@jshookmcp/jshook 0.2.9 → 0.3.1

package/dist/handlers-DlCJN4Td.mjs

@@ -1,757 +0,0 @@
-import { n as asJsonResponse } from "./response-BQVP-xUn.mjs";
-import { a as argString, t as argBool } from "./parse-args-BlRjqlkL.mjs";
-//#region src/server/domains/cross-domain/handlers/skia-correlator.ts
-function normalizeSkiaToken(value) {
-	return value.toLowerCase().replace(/[^a-z0-9]/g, "");
-}
-function computeTokenSimilarity(a, b) {
-	const na = normalizeSkiaToken(a);
-	const nb = normalizeSkiaToken(b);
-	if (na === nb && na.length > 0) return 1;
-	if (na.length === 0 || nb.length === 0) return 0;
-	if (na.includes(nb) || nb.includes(na)) return .8;
-	return 0;
-}
-function findBestJSMatch(label, jsObjects) {
-	let bestScore = 0;
-	let bestMatch;
-	for (const obj of jsObjects) {
-		const nameScore = computeTokenSimilarity(label, obj.name);
-		if (nameScore > bestScore) {
-			bestScore = nameScore;
-			bestMatch = {
-				objectId: obj.objectId,
-				name: obj.name,
-				score: nameScore
-			};
-		}
-		for (const prop of obj.stringProps) {
-			const propScore = computeTokenSimilarity(label, prop);
-			if (propScore > bestScore) {
-				bestScore = propScore;
-				bestMatch = {
-					objectId: obj.objectId,
-					name: obj.name,
-					score: propScore
-				};
-			}
-		}
-	}
-	if (bestMatch && bestScore >= .5) return bestMatch;
-}
-function correlateSkiaToJS(bridge, input) {
-	const graphNodeIds = [];
-	const correlations = [];
-	const unmatchedSkiaNodes = [];
-	const matchedIds = /* @__PURE__ */ new Set();
-	const allSkiaItems = [];
-	for (const layer of input.sceneTree.layers) allSkiaItems.push({
-		id: layer.id,
-		label: layer.label,
-		heapObjectId: layer.heapObjectId
-	});
-	for (const cmd of input.sceneTree.drawCommands) allSkiaItems.push({
-		id: cmd.id,
-		label: cmd.label
-	});
-	const totalSkiaNodes = allSkiaItems.length;
-	for (const item of allSkiaItems) {
-		const canvasNode = bridge.addCanvasNode({
-			nodeId: item.id,
-			label: item.label
-		});
-		graphNodeIds.push(canvasNode.id);
-		if (item.heapObjectId) {
-			const jsObj = input.jsObjects.find((o) => o.objectId === item.heapObjectId);
-			if (jsObj) {
-				const heapNode = bridge.addV8Object({
-					address: item.heapObjectId,
-					name: jsObj.name
-				});
-				graphNodeIds.push(heapNode.id);
-				bridge.getGraph().addEdge(heapNode.id, canvasNode.id, "canvas-rendered-by", {
-					domain: "cross-domain",
-					matchScore: 1
-				});
-				correlations.push({
-					skiaNodeId: item.id,
-					matchedObjectId: jsObj.objectId,
-					matchedObjectName: jsObj.name,
-					matchScore: 1
-				});
-				matchedIds.add(item.id);
-				continue;
-			}
-		}
-		const match = findBestJSMatch(item.label, input.jsObjects);
-		if (match) {
-			const heapNode = bridge.addV8Object({
-				address: match.objectId,
-				name: match.name
-			});
-			graphNodeIds.push(heapNode.id);
-			bridge.getGraph().addEdge(heapNode.id, canvasNode.id, "canvas-rendered-by", {
-				domain: "cross-domain",
-				matchScore: match.score
-			});
-			correlations.push({
-				skiaNodeId: item.id,
-				matchedObjectId: match.objectId,
-				matchedObjectName: match.name,
-				matchScore: match.score
-			});
-			matchedIds.add(item.id);
-		} else unmatchedSkiaNodes.push(item.id);
-	}
-	return {
-		skiaNodes: totalSkiaNodes,
-		correlations,
-		unmatchedSkiaNodes,
-		confidence: totalSkiaNodes === 0 ? 0 : correlations.length / totalSkiaNodes,
-		graphNodeIds
-	};
-}
-//#endregion
-//#region src/server/domains/cross-domain/handlers/mojo-cdp-correlator.ts
-/** Mapping of Mojo interface patterns to CDP event patterns. */
-const INTERFACE_TO_CDP_PATTERNS = [
-	{
-		mojoPattern: /URLLoader/i,
-		cdpPattern: /Network\./i
-	},
-	{
-		mojoPattern: /WebSocket/i,
-		cdpPattern: /Network\.webSocket/i
-	},
-	{
-		mojoPattern: /Fetch/i,
-		cdpPattern: /Fetch\./i
-	}
-];
-const TIMESTAMP_PROXIMITY_MS = 50;
-function correlateMojoToCDP(bridge, mojoMessages, cdpEvents, networkRequests) {
-	const graphNodeIds = [];
-	const matchedPairs = [];
-	const matchedMojoIds = /* @__PURE__ */ new Set();
-	if (mojoMessages.length === 0) return {
-		mojoMessages: 0,
-		matchedPairs: [],
-		unmatchedMojo: [],
-		confidence: 0,
-		graphNodeIds: []
-	};
-	const mojoNodeMap = /* @__PURE__ */ new Map();
-	for (const msg of mojoMessages) {
-		const node = bridge.addMojoMessage({
-			interface: msg.interface,
-			method: msg.method,
-			timestamp: msg.timestamp
-		});
-		mojoNodeMap.set(msg.messageId, node.id);
-		graphNodeIds.push(node.id);
-	}
-	for (const msg of mojoMessages) {
-		if (matchedMojoIds.has(msg.messageId)) continue;
-		for (const pattern of INTERFACE_TO_CDP_PATTERNS) {
-			if (!pattern.mojoPattern.test(msg.interface)) continue;
-			const matchingCdp = cdpEvents.find((evt) => pattern.cdpPattern.test(evt.eventType) && !matchedMojoIds.has(msg.messageId));
-			if (matchingCdp) {
-				matchedPairs.push({
-					mojoMessageId: msg.messageId,
-					matchType: "interface",
-					cdpEventType: matchingCdp.eventType
-				});
-				matchedMojoIds.add(msg.messageId);
-				break;
-			}
-		}
-	}
-	for (const msg of mojoMessages) {
-		if (matchedMojoIds.has(msg.messageId)) continue;
-		if (/URLLoader/i.test(msg.interface)) {
-			const matchingReq = networkRequests.find((req) => Math.abs(req.timestamp - msg.timestamp) <= TIMESTAMP_PROXIMITY_MS);
-			if (matchingReq) {
-				matchedPairs.push({
-					mojoMessageId: msg.messageId,
-					matchType: "urlloader",
-					networkRequestId: matchingReq.requestId,
-					timestampDelta: Math.abs(matchingReq.timestamp - msg.timestamp)
-				});
-				matchedMojoIds.add(msg.messageId);
-			}
-		}
-	}
-	for (const msg of mojoMessages) {
-		if (matchedMojoIds.has(msg.messageId)) continue;
-		let closestDelta = Infinity;
-		let closestCdp;
-		for (const evt of cdpEvents) {
-			const delta = Math.abs(evt.timestamp - msg.timestamp);
-			if (delta <= TIMESTAMP_PROXIMITY_MS && delta < closestDelta) {
-				closestDelta = delta;
-				closestCdp = evt;
-			}
-		}
-		if (closestCdp) {
-			matchedPairs.push({
-				mojoMessageId: msg.messageId,
-				matchType: "timestamp",
-				cdpEventType: closestCdp.eventType,
-				timestampDelta: closestDelta
-			});
-			matchedMojoIds.add(msg.messageId);
-		}
-	}
-	const unmatchedMojo = mojoMessages.filter((msg) => !matchedMojoIds.has(msg.messageId)).map((msg) => msg.messageId);
-	const confidence = mojoMessages.length === 0 ? 0 : matchedMojoIds.size / mojoMessages.length;
-	return {
-		mojoMessages: mojoMessages.length,
-		matchedPairs,
-		unmatchedMojo,
-		confidence,
-		graphNodeIds
-	};
-}
-//#endregion
-//#region src/server/domains/cross-domain/handlers/syscall-js-correlator.ts
-/**
-* Patterns mapping syscall names to JS API patterns for confidence scoring.
-* If the JS function name matches a pattern associated with a syscall, confidence is higher.
-*/
-const SYSCALL_JS_PATTERNS = {
-	NtReadFile: /read|fs[_.]read/i,
-	NtWriteFile: /write|fs[_.]write/i,
-	NtOpenFile: /open|fs[_.]open/i,
-	NtCreateFile: /create|fs[_.]create/i,
-	NtClose: /close|fs[_.]close/i,
-	NtDeviceIoControlFile: /ioctl|device/i,
-	NtQueryInformationFile: /stat|info|query/i,
-	NtSetInformationFile: /set|chmod|chown/i
-};
-function scoreConfidence(syscallName, functionName) {
-	const pattern = SYSCALL_JS_PATTERNS[syscallName];
-	if (pattern && pattern.test(functionName)) return "high";
-	if (/file|fs|read|write|open|close/i.test(functionName)) return "medium";
-	return "low";
-}
-function correlateSyscallToJS(bridge, syscallEvents, jsStacks) {
-	const graphNodeIds = [];
-	const correlations = [];
-	const unmatchedSyscalls = [];
-	if (syscallEvents.length === 0) return {
-		syscalls: 0,
-		correlations: [],
-		unmatchedSyscalls: [],
-		correlationConfidence: 0,
-		graphNodeIds: []
-	};
-	for (const event of syscallEvents) {
-		const syscallNode = bridge.addSyscallEvent({
-			pid: event.pid,
-			tid: event.tid,
-			syscallName: event.syscallName,
-			timestamp: event.timestamp
-		});
-		graphNodeIds.push(syscallNode.id);
-		const matchingStack = jsStacks.find((stack) => stack.threadId === event.tid && stack.timestamp === event.timestamp);
-		if (matchingStack && matchingStack.frames.length > 0) {
-			const topFrame = matchingStack.frames[0];
-			if (topFrame) {
-				const functionName = topFrame.functionName;
-				const confidence = scoreConfidence(event.syscallName, functionName);
-				const funcNode = bridge.addNode("function", functionName, {
-					domain: "v8-inspector",
-					functionName,
-					threadId: event.tid
-				});
-				graphNodeIds.push(funcNode.id);
-				bridge.getGraph().addEdge(funcNode.id, syscallNode.id, "syscall-emitted-by", {
-					domain: "cross-domain",
-					confidence
-				});
-				correlations.push({
-					syscallName: event.syscallName,
-					topJsFunction: functionName,
-					threadId: event.tid,
-					timestamp: event.timestamp,
-					confidence
-				});
-			} else unmatchedSyscalls.push({
-				syscallName: event.syscallName,
-				tid: event.tid
-			});
-		} else unmatchedSyscalls.push({
-			syscallName: event.syscallName,
-			tid: event.tid
-		});
-	}
-	const correlationConfidence = syscallEvents.length === 0 ? 0 : correlations.length / syscallEvents.length;
-	return {
-		syscalls: syscallEvents.length,
-		correlations,
-		unmatchedSyscalls,
-		correlationConfidence,
-		graphNodeIds
-	};
-}
-//#endregion
-//#region src/server/domains/cross-domain/handlers/binary-to-js-pipeline.ts
-/** Patterns that identify functions callable from JS or exported for JS use. */
-const JS_CALLABLE_PATTERNS = [
-	/^native_/i,
-	/^JS_/i,
-	/^Java_/i
-];
-function isJSCallable(func) {
-	if (func.calledFrom && func.calledFrom.length > 0) return true;
-	return JS_CALLABLE_PATTERNS.some((pattern) => pattern.test(func.name));
-}
-function generateFridaHookCode(functions, moduleName) {
-	const lines = [];
-	lines.push("// Binary-to-JS Hook Script");
-	lines.push(`// Module: ${moduleName}`);
-	lines.push(`// Generated at: ${(/* @__PURE__ */ new Date()).toISOString()}`);
-	lines.push("");
-	for (const func of functions) {
-		const resolvedModule = func.moduleName || moduleName;
-		if (func.address) {
-			lines.push(`// Hook: ${func.name} at ${func.address} in ${resolvedModule}`);
-			lines.push(`Interceptor.attach(Module.findBaseAddress('${resolvedModule}').add(${func.address}), {`);
-		} else {
-			lines.push(`// Hook: ${func.name} in ${resolvedModule}`);
-			lines.push(`Interceptor.attach(Module.findExportByName('${resolvedModule}', '${func.name}'), {`);
-		}
-		lines.push(`  onEnter(args) {`);
-		lines.push(`    console.log('[${func.name}] called with args:', args[0], args[1]);`);
-		lines.push(`  },`);
-		lines.push(`  onLeave(retval) {`);
-		lines.push(`    console.log('[${func.name}] returned:', retval);`);
-		lines.push(`  }`);
-		lines.push(`});`);
-		lines.push("");
-	}
-	lines.push(`console.log('Binary-to-JS hook script loaded for ${moduleName}');`);
-	return lines.join("\n");
-}
-function buildBinaryToJSPipeline(bridge, ghidraOutput, forcedFunctions) {
-	const evidenceGraphLinks = [];
-	const injectedFunctions = [];
-	let selectedFunctions;
-	if (forcedFunctions && forcedFunctions.length > 0) {
-		const forcedSet = new Set(forcedFunctions);
-		selectedFunctions = ghidraOutput.functions.filter((f) => forcedSet.has(f.name));
-	} else selectedFunctions = ghidraOutput.functions.filter(isJSCallable);
-	const generatedHookScript = generateFridaHookCode(selectedFunctions, ghidraOutput.moduleName);
-	for (const func of selectedFunctions) {
-		const symbolNode = bridge.addBinarySymbol({
-			moduleName: func.moduleName || ghidraOutput.moduleName,
-			symbolName: func.name,
-			address: func.address ?? "0x0"
-		});
-		const hookNode = bridge.addNode("breakpoint-hook", `frida:${func.name}`, {
-			domain: "binary-instrument",
-			hookType: "frida-interceptor",
-			functionName: func.name,
-			moduleName: func.moduleName || ghidraOutput.moduleName
-		});
-		bridge.getGraph().addEdge(symbolNode.id, hookNode.id, "binary-exports", {
-			domain: "cross-domain",
-			relation: "binary-to-frida-hook"
-		});
-		evidenceGraphLinks.push({
-			binarySymbolNodeId: symbolNode.id,
-			hookScriptNodeId: hookNode.id,
-			functionName: func.name
-		});
-		injectedFunctions.push(func.name);
-	}
-	return {
-		hookCount: selectedFunctions.length,
-		generatedHookScript,
-		injectedFunctions,
-		evidenceGraphLinks
-	};
-}
-//#endregion
-//#region src/server/domains/cross-domain/workflows/missions.ts
-const WORKFLOWS = {
-	WORKFLOW_REVERSE_OBFUSCATED: {
-		id: "reverse-obfuscated-api",
-		displayName: "Reverse Obfuscated API",
-		steps: [
-			{
-				tool: "deobfuscate",
-				args: { targetUrl: "${input.targetUrl}" }
-			},
-			{
-				tool: "js_heap_search",
-				args: { query: "${previous.cryptoKeys}" }
-			},
-			{
-				tool: "network_enable",
-				args: {}
-			},
-			{
-				tool: "tls_cert_pin_bypass",
-				args: { target: "${input.target}" }
-			},
-			{
-				tool: "console_inject_fetch_interceptor",
-				args: { urls: ["${input.apiEndpoint}"] }
-			}
-		]
-	},
-	WORKFLOW_GAME_CANVAS_SKIA: {
-		id: "game-canvas-skia-v8",
-		displayName: "Game Canvas + SKIA + V8 Analysis",
-		steps: [
-			{
-				tool: "canvas_engine_fingerprint",
-				args: { canvasId: "${input.canvasId}" }
-			},
-			{
-				tool: "canvas_scene_dump",
-				args: { canvasId: "${input.canvasId}" }
-			},
-			{
-				tool: "skia_correlate_objects",
-				args: { skiaNodeIds: "${previous.nodeIds}" }
-			},
-			{
-				tool: "performance_take_heap_snapshot",
-				args: {}
-			},
-			{
-				tool: "js_heap_search",
-				args: { query: "${input.searchTerm}" }
-			}
-		]
-	},
-	WORKFLOW_BINARY_NATIVE_HOOK: {
-		id: "binary-native-hook",
-		displayName: "Binary Analysis + Native Hook",
-		steps: [
-			{
-				tool: "ghidra_analyze",
-				args: { binaryPath: "${input.binaryPath}" }
-			},
-			{
-				tool: "generate_hooks",
-				args: { symbols: "${previous.exportedSymbols}" }
-			},
-			{
-				tool: "frida_attach",
-				args: { target: "${input.target}" }
-			},
-			{
-				tool: "frida_run_script",
-				args: { script: "${previous.hookScript}" }
-			}
-		]
-	}
-};
-//#endregion
-//#region src/server/domains/cross-domain/handlers.impl.ts
-function isRecord(value) {
-	return value !== null && typeof value === "object";
-}
-function extractSkiaSceneTree(value) {
-	if (!isRecord(value)) return {
-		layers: [],
-		drawCommands: []
-	};
-	return {
-		layers: Array.isArray(value["layers"]) ? value["layers"] : [],
-		drawCommands: Array.isArray(value["drawCommands"]) ? value["drawCommands"] : []
-	};
-}
-function extractJSObjectArray(value) {
-	if (!Array.isArray(value)) return [];
-	return value.filter(isRecord).map((item) => ({
-		objectId: typeof item["objectId"] === "string" ? item["objectId"] : "",
-		className: typeof item["className"] === "string" ? item["className"] : "",
-		name: typeof item["name"] === "string" ? item["name"] : "",
-		stringProps: Array.isArray(item["stringProps"]) ? item["stringProps"].filter((s) => typeof s === "string") : [],
-		numericProps: isRecord(item["numericProps"]) ? Object.fromEntries(Object.entries(item["numericProps"]).filter((entry) => typeof entry[1] === "number")) : {},
-		colorProps: Array.isArray(item["colorProps"]) ? item["colorProps"].filter((s) => typeof s === "string") : [],
-		urlProps: Array.isArray(item["urlProps"]) ? item["urlProps"].filter((s) => typeof s === "string") : []
-	}));
-}
-function extractMojoMessages(value) {
-	if (!Array.isArray(value)) return [];
-	return value.filter(isRecord).map((item) => ({
-		interface: typeof item["interface"] === "string" ? item["interface"] : "",
-		method: typeof item["method"] === "string" ? item["method"] : "",
-		timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0,
-		messageId: typeof item["messageId"] === "string" ? item["messageId"] : ""
-	}));
-}
-function extractCDPEvents(value) {
-	if (!Array.isArray(value)) return [];
-	return value.filter(isRecord).map((item) => ({
-		eventType: typeof item["eventType"] === "string" ? item["eventType"] : "",
-		timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0,
-		url: typeof item["url"] === "string" ? item["url"] : void 0
-	}));
-}
-function extractNetworkRequests(value) {
-	if (!Array.isArray(value)) return [];
-	return value.filter(isRecord).map((item) => ({
-		requestId: typeof item["requestId"] === "string" ? item["requestId"] : "",
-		url: typeof item["url"] === "string" ? item["url"] : "",
-		timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0
-	}));
-}
-function extractSyscallEvents(value) {
-	if (!Array.isArray(value)) return [];
-	return value.filter(isRecord).map((item) => ({
-		pid: typeof item["pid"] === "number" ? item["pid"] : 0,
-		tid: typeof item["tid"] === "number" ? item["tid"] : 0,
-		syscallName: typeof item["syscallName"] === "string" ? item["syscallName"] : "",
-		timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0
-	}));
-}
-function extractJSStacks(value) {
-	if (!Array.isArray(value)) return [];
-	return value.filter(isRecord).map((item) => {
-		const frames = Array.isArray(item["frames"]) ? item["frames"].filter(isRecord).map((f) => ({ functionName: typeof f["functionName"] === "string" ? f["functionName"] : "" })) : [];
-		return {
-			threadId: typeof item["threadId"] === "number" ? item["threadId"] : 0,
-			timestamp: typeof item["timestamp"] === "number" ? item["timestamp"] : 0,
-			frames
-		};
-	});
-}
-function extractGhidraOutput(value) {
-	if (!isRecord(value)) return null;
-	const moduleName = typeof value["moduleName"] === "string" ? value["moduleName"] : "";
-	if (!moduleName) return null;
-	return {
-		functions: (Array.isArray(value["functions"]) ? value["functions"] : []).filter(isRecord).map((item) => ({
-			name: typeof item["name"] === "string" ? item["name"] : "",
-			moduleName: typeof item["moduleName"] === "string" ? item["moduleName"] : "",
-			address: typeof item["address"] === "string" ? item["address"] : void 0,
-			calledFrom: Array.isArray(item["calledFrom"]) ? item["calledFrom"].filter((c) => typeof c === "string") : void 0
-		})),
-		moduleName
-	};
-}
-const V5_DOMAIN_NAMES = [
-	"analysis",
-	"browser",
-	"network",
-	"canvas",
-	"skia-capture",
-	"v8-inspector",
-	"mojo-ipc",
-	"syscall-hook",
-	"binary-instrument",
-	"boringssl-inspector",
-	"evidence"
-];
-var CrossDomainWorkflowClassifier = class {
-	constructor(ctx, evidenceBridgeReady) {
-		this.ctx = ctx;
-		this.evidenceBridgeReady = evidenceBridgeReady;
-	}
-	getCapabilities() {
-		const availableDomains = this.getAvailableDomains();
-		const missingDomains = V5_DOMAIN_NAMES.filter((d) => !availableDomains.includes(d));
-		const workflows = Object.entries(WORKFLOWS).map(([workflowKey, workflow]) => {
-			const evaluation = this.evaluateWorkflow(workflow);
-			return {
-				workflowKey,
-				id: workflow.id,
-				displayName: workflow.displayName,
-				stepCount: workflow.steps.length,
-				...evaluation
-			};
-		});
-		return {
-			availableDomains,
-			missingDomains,
-			supportedDomains: [...V5_DOMAIN_NAMES],
-			workflows
-		};
-	}
-	suggestWorkflow(goal, preferAvailableOnly) {
-		const normalizedGoal = goal.toLowerCase();
-		const scored = Object.entries(WORKFLOWS).map(([workflowKey, workflow]) => {
-			return {
-				workflowKey,
-				workflow,
-				keywordScore: this.scoreWorkflowGoal(normalizedGoal, workflowKey, workflow),
-				evaluation: this.evaluateWorkflow(workflow)
-			};
-		});
-		const candidates = preferAvailableOnly ? scored.filter((item) => item.evaluation.missingDomains.length === 0) : scored;
-		const rankedPool = candidates.length > 0 ? candidates : scored;
-		rankedPool.sort((a, b) => {
-			if (b.keywordScore !== a.keywordScore) return b.keywordScore - a.keywordScore;
-			return b.evaluation.coverage - a.evaluation.coverage;
-		});
-		const selected = rankedPool[0];
-		if (!selected) throw new Error("No workflow definitions are available for cross-domain suggestion");
-		const reason = this.describeWorkflowReason(normalizedGoal, selected.evaluation);
-		return {
-			workflowKey: selected.workflowKey,
-			id: selected.workflow.id,
-			displayName: selected.workflow.displayName,
-			reason,
-			...selected.evaluation
-		};
-	}
-	getHealth() {
-		const availableDomains = this.getAvailableDomains();
-		return {
-			evidenceBridgeReady: this.evidenceBridgeReady,
-			orchestratorReady: true,
-			availableDomains,
-			missingDomains: V5_DOMAIN_NAMES.filter((d) => !availableDomains.includes(d))
-		};
-	}
-	getAvailableDomains() {
-		const currentEnabledDomains = this.ctx.enabledDomains.size > 0 ? this.ctx.enabledDomains : this.ctx.resolveEnabledDomains(this.ctx.selectedTools);
-		const available = [];
-		for (const d of V5_DOMAIN_NAMES) if (currentEnabledDomains.has(d)) available.push(d);
-		return available;
-	}
-	evaluateWorkflow(workflow) {
-		const requiredSet = /* @__PURE__ */ new Set();
-		for (const step of workflow.steps) for (const d of this.inferDomainsForTool(step.tool)) requiredSet.add(d);
-		const requiredDomains = [...requiredSet];
-		const available = this.getAvailableDomains().filter((d) => requiredSet.has(d));
-		return {
-			requiredDomains,
-			availableDomains: available,
-			missingDomains: requiredDomains.filter((d) => !available.includes(d)),
-			coverage: requiredDomains.length === 0 ? 1 : available.length / requiredDomains.length
-		};
-	}
-	inferDomainsForTool(toolName) {
-		if (toolName.startsWith("deobfuscate") || toolName.startsWith("advanced_deobfuscate")) return ["analysis"];
-		if (toolName.startsWith("js_heap") || toolName.startsWith("performance_take_heap_snapshot")) return ["v8-inspector"];
-		if (toolName.startsWith("network_")) return ["network"];
-		if (toolName.startsWith("console_")) return ["browser"];
-		if (toolName.startsWith("tls_") || toolName.startsWith("net_raw_")) return ["boringssl-inspector"];
-		if (toolName.startsWith("canvas_")) return ["canvas"];
-		if (toolName.startsWith("skia_")) return ["skia-capture"];
-		if (toolName.startsWith("v8_")) return ["v8-inspector"];
-		if (toolName.startsWith("mojo_")) return ["mojo-ipc"];
-		if (toolName.startsWith("syscall_")) return ["syscall-hook"];
-		if (toolName.startsWith("adb_")) return ["adb-bridge"];
-		if (toolName.startsWith("ghidra_") || toolName.startsWith("frida_") || toolName.startsWith("generate_hooks") || toolName.startsWith("unidbg_") || toolName.startsWith("export_hook_script")) return ["binary-instrument"];
-		if (toolName.startsWith("extension_") || toolName.startsWith("webhook_")) return ["extension-registry"];
-		if (toolName.startsWith("cross_domain_")) return ["cross-domain"];
-		if (toolName.startsWith("evidence_")) return ["evidence"];
-		if (toolName.startsWith("boringssl_")) return ["boringssl-inspector"];
-		return [];
-	}
-	scoreWorkflowGoal(normalizedGoal, workflowKey, workflow) {
-		let score = 0;
-		if (workflowKey === "WORKFLOW_REVERSE_OBFUSCATED") {
-			if (normalizedGoal.includes("obfus") || normalizedGoal.includes("api")) score += 3;
-			if (normalizedGoal.includes("tls") || normalizedGoal.includes("pin")) score += 2;
-		}
-		if (workflowKey === "WORKFLOW_GAME_CANVAS_SKIA") {
-			if (normalizedGoal.includes("canvas") || normalizedGoal.includes("game")) score += 3;
-			if (normalizedGoal.includes("skia") || normalizedGoal.includes("scene")) score += 2;
-		}
-		if (workflowKey === "WORKFLOW_BINARY_NATIVE_HOOK") {
-			if (normalizedGoal.includes("binary") || normalizedGoal.includes("native")) score += 3;
-			if (normalizedGoal.includes("hook") || normalizedGoal.includes("frida")) score += 2;
-		}
-		if (score === 0 && workflow.displayName.toLowerCase().includes(normalizedGoal)) score += 1;
-		return score;
-	}
-	describeWorkflowReason(normalizedGoal, evaluation) {
-		if (evaluation.missingDomains.length === 0) return `Matched goal "${normalizedGoal}" and all required domains are enabled.`;
-		return `Matched goal "${normalizedGoal}" with ${Math.round(evaluation.coverage * 100)}% domain coverage. Missing: ${evaluation.missingDomains.join(", ")}.`;
-	}
-};
-var CrossDomainHandlers = class {
-	constructor(evidenceBridge, workflowClassifier) {
-		this.evidenceBridge = evidenceBridge;
-		this.workflowClassifier = workflowClassifier;
-	}
-	async handleCapabilities(_args) {
-		const capabilities = {
-			evidenceGraphAvailable: true,
-			workflowClassifierAvailable: this.workflowClassifier !== void 0
-		};
-		if (this.workflowClassifier) return asJsonResponse({
-			capabilities,
-			...this.workflowClassifier.getCapabilities()
-		});
-		return asJsonResponse({ capabilities });
-	}
-	async handleSuggestWorkflow(args) {
-		const query = argString(args, "query", "") || argString(args, "goal", "");
-		const preferAvailableOnly = argBool(args, "preferAvailableOnly", true);
-		if (this.workflowClassifier && query) return asJsonResponse(this.workflowClassifier.suggestWorkflow(query, preferAvailableOnly));
-		return asJsonResponse({ message: "Cross-domain workflow suggestion requires a classifier and query." });
-	}
-	async handleHealth() {
-		const stats = this.evidenceBridge.getStats();
-		if (this.workflowClassifier) return asJsonResponse({
-			...this.workflowClassifier.getHealth(),
-			evidenceGraph: stats
-		});
-		return asJsonResponse({
-			evidenceBridgeReady: true,
-			orchestratorReady: false,
-			evidenceGraph: stats
-		});
-	}
-	async handleCorrelateAll(args) {
-		const errors = [];
-		const results = {};
-		try {
-			const sceneTree = extractSkiaSceneTree(args["sceneTree"]);
-			const jsObjects = extractJSObjectArray(args["jsObjects"]);
-			results["skia"] = correlateSkiaToJS(this.evidenceBridge, {
-				sceneTree,
-				jsObjects
-			});
-		} catch (e) {
-			errors.push(`SKIA-03: ${e instanceof Error ? e.message : String(e)}`);
-		}
-		try {
-			const mojoMessages = extractMojoMessages(args["mojoMessages"]);
-			const cdpEvents = extractCDPEvents(args["cdpEvents"]);
-			const networkRequests = extractNetworkRequests(args["networkRequests"]);
-			results["mojo"] = correlateMojoToCDP(this.evidenceBridge, mojoMessages, cdpEvents, networkRequests);
-		} catch (e) {
-			errors.push(`MOJO-03: ${e instanceof Error ? e.message : String(e)}`);
-		}
-		try {
-			const syscallEvents = extractSyscallEvents(args["syscallEvents"]);
-			const jsStacks = extractJSStacks(args["jsStacks"]);
-			results["syscall"] = correlateSyscallToJS(this.evidenceBridge, syscallEvents, jsStacks);
-		} catch (e) {
-			errors.push(`SYSCALL-02: ${e instanceof Error ? e.message : String(e)}`);
-		}
-		try {
-			const ghidraOutput = extractGhidraOutput(args["ghidraOutput"]);
-			if (ghidraOutput) results["binary"] = buildBinaryToJSPipeline(this.evidenceBridge, ghidraOutput);
-		} catch (e) {
-			errors.push(`BIN-04: ${e instanceof Error ? e.message : String(e)}`);
-		}
-		const snapshot = this.evidenceBridge.exportGraph();
-		return asJsonResponse({
-			correlationResults: {
-				...results,
-				errors
-			},
-			evidenceGraph: snapshot
-		});
-	}
-	async handleEvidenceExport() {
-		return asJsonResponse(this.evidenceBridge.exportGraph());
-	}
-	async handleEvidenceStats() {
-		return asJsonResponse(this.evidenceBridge.getStats());
-	}
-};
-//#endregion
-export { CrossDomainHandlers, CrossDomainWorkflowClassifier };