.types.js +50 -0
  264. package/dist/src/server/domains/process/handlers.impl.core.runtime.inject.js +18 -16
  265. package/dist/src/server/domains/process/manifest.js +6 -1
  266. package/dist/src/server/domains/sandbox/definitions.js +11 -33
  267. package/dist/src/server/domains/sandbox/handlers.js +8 -3
  268. package/dist/src/server/domains/shared/ResponseBuilder.d.ts +209 -0
  269. package/dist/src/server/domains/shared/ResponseBuilder.js +48 -0
  270. package/dist/src/server/domains/shared/modules.d.ts +0 -2
  271. package/dist/src/server/domains/shared/modules.js +0 -1
  272. package/dist/src/server/domains/shared-state-board/definitions.d.ts +2 -0
  273. package/dist/src/server/domains/shared-state-board/definitions.js +78 -0
  274. package/dist/src/server/domains/shared-state-board/handlers.impl.d.ts +58 -0
  275. package/dist/src/server/domains/shared-state-board/handlers.impl.js +419 -0
  276. package/dist/src/server/domains/shared-state-board/index.d.ts +2 -0
  277. package/dist/src/server/domains/shared-state-board/index.js +2 -0
  278. package/dist/src/server/domains/shared-state-board/manifest.d.ts +57 -0
  279. package/dist/src/server/domains/shared-state-board/manifest.js +74 -0
  280. package/dist/src/server/domains/sourcemap/definitions.js +27 -111
  281. package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-common.js +7 -2
  282. package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-main.js +1 -1
  283. package/dist/src/server/domains/sourcemap/handlers.impl.sourcemap-parse-base.js +1 -1
  284. package/dist/src/server/domains/sourcemap/manifest.d.ts +1 -1
  285. package/dist/src/server/domains/sourcemap/manifest.js +1 -1
  286. package/dist/src/server/domains/streaming/definitions.js +36 -148
  287. package/dist/src/server/domains/streaming/handlers.impl.streaming-sse.js +163 -164
  288. package/dist/src/server/domains/streaming/handlers.impl.streaming-ws.js +1 -1
  289. package/dist/src/server/domains/trace/TraceSummarizer.js +8 -5
  290. package/dist/src/server/domains/trace/definitions.tools.js +51 -206
  291. package/dist/src/server/domains/trace/handlers.js +10 -12
  292. package/dist/src/server/domains/trace/index.d.ts +2 -1
  293. package/dist/src/server/domains/trace/index.js +2 -1
  294. package/dist/src/server/domains/trace/manifest.js +15 -3
  295. package/dist/src/server/domains/transform/definitions.js +50 -210
  296. package/dist/src/server/domains/transform/handlers.impl.transform-base.js +108 -108
  297. package/dist/src/server/domains/transform/handlers.impl.transform-crypto.js +18 -19
  298. package/dist/src/server/domains/transform/manifest.d.ts +1 -1
  299. package/dist/src/server/domains/transform/manifest.js +1 -1
  300. package/dist/src/server/domains/wasm/definitions.js +55 -232
  301. package/dist/src/server/domains/wasm/handlers.js +1 -1
  302. package/dist/src/server/domains/workflow/definitions.js +144 -414
  303. package/dist/src/server/domains/workflow/handlers.impl.workflow-account-bundle.js +1 -1
  304. package/dist/src/server/domains/workflow/handlers.impl.workflow-api.js +51 -51
  305. package/dist/src/server/domains/workflow/handlers.impl.workflow-base.d.ts +2 -0
  306. package/dist/src/server/domains/workflow/handlers.impl.workflow-base.js +126 -87
  307. package/dist/src/server/domains/workflow/handlers.impl.workflow-batch.js +5 -5
  308. package/dist/src/server/evidence/ReverseEvidenceGraph.d.ts +20 -0
  309. package/dist/src/server/evidence/ReverseEvidenceGraph.js +208 -0
  310. package/dist/src/server/evidence/index.d.ts +2 -0
  311. package/dist/src/server/evidence/index.js +1 -0
  312. package/dist/src/server/evidence/types.d.ts +22 -0
  313. package/dist/src/server/evidence/types.js +1 -0
  314. package/dist/src/server/extensions/ExtensionManager.d.ts +1 -0
  315. package/dist/src/server/extensions/ExtensionManager.discovery.js +72 -9
  316. package/dist/src/server/extensions/ExtensionManager.integrity.js +1 -1
  317. package/dist/src/server/extensions/ExtensionManager.js +193 -40
  318. package/dist/src/server/extensions/ExtensionManager.roots.d.ts +1 -1
  319. package/dist/src/server/extensions/ExtensionManager.roots.js +4 -4
  320. package/dist/src/server/extensions/plugin-config.js +1 -1
  321. package/dist/src/server/extensions/plugin-env.d.ts +1 -1
  322. package/dist/src/server/extensions/plugin-env.js +10 -4
  323. package/dist/src/server/extensions/types.d.ts +17 -0
  324. package/dist/src/server/extensions/types.js +1 -1
  325. package/dist/src/server/http/SseStream.d.ts +21 -0
  326. package/dist/src/server/http/SseStream.js +129 -0
  327. package/dist/src/server/instrumentation/EvidenceGraphBridge.d.ts +13 -0
  328. package/dist/src/server/instrumentation/EvidenceGraphBridge.js +150 -0
  329. package/dist/src/server/instrumentation/InstrumentationSession.d.ts +60 -0
  330. package/dist/src/server/instrumentation/InstrumentationSession.js +269 -0
  331. package/dist/src/server/instrumentation/index.d.ts +2 -0
  332. package/dist/src/server/instrumentation/index.js +2 -0
  333. package/dist/src/server/instrumentation/types.d.ts +62 -0
  334. package/dist/src/server/instrumentation/types.js +7 -0
  335. package/dist/src/server/macros/MacroConfigLoader.d.ts +6 -5
  336. package/dist/src/server/macros/MacroConfigLoader.js +61 -59
  337. package/dist/src/server/macros/MacroRunner.js +6 -2
  338. package/dist/src/server/macros/builtins/index.d.ts +2 -3
  339. package/dist/src/server/macros/builtins/index.js +51 -7
  340. package/dist/src/server/plugins/PluginContract.d.ts +1 -1
  341. package/dist/src/server/registry/contracts.d.ts +1 -1
  342. package/dist/src/server/registry/discovery.js +5 -4
  343. package/dist/src/server/registry/ensure-browser-core.js +0 -3
  344. package/dist/src/server/registry/index.js +4 -4
  345. package/dist/src/server/registry/tool-builder.d.ts +46 -0
  346. package/dist/src/server/registry/tool-builder.js +105 -0
  347. package/dist/src/server/sandbox/QuickJSSandbox.js +16 -5
  348. package/dist/src/server/sandbox/SandboxHelpers.js +250 -250
  349. package/dist/src/server/search/EmbeddingWorker.js +5 -3
  350. package/dist/src/server/search/FeedbackTracker.d.ts +9 -0
  351. package/dist/src/server/search/FeedbackTracker.js +26 -0
  352. package/dist/src/server/search/QueryNormalizer.d.ts +6 -0
  353. package/dist/src/server/search/QueryNormalizer.js +94 -0
  354. package/dist/src/server/search/ToolSearchEngineImpl.d.ts +2 -3
  355. package/dist/src/server/search/ToolSearchEngineImpl.js +38 -88
  356. package/dist/src/server/teams/TeamManager.d.ts +43 -0
  357. package/dist/src/server/teams/TeamManager.js +238 -0
  358. package/dist/src/server/teams/index.d.ts +1 -0
  359. package/dist/src/server/teams/index.js +1 -0
  360. package/dist/src/server/workflows/WorkflowContract.d.ts +44 -4
  361. package/dist/src/server/workflows/WorkflowContract.js +52 -0
  362. package/dist/src/server/workflows/WorkflowEngine.d.ts +1 -0
  363. package/dist/src/server/workflows/WorkflowEngine.js +314 -4
  364. package/dist/src/types/config.d.ts +0 -14
  365. package/dist/src/types/deobfuscator.d.ts +1 -1
  366. package/dist/src/types/index.d.ts +1 -1
  367. package/dist/src/utils/DetailedDataManager.js +2 -0
  368. package/dist/src/utils/RingBuffer.js +5 -5
  369. package/dist/src/utils/TokenBudgetManager.js +1 -1
  370. package/dist/src/utils/UnifiedCacheManager.js +1 -1
  371. package/dist/src/utils/artifactRetention.js +2 -2
  372. package/dist/src/utils/betterSqlite3.d.ts +11 -0
  373. package/dist/src/utils/betterSqlite3.js +88 -0
  374. package/dist/src/utils/browserExecutable.js +2 -2
  375. package/dist/src/utils/cache/CachedDecorator.d.ts +8 -0
  376. package/dist/src/utils/cache/CachedDecorator.js +55 -0
  377. package/dist/src/utils/cache/PersistentCache.d.ts +33 -0
  378. package/dist/src/utils/cache/PersistentCache.js +246 -0
  379. package/dist/src/utils/cache/index.d.ts +2 -0
  380. package/dist/src/utils/cache/index.js +2 -0
  381. package/dist/src/utils/cliFastPath.js +5 -8
  382. package/dist/src/utils/config.js +4 -26
  383. package/dist/src/utils/environmentDoctor.js +138 -11
  384. package/dist/src/utils/outputPaths.js +16 -9
  385. package/dist/src/utils/parallel.js +1 -3
  386. package/package.json +82 -81
  387. package/scripts/postinstall.cjs +54 -27
  388. package/workflows/.gitkeep +0 -0
  389. package/workflows/anti-bot-diagnoser/.jshook-install.json +14 -0
  390. package/workflows/anti-bot-diagnoser/LICENSE +21 -0
  391. package/workflows/anti-bot-diagnoser/README.md +105 -0
  392. package/workflows/anti-bot-diagnoser/docs/agent-recipes.md +44 -0
  393. package/workflows/anti-bot-diagnoser/meta.yaml +6 -0
  394. package/workflows/anti-bot-diagnoser/package.json +22 -0
  395. package/workflows/anti-bot-diagnoser/tsconfig.json +15 -0
  396. package/workflows/anti-bot-diagnoser/workflow.ts +224 -0
  397. package/workflows/api-openapi-probe/.jshook-install.json +14 -0
  398. package/workflows/api-openapi-probe/meta.yaml +6 -0
  399. package/workflows/api-openapi-probe/package.json +22 -0
  400. package/workflows/api-openapi-probe/pnpm-lock.yaml +819 -0
  401. package/workflows/api-openapi-probe/tsconfig.json +15 -0
  402. package/workflows/api-openapi-probe/workflow.ts +40 -0
  403. package/workflows/api-probe-batch/.jshook-install.json +14 -0
  404. package/workflows/api-probe-batch/LICENSE +21 -0
  405. package/workflows/api-probe-batch/README.md +45 -0
  406. package/workflows/api-probe-batch/meta.yaml +4 -0
  407. package/workflows/api-probe-batch/package.json +23 -0
  408. package/workflows/api-probe-batch/tsconfig.json +16 -0
  409. package/workflows/api-probe-batch/workflow.ts +111 -0
  410. package/workflows/auth-bootstrap/.jshook-install.json +14 -0
  411. package/workflows/auth-bootstrap/LICENSE +21 -0
  412. package/workflows/auth-bootstrap/README.md +74 -0
  413. package/workflows/auth-bootstrap/meta.yaml +4 -0
  414. package/workflows/auth-bootstrap/package.json +23 -0
  415. package/workflows/auth-bootstrap/tsconfig.json +16 -0
  416. package/workflows/auth-bootstrap/workflow.ts +141 -0
  417. package/workflows/auth-extract/.jshook-install.json +14 -0
  418. package/workflows/auth-extract/meta.yaml +6 -0
  419. package/workflows/auth-extract/package.json +22 -0
  420. package/workflows/auth-extract/pnpm-lock.yaml +819 -0
  421. package/workflows/auth-extract/tsconfig.json +15 -0
  422. package/workflows/auth-extract/workflow.ts +36 -0
  423. package/workflows/auth-surface-mapper/.jshook-install.json +14 -0
  424. package/workflows/auth-surface-mapper/meta.yaml +6 -0
  425. package/workflows/auth-surface-mapper/package.json +22 -0
  426. package/workflows/auth-surface-mapper/pnpm-lock.yaml +819 -0
  427. package/workflows/auth-surface-mapper/tsconfig.json +15 -0
  428. package/workflows/auth-surface-mapper/workflow.ts +104 -0
  429. package/workflows/batch-register/.jshook-install.json +14 -0
  430. package/workflows/batch-register/LICENSE +21 -0
  431. package/workflows/batch-register/README.md +39 -0
  432. package/workflows/batch-register/meta.yaml +4 -0
  433. package/workflows/batch-register/package.json +23 -0
  434. package/workflows/batch-register/tsconfig.json +16 -0
  435. package/workflows/batch-register/workflow.ts +67 -0
  436. package/workflows/bundle-recovery/.jshook-install.json +14 -0
  437. package/workflows/bundle-recovery/LICENSE +21 -0
  438. package/workflows/bundle-recovery/README.md +105 -0
  439. package/workflows/bundle-recovery/docs/agent-recipes.md +44 -0
  440. package/workflows/bundle-recovery/meta.yaml +6 -0
  441. package/workflows/bundle-recovery/package.json +22 -0
  442. package/workflows/bundle-recovery/tsconfig.json +15 -0
  443. package/workflows/bundle-recovery/workflow.ts +179 -0
  444. package/workflows/challenge-detector/.jshook-install.json +14 -0
  445. package/workflows/challenge-detector/meta.yaml +14 -0
  446. package/workflows/challenge-detector/package.json +22 -0
  447. package/workflows/challenge-detector/pnpm-lock.yaml +819 -0
  448. package/workflows/challenge-detector/tsconfig.json +15 -0
  449. package/workflows/challenge-detector/workflow.ts +298 -0
  450. package/workflows/deobfuscation-pipeline/.jshook-install.json +14 -0
  451. package/workflows/deobfuscation-pipeline/meta.yaml +6 -0
  452. package/workflows/deobfuscation-pipeline/package.json +22 -0
  453. package/workflows/deobfuscation-pipeline/pnpm-lock.yaml +819 -0
  454. package/workflows/deobfuscation-pipeline/tsconfig.json +15 -0
  455. package/workflows/deobfuscation-pipeline/workflow.ts +119 -0
  456. package/workflows/electron-bridge-mapper/.jshook-install.json +14 -0
  457. package/workflows/electron-bridge-mapper/meta.yaml +6 -0
  458. package/workflows/electron-bridge-mapper/package.json +22 -0
  459. package/workflows/electron-bridge-mapper/pnpm-lock.yaml +819 -0
  460. package/workflows/electron-bridge-mapper/tsconfig.json +15 -0
  461. package/workflows/electron-bridge-mapper/workflow.ts +125 -0
  462. package/workflows/evidence-pack/.jshook-install.json +14 -0
  463. package/workflows/evidence-pack/LICENSE +21 -0
  464. package/workflows/evidence-pack/README.md +105 -0
  465. package/workflows/evidence-pack/docs/agent-recipes.md +44 -0
  466. package/workflows/evidence-pack/meta.yaml +6 -0
  467. package/workflows/evidence-pack/package.json +22 -0
  468. package/workflows/evidence-pack/tsconfig.json +15 -0
  469. package/workflows/evidence-pack/workflow.ts +154 -0
  470. package/workflows/js-bundle-search/.jshook-install.json +14 -0
  471. package/workflows/js-bundle-search/LICENSE +21 -0
  472. package/workflows/js-bundle-search/README.md +46 -0
  473. package/workflows/js-bundle-search/meta.yaml +4 -0
  474. package/workflows/js-bundle-search/package.json +23 -0
  475. package/workflows/js-bundle-search/tsconfig.json +16 -0
  476. package/workflows/js-bundle-search/workflow.ts +118 -0
  477. package/workflows/protocol-registry/.jshook-install.json +14 -0
  478. package/workflows/protocol-registry/meta.yaml +6 -0
  479. package/workflows/protocol-registry/package.json +22 -0
  480. package/workflows/protocol-registry/pnpm-lock.yaml +819 -0
  481. package/workflows/protocol-registry/tsconfig.json +15 -0
  482. package/workflows/protocol-registry/workflow.ts +107 -0
  483. package/workflows/qwen-mail-open-latest/meta.yaml +7 -0
  484. package/workflows/qwen-mail-open-latest/package.json +22 -0
  485. package/workflows/qwen-mail-open-latest/pnpm-lock.yaml +819 -0
  486. package/workflows/qwen-mail-open-latest/tsconfig.json +15 -0
  487. package/workflows/qwen-mail-open-latest/workflow.ts +77 -0
  488. package/workflows/register-account-flow/.jshook-install.json +14 -0
  489. package/workflows/register-account-flow/LICENSE +21 -0
  490. package/workflows/register-account-flow/README.md +64 -0
  491. package/workflows/register-account-flow/meta.yaml +4 -0
  492. package/workflows/register-account-flow/package.json +23 -0
  493. package/workflows/register-account-flow/tsconfig.json +16 -0
  494. package/workflows/register-account-flow/workflow.ts +127 -0
  495. package/workflows/replay-lab/.jshook-install.json +14 -0
  496. package/workflows/replay-lab/meta.yaml +6 -0
  497. package/workflows/replay-lab/package.json +22 -0
  498. package/workflows/replay-lab/pnpm-lock.yaml +819 -0
  499. package/workflows/replay-lab/tsconfig.json +15 -0
  500. package/workflows/replay-lab/workflow.ts +106 -0
  501. package/workflows/script-evidence-scan/.jshook-install.json +14 -0
  502. package/workflows/script-evidence-scan/LICENSE +21 -0
  503. package/workflows/script-evidence-scan/README.md +61 -0
  504. package/workflows/script-evidence-scan/meta.yaml +4 -0
  505. package/workflows/script-evidence-scan/package.json +23 -0
  506. package/workflows/script-evidence-scan/tsconfig.json +16 -0
  507. package/workflows/script-evidence-scan/workflow.ts +89 -0
  508. package/workflows/signature-hunter/.jshook-install.json +14 -0
  509. package/workflows/signature-hunter/LICENSE +21 -0
  510. package/workflows/signature-hunter/README.md +105 -0
  511. package/workflows/signature-hunter/docs/agent-recipes.md +44 -0
  512. package/workflows/signature-hunter/meta.yaml +6 -0
  513. package/workflows/signature-hunter/package.json +22 -0
  514. package/workflows/signature-hunter/tsconfig.json +15 -0
  515. package/workflows/signature-hunter/workflow.ts +170 -0
  516. package/workflows/signing-lineage/.jshook-install.json +14 -0
  517. package/workflows/signing-lineage/meta.yaml +6 -0
  518. package/workflows/signing-lineage/package.json +22 -0
  519. package/workflows/signing-lineage/pnpm-lock.yaml +819 -0
  520. package/workflows/signing-lineage/tsconfig.json +15 -0
  521. package/workflows/signing-lineage/workflow.ts +120 -0
  522. package/workflows/temp-mail-extract-link/.jshook-install.json +14 -0
  523. package/workflows/temp-mail-extract-link/LICENSE +21 -0
  524. package/workflows/temp-mail-extract-link/README.md +71 -0
  525. package/workflows/temp-mail-extract-link/meta.yaml +4 -0
  526. package/workflows/temp-mail-extract-link/package.json +23 -0
  527. package/workflows/temp-mail-extract-link/tsconfig.json +16 -0
  528. package/workflows/temp-mail-extract-link/workflow.ts +221 -0
  529. package/workflows/temp-mail-open-latest/.jshook-install.json +14 -0
  530. package/workflows/temp-mail-open-latest/LICENSE +21 -0
  531. package/workflows/temp-mail-open-latest/README.md +61 -0
  532. package/workflows/temp-mail-open-latest/meta.yaml +4 -0
  533. package/workflows/temp-mail-open-latest/package.json +23 -0
  534. package/workflows/temp-mail-open-latest/tsconfig.json +16 -0
  535. package/workflows/temp-mail-open-latest/workflow.ts +136 -0
  536. package/workflows/template/.jshook-install.json +14 -0
  537. package/workflows/template/LICENSE +21 -0
  538. package/workflows/template/README.md +45 -0
  539. package/workflows/template/docs/SKILL.md +111 -0
  540. package/workflows/template/meta.yaml +6 -0
  541. package/workflows/template/package.json +22 -0
  542. package/workflows/template/pnpm-lock.yaml +819 -0
  543. package/workflows/template/tsconfig.json +15 -0
  544. package/workflows/template/workflow.ts +73 -0
  545. package/workflows/web-api-capture-session/.jshook-install.json +14 -0
  546. package/workflows/web-api-capture-session/LICENSE +21 -0
  547. package/workflows/web-api-capture-session/README.md +64 -0
  548. package/workflows/web-api-capture-session/meta.yaml +4 -0
  549. package/workflows/web-api-capture-session/package.json +23 -0
  550. package/workflows/web-api-capture-session/tsconfig.json +16 -0
  551. package/workflows/web-api-capture-session/workflow.ts +124 -0
  552. package/workflows/ws-protocol-lifter/.jshook-install.json +14 -0
  553. package/workflows/ws-protocol-lifter/LICENSE +21 -0
  554. package/workflows/ws-protocol-lifter/README.md +105 -0
  555. package/workflows/ws-protocol-lifter/docs/agent-recipes.md +44 -0
  556. package/workflows/ws-protocol-lifter/meta.yaml +6 -0
  557. package/workflows/ws-protocol-lifter/package.json +22 -0
  558. package/workflows/ws-protocol-lifter/tsconfig.json +15 -0
  559. package/workflows/ws-protocol-lifter/workflow.ts +163 -0
  560. package/dist/src/modules/analyzer/AISummarizer.d.ts +0 -39
  561. package/dist/src/modules/analyzer/AISummarizer.js +0 -122
  562. package/dist/src/modules/hook/AIHookGenerator.d.ts +0 -52
  563. package/dist/src/modules/hook/AIHookGenerator.js +0 -360
  564. package/dist/src/modules/hook/AIHookGeneratorTemplates.d.ts +0 -9
  565. package/dist/src/modules/hook/AIHookGeneratorTemplates.js +0 -157
  566. package/dist/src/server/macros/builtins/deobfuscate-ast-flow.d.ts +0 -2
  567. package/dist/src/server/macros/builtins/deobfuscate-ast-flow.js +0 -25
  568. package/dist/src/server/macros/builtins/unpacker-flow.d.ts +0 -2
  569. package/dist/src/server/macros/builtins/unpacker-flow.js +0 -25
  570. package/dist/src/services/LLMService.d.ts +0 -37
  571. package/dist/src/services/LLMService.js +0 -233
  572. package/dist/src/services/prompts/analysis.d.ts +0 -9
  573. package/dist/src/services/prompts/analysis.js +0 -158
  574. package/dist/src/services/prompts/crypto.d.ts +0 -2
  575. package/dist/src/services/prompts/crypto.js +0 -108
  576. package/dist/src/services/prompts/deobfuscation.d.ts +0 -6
  577. package/dist/src/services/prompts/deobfuscation.js +0 -300
  578. package/dist/src/services/prompts/environment.d.ts +0 -16
  579. package/dist/src/services/prompts/environment.js +0 -372
  580. package/dist/src/services/prompts/intelligence.d.ts +0 -4
  581. package/dist/src/services/prompts/intelligence.js +0 -250
  582. package/dist/src/services/prompts/taint.d.ts +0 -2
  583. package/dist/src/services/prompts/taint.js +0 -54
package/dist/src/services/LLMService.js DELETED
@@ -1,233 +0,0 @@
1
- import OpenAI from 'openai';
2
- import Anthropic from '@anthropic-ai/sdk';
3
- import { readFile } from 'fs/promises';
4
- import { logger } from '../utils/logger.js';
5
- export class LLMService {
6
- config;
7
- openai;
8
- anthropic;
9
- hasLoggedVisionModelWarning = false;
10
- retryOptions = {
11
- maxRetries: 3,
12
- initialDelay: 1000,
13
- maxDelay: 10000,
14
- backoffMultiplier: 2,
15
- };
16
- constructor(config, retryOptions) {
17
- this.config = config;
18
- if (retryOptions) {
19
- this.retryOptions = { ...this.retryOptions, ...retryOptions };
20
- }
21
- this.initClients();
22
- }
23
- initClients() {
24
- if (this.config.provider === 'openai' && this.config.openai?.apiKey) {
25
- this.openai = new OpenAI({
26
- apiKey: this.config.openai.apiKey,
27
- baseURL: this.config.openai.baseURL,
28
- });
29
- logger.info('OpenAI client initialized');
30
- }
31
- if (this.config.provider === 'anthropic' && this.config.anthropic?.apiKey) {
32
- this.anthropic = new Anthropic({
33
- apiKey: this.config.anthropic.apiKey,
34
- ...(this.config.anthropic.baseURL ? { baseURL: this.config.anthropic.baseURL } : {}),
35
- });
36
- logger.info('Anthropic client initialized');
37
- }
38
- }
39
- async chat(messages, options) {
40
- return this.withRetry(async () => {
41
- const startTime = Date.now();
42
- try {
43
- if (this.config.provider === 'openai') {
44
- return await this.chatOpenAI(messages, options);
45
- }
46
- else if (this.config.provider === 'anthropic') {
47
- return await this.chatAnthropic(messages, options);
48
- }
49
- else {
50
- throw new Error(`Unsupported LLM provider: ${this.config.provider}`);
51
- }
52
- }
53
- finally {
54
- logger.debug(`LLM call completed in ${Date.now() - startTime}ms`);
55
- }
56
- });
57
- }
58
- async analyzeImage(imageInput, prompt, isFilePath = false) {
59
- return this.withRetry(async () => {
60
- const startTime = Date.now();
61
- try {
62
- let imageBase64;
63
- if (isFilePath) {
64
- logger.info('Reading image file:', imageInput);
65
- const imageBuffer = await readFile(imageInput);
66
- imageBase64 = imageBuffer.toString('base64');
67
- logger.info(`Image file read (${(imageBuffer.length / 1024).toFixed(2)} KB)`);
68
- }
69
- else {
70
- imageBase64 = imageInput;
71
- }
72
- if (this.config.provider === 'openai') {
73
- if (!this.openai) {
74
- throw new Error('OpenAI client not initialized');
75
- }
76
- const model = this.config.openai?.model || 'gpt-4-vision-preview';
77
- const isVisionModel = model.includes('vision') || model.includes('gpt-4o') || model.includes('gpt-4-turbo');
78
- if (!isVisionModel) {
79
- if (!this.hasLoggedVisionModelWarning) {
80
- logger.warn(`Model ${model} does not support vision. Use gpt-4-vision-preview, gpt-4o, or gpt-4-turbo.`);
81
- this.hasLoggedVisionModelWarning = true;
82
- }
83
- throw new Error(`Model ${model} does not support image analysis. ` +
84
- `Please use gpt-4-vision-preview, gpt-4o, or gpt-4-turbo.`);
85
- }
86
- logger.info('Using OpenAI Vision model:', model);
87
- const response = await this.openai.chat.completions.create({
88
- model,
89
- messages: [
90
- {
91
- role: 'user',
92
- content: [
93
- { type: 'text', text: prompt },
94
- {
95
- type: 'image_url',
96
- image_url: { url: `data:image/png;base64,${imageBase64}` },
97
- },
98
- ],
99
- },
100
- ],
101
- max_tokens: 1000,
102
- });
103
- return response.choices[0]?.message?.content || '';
104
- }
105
- else if (this.config.provider === 'anthropic') {
106
- if (!this.anthropic) {
107
- throw new Error('Anthropic client not initialized');
108
- }
109
- const model = this.config.anthropic?.model || 'claude-3-opus-20240229';
110
- logger.info('Using Anthropic Vision model:', model);
111
- const response = await this.anthropic.messages.create({
112
- model,
113
- max_tokens: 1000,
114
- messages: [
115
- {
116
- role: 'user',
117
- content: [
118
- {
119
- type: 'image',
120
- source: {
121
- type: 'base64',
122
- media_type: 'image/png',
123
- data: imageBase64,
124
- },
125
- },
126
- { type: 'text', text: prompt },
127
- ],
128
- },
129
- ],
130
- });
131
- const textContent = response.content.find((c) => c.type === 'text');
132
- return textContent?.text || '';
133
- }
134
- else {
135
- throw new Error(`Unsupported LLM provider for image analysis: ${this.config.provider}`);
136
- }
137
- }
138
- finally {
139
- logger.debug(`Image analysis completed in ${Date.now() - startTime}ms`);
140
- }
141
- });
142
- }
143
- async withRetry(fn) {
144
- let lastError;
145
- let delay = this.retryOptions.initialDelay;
146
- for (let attempt = 0; attempt <= this.retryOptions.maxRetries; attempt++) {
147
- try {
148
- return await fn();
149
- }
150
- catch (error) {
151
- lastError = error instanceof Error ? error : new Error(String(error));
152
- if (!this.shouldRetry(lastError) || attempt === this.retryOptions.maxRetries) {
153
- throw lastError;
154
- }
155
- logger.warn(`LLM call failed (attempt ${attempt + 1}/${this.retryOptions.maxRetries + 1}): ${lastError.message}`);
156
- await new Promise((resolve) => setTimeout(resolve, delay));
157
- delay = Math.min(delay * this.retryOptions.backoffMultiplier, this.retryOptions.maxDelay);
158
- }
159
- }
160
- throw lastError || new Error('Unknown error');
161
- }
162
- shouldRetry(error) {
163
- const message = error.message.toLowerCase();
164
- const retryableErrors = [
165
- 'rate limit',
166
- 'timeout',
167
- 'network',
168
- 'econnreset',
169
- 'enotfound',
170
- 'etimedout',
171
- '429',
172
- '500',
173
- '502',
174
- '503',
175
- '504',
176
- ];
177
- return retryableErrors.some((pattern) => message.includes(pattern));
178
- }
179
- async chatOpenAI(messages, options) {
180
- if (!this.openai) {
181
- throw new Error('OpenAI client not initialized');
182
- }
183
- const response = await this.openai.chat.completions.create({
184
- model: this.config.openai?.model || 'gpt-4-turbo-preview',
185
- messages: messages.map((msg) => ({ role: msg.role, content: msg.content })),
186
- temperature: options?.temperature ?? 0.7,
187
- max_tokens: options?.maxTokens ?? 4000,
188
- });
189
- const choice = response.choices[0];
190
- if (!choice?.message?.content) {
191
- throw new Error('No response from OpenAI');
192
- }
193
- return {
194
- content: choice.message.content,
195
- usage: response.usage
196
- ? {
197
- promptTokens: response.usage.prompt_tokens,
198
- completionTokens: response.usage.completion_tokens,
199
- totalTokens: response.usage.total_tokens,
200
- }
201
- : undefined,
202
- };
203
- }
204
- async chatAnthropic(messages, options) {
205
- if (!this.anthropic) {
206
- throw new Error('Anthropic client not initialized');
207
- }
208
- const systemMessage = messages.find((msg) => msg.role === 'system');
209
- const userMessages = messages.filter((msg) => msg.role !== 'system');
210
- const response = await this.anthropic.messages.create({
211
- model: this.config.anthropic?.model || 'claude-3-5-sonnet-20241022',
212
- max_tokens: options?.maxTokens ?? 4000,
213
- temperature: options?.temperature ?? 0.7,
214
- system: systemMessage?.content,
215
- messages: userMessages.map((msg) => ({
216
- role: msg.role === 'assistant' ? 'assistant' : 'user',
217
- content: msg.content,
218
- })),
219
- });
220
- const content = response.content[0];
221
- if (content?.type !== 'text') {
222
- throw new Error('Unexpected response type from Anthropic');
223
- }
224
- return {
225
- content: content.text,
226
- usage: {
227
- promptTokens: response.usage.input_tokens,
228
- completionTokens: response.usage.output_tokens,
229
- totalTokens: response.usage.input_tokens + response.usage.output_tokens,
230
- },
231
- };
232
- }
233
- }
package/dist/src/services/prompts/analysis.d.ts DELETED
@@ -1,9 +0,0 @@
1
- import type { LLMMessage } from '../LLMService.js';
2
- export declare function generateCodeAnalysisPrompt(code: string, focus: string): LLMMessage[];
3
- export declare function generateProjectSummaryMessages(files: Array<{
4
- url: string;
5
- size: number;
6
- type: string;
7
- content: string;
8
- }>): LLMMessage[];
9
- export declare function generateFileSummaryMessages(url: string, code: string): LLMMessage[];
package/dist/src/services/prompts/analysis.js DELETED
@@ -1,158 +0,0 @@
1
- export function generateCodeAnalysisPrompt(code, focus) {
2
- const systemPrompt = `# Role
3
- You are an expert JavaScript/TypeScript analyst and security analyst with 10+ years of experience in:
4
- - Static code analysis and AST manipulation
5
- - Security vulnerability detection (OWASP Top 10)
6
- - Framework and library identification (React, Vue, Angular, etc.)
7
- - Code obfuscation and deobfuscation techniques
8
- - Software architecture and design patterns
9
-
10
- # Task
11
- Perform deep static analysis on the provided JavaScript code to extract:
12
- 1. Technical stack (frameworks, bundlers, libraries)
13
- 2. Code structure (functions, classes, modules)
14
- 3. Business logic and data flow
15
- 4. Security vulnerabilities and risks
16
- 5. Code quality metrics
17
-
18
- # Output Requirements
19
- - Return ONLY valid JSON (no markdown, no explanations outside JSON)
20
- - Follow the exact schema provided in the user message
21
- - Use confidence scores (0.0-1.0) for uncertain detections
22
- - Provide specific line numbers for security risks when possible
23
- - Be precise and avoid hallucination
24
-
25
- # Analysis Methodology
26
- 1. First, identify the code's purpose and main functionality
27
- 2. Then, detect frameworks and libraries by analyzing imports and API usage
28
- 3. Next, map out the code structure and call graph
29
- 4. Finally, perform security analysis using OWASP guidelines`;
30
- const userPrompt = `# Analysis Focus
31
- Primary focus: ${focus}
32
-
33
- # Code to Analyze
34
- \`\`\`javascript
35
- ${code.length > 5000 ? code.substring(0, 5000) + '\n\n// ... (code truncated for analysis)' : code}
36
- \`\`\`
37
-
38
- # Required Output Schema
39
- Return a JSON object with this EXACT structure (all fields are required):
40
-
41
- \`\`\`json
42
- {
43
- "techStack": {
44
- "framework": "string | null",
45
- "bundler": "string | null",
46
- "libraries": ["array of library names with versions if detectable"],
47
- "confidence": 0.95
48
- },
49
- "structure": {
50
- "functions": [
51
- {
52
- "name": "function name",
53
- "type": "arrow | declaration | expression | async",
54
- "purpose": "brief description",
55
- "complexity": "low | medium | high",
56
- "lineNumber": 42
57
- }
58
- ],
59
- "classes": [
60
- {
61
- "name": "class name",
62
- "purpose": "brief description",
63
- "methods": ["method1", "method2"],
64
- "lineNumber": 100
65
- }
66
- ],
67
- "imports": ["list of imported modules"],
68
- "exports": ["list of exported symbols"]
69
- },
70
- "businessLogic": {
71
- "mainFeatures": ["feature 1", "feature 2"],
72
- "dataFlow": "description of how data flows through the code",
73
- "apiEndpoints": ["list of API endpoints if any"],
74
- "stateManagement": "Redux | Vuex | Context API | none | unknown"
75
- },
76
- "securityRisks": [
77
- {
78
- "type": "XSS | SQL Injection | CSRF | etc.",
79
- "severity": "critical | high | medium | low",
80
- "description": "detailed description",
81
- "location": "line 123 or function name",
82
- "cwe": "CWE-79",
83
- "recommendation": "how to fix it"
84
- }
85
- ],
86
- "qualityScore": 85,
87
- "qualityMetrics": {
88
- "maintainability": 80,
89
- "readability": 75,
90
- "testability": 70,
91
- "performance": 90
92
- },
93
- "summary": "2-3 sentence summary of the code's purpose and quality"
94
- }
95
- \`\`\`
96
-
97
- Return ONLY the JSON output (no additional text).`;
98
- return [
99
- { role: 'system', content: systemPrompt },
100
- { role: 'user', content: userPrompt },
101
- ];
102
- }
103
- export function generateProjectSummaryMessages(files) {
104
- const fileInfos = files.map((f) => ({
105
- url: f.url,
106
- size: f.size,
107
- type: f.type,
108
- preview: f.content.substring(0, 200),
109
- }));
110
- const userPrompt = `Analyze this JavaScript project based on the following files:
111
-
112
- ${JSON.stringify(fileInfos, null, 2)}
113
-
114
- Provide a high-level summary including:
115
- 1. Main purpose of the project
116
- 2. Architecture pattern (MVC, SPA, etc.)
117
- 3. Key technologies used
118
- 4. Security concerns
119
- 5. Recommendations for further analysis
120
-
121
- Format your response as JSON.`;
122
- return [
123
- { role: 'system', content: 'You are an expert software architect and security analyst.' },
124
- { role: 'user', content: userPrompt },
125
- ];
126
- }
127
- export function generateFileSummaryMessages(url, code) {
128
- const userPrompt = `Analyze this JavaScript file and provide a structured summary:
129
-
130
- **File**: ${url}
131
-
132
- **Code**:
133
- \`\`\`javascript
134
- ${code}
135
- \`\`\`
136
-
137
- Provide analysis in JSON format with the following structure:
138
- {
139
- "summary": "Brief description of what this code does",
140
- "purpose": "Main purpose of this file",
141
- "keyFunctions": ["function1", "function2"],
142
- "dependencies": ["dependency1", "dependency2"],
143
- "hasEncryption": true/false,
144
- "encryptionMethods": ["AES", "RSA"] (if applicable),
145
- "hasAPI": true/false,
146
- "apiEndpoints": ["/api/endpoint1"] (if applicable),
147
- "hasObfuscation": true/false,
148
- "obfuscationType": "type" (if applicable),
149
- "securityIssues": ["issue1", "issue2"],
150
- "suspiciousPatterns": ["pattern1"],
151
- "complexity": "low/medium/high",
152
- "recommendations": ["recommendation1"]
153
- }`;
154
- return [
155
- { role: 'system', content: 'You are an expert software architect and security analyst.' },
156
- { role: 'user', content: userPrompt },
157
- ];
158
- }
package/dist/src/services/prompts/crypto.d.ts DELETED
@@ -1,2 +0,0 @@
1
- import type { LLMMessage } from '../LLMService.js';
2
- export declare function generateCryptoDetectionPrompt(code: string): LLMMessage[];
package/dist/src/services/prompts/crypto.js DELETED
@@ -1,108 +0,0 @@
1
- export function generateCryptoDetectionPrompt(code) {
2
- const systemPrompt = `# Role
3
- You are a cryptography and security expert specializing in:
4
- - Cryptographic algorithm identification (AES, RSA, DES, 3DES, Blowfish, etc.)
5
- - JavaScript crypto library analysis (CryptoJS, JSEncrypt, Web Crypto API, crypto-js, forge, etc.)
6
- - Security assessment based on NIST and OWASP standards
7
- - Cryptographic parameter extraction (keys, IVs, modes, padding)
8
- - Vulnerability detection in crypto implementations
9
-
10
- # Task
11
- Analyze the provided JavaScript code to:
12
- 1. Identify ALL cryptographic algorithms and their variants
13
- 2. Detect crypto libraries and their versions
14
- 3. Extract cryptographic parameters (keys, IVs, salts, modes, padding)
15
- 4. Assess security strength and identify vulnerabilities
16
- 5. Provide actionable security recommendations
17
-
18
- # Analysis Standards
19
- - Use NIST SP 800-175B for algorithm strength assessment
20
- - Follow OWASP Cryptographic Storage Cheat Sheet
21
- - Identify deprecated/weak algorithms (MD5, SHA-1, DES, RC4)
22
- - Check for hardcoded keys and weak key generation`;
23
- const userPrompt = `# Code to Analyze
24
- \`\`\`javascript
25
- ${code.length > 4000 ? code.substring(0, 4000) + '\n\n// ... (code truncated)' : code}
26
- \`\`\`
27
-
28
- # Required Output Schema
29
- Return ONLY valid JSON:
30
-
31
- \`\`\`json
32
- {
33
- "algorithms": [
34
- {
35
- "name": "string (e.g., 'AES-256-CBC', 'RSA-2048', 'SHA-256')",
36
- "type": "symmetric | asymmetric | hash | encoding | kdf | mac",
37
- "variant": "string",
38
- "confidence": 0.95,
39
- "location": {
40
- "line": 42,
41
- "function": "encryptData",
42
- "codeSnippet": "CryptoJS.AES.encrypt(...)"
43
- },
44
- "parameters": {
45
- "keySize": "128 | 192 | 256 | null",
46
- "key": "hardcoded | derived | imported | unknown",
47
- "keyValue": "actual key if hardcoded (first 20 chars) or null",
48
- "iv": "present | absent | hardcoded | random",
49
- "mode": "CBC | GCM | ECB | CTR | null",
50
- "padding": "PKCS7 | NoPadding | null"
51
- },
52
- "usage": "encryption | decryption | hashing | signing | verification",
53
- "securityIssues": ["issue 1"]
54
- }
55
- ],
56
- "libraries": [
57
- {
58
- "name": "CryptoJS | crypto-js | JSEncrypt | forge | Web Crypto API",
59
- "version": "4.1.1 | unknown",
60
- "confidence": 0.92
61
- }
62
- ],
63
- "securityAssessment": {
64
- "overallStrength": "strong | medium | weak | critical",
65
- "score": 75,
66
- "weakAlgorithms": [
67
- {
68
- "algorithm": "MD5",
69
- "reason": "Cryptographically broken",
70
- "severity": "critical",
71
- "cwe": "CWE-327"
72
- }
73
- ],
74
- "hardcodedSecrets": [
75
- {
76
- "type": "encryption key",
77
- "location": "line 15",
78
- "value": "first 10 chars...",
79
- "severity": "critical"
80
- }
81
- ],
82
- "vulnerabilities": [
83
- {
84
- "type": "ECB mode usage",
85
- "description": "detailed description",
86
- "impact": "data leakage",
87
- "cvss": 7.5,
88
- "cwe": "CWE-326"
89
- }
90
- ],
91
- "recommendations": [
92
- {
93
- "priority": "critical | high | medium | low",
94
- "issue": "what's wrong",
95
- "solution": "how to fix it"
96
- }
97
- ]
98
- },
99
- "summary": "Brief summary of crypto usage and main security concerns"
100
- }
101
- \`\`\`
102
-
103
- Return ONLY the JSON output.`;
104
- return [
105
- { role: 'system', content: systemPrompt },
106
- { role: 'user', content: userPrompt },
107
- ];
108
- }
package/dist/src/services/prompts/deobfuscation.d.ts DELETED
@@ -1,6 +0,0 @@
1
- import type { LLMMessage } from '../LLMService.js';
2
- export declare function generateCodeCleanupMessages(code: string, techniques: string[]): LLMMessage[];
3
- export declare function generateVMAnalysisMessages(code: string): LLMMessage[];
4
- export declare function generateDeobfuscationPrompt(code: string): LLMMessage[];
5
- export declare function generateVMDeobfuscationMessages(userPrompt: string): LLMMessage[];
6
- export declare function generateControlFlowUnflatteningMessages(codeSnippet: string): LLMMessage[];