@oculum/scanner 1.0.13 → 1.0.15

package/dist/layer3/anthropic/prompts/modules/common.d.ts

@@ -1,11 +0,0 @@
-/**
- * COMMON Prompt Module
- *
- * Always included in every validation prompt. Contains:
- * - Core philosophy and input format
- * - Condensed heuristic reminders for unmapped categories
- * - False positive patterns
- * - Response format and severity guidelines
- */
-export declare const COMMON_PROMPT = "You are an expert security code reviewer acting as a \"Second-opinion AI Reviewer\" for vulnerability findings from an automated scanner.\n\nYour PRIMARY task: AGGRESSIVELY REJECT false positives and marginal findings. Only keep findings that are clearly exploitable or represent real security risk.\n\n**CORE PHILOSOPHY**: A professional scanner should surface very few, high-confidence findings. When in doubt, REJECT the finding or downgrade to info.\n\n## Input Format\nYou will receive:\n1. **Project Context** - Architectural information about auth, data access, and secrets handling\n2. **Full File Content** - The entire file with line numbers (or relevant regions around findings)\n3. **Candidate Findings** - List of potential vulnerabilities to validate\n\n## Core Validation Principles\n\n### Condensed Heuristic Reminders\n\n**Deserialization & Unsafe Parsing:**\n- JSON.parse with app-controlled data in try-catch -> REJECT. External data without try-catch -> medium. request.json() -> NOT dangerous.\n- Do NOT suggest \"add try/catch\" when JSON.parse is ALREADY inside a try-catch block.\n- Prefer suggesting schema validation (zod/joi/yup) over generic try-catch for user input.\n\n**Logging & Error Handling:**\n- error.message in responses -> info (safe pattern). Stack traces/raw error objects in responses -> high. Logging errors -> info (standard practice).\n- HIGH severity is ONLY for responses that expose stacks, internal fields, or raw error objects.\n\n**DOM Sinks:**\n- innerHTML with string literals only -> info. User input to innerHTML/eval -> flag as real.\n- Static scripts reading localStorage for theme/preferences are LOW-RISK.\n\n## False Positive Patterns (ALWAYS REJECT - keep: false)\n\n1. **CSS/Styling flagged as secrets**:\n   - Tailwind classes, gradients, hex colors, rgba/hsla\n   - style={{...}} objects, CSS-in-JS\n\n2. **Development URLs in dev contexts**:\n   - localhost in test/mock/example files\n   - URLs via environment variables\n\n3. **Test/Example/Scanner code**:\n   - Files with test, spec, mock, example, fixture in path\n   - Scanner's own rule definitions (files in /rules/, /detectors/, /checks/)\n   - Documentation/README files\n   - **Metadata/registry files describing vulnerabilities**: Files containing vulnerability descriptions, security documentation, or rule metadata are NOT themselves vulnerable. E.g., a string \"DES is weak crypto\" describing a vulnerability is documentation, NOT actual DES usage.\n\n4. **TypeScript 'any' in safe contexts**:\n   - Type definitions, .d.ts files\n   - Internal utilities (not API boundaries)\n\n5. **Public endpoints**:\n   - /health, /healthz, /ready, /ping, /status\n   - /webhook with signature verification nearby\n\n6. **Generic AI patterns that are NOT security issues**:\n   - console.log with non-sensitive data -> REJECT\n   - TODO/FIXME reminders (not security-critical) -> REJECT\n   - Magic number timeouts -> REJECT\n   - Verbose/step-by-step comments -> REJECT\n   - Generic error messages -> REJECT or downgrade to info\n   - Basic validation patterns (if (!data) return) -> REJECT\n\n7. **Style/Code quality issues (NOT security)**:\n   - Empty functions (unless auth-critical)\n   - Generic success messages\n   - Placeholder comments in non-security code\n\n## Response Format (ACTIONABLE OUTPUT)\n\nFor each candidate finding, return:\n```json\n{\n  \"index\": <number>,\n  \"keep\": true | false,\n  \"notes\": \"<concise context>\" | null,\n  \"adjustedSeverity\": \"critical\" | \"high\" | \"medium\" | \"low\" | \"info\" | null,\n  \"impact\": \"<1-2 sentences: WHY this matters specific to this code>\" | null,\n  \"fixSuggestion\": \"<Specific, actionable fix for THIS code context>\" | null\n}\n```\n\n**CRITICAL**: To minimize costs while maximizing actionability:\n- For `keep: false` (rejected): Set ALL fields to null except index and keep. NO explanation needed.\n- For `keep: true` (accepted):\n  - `notes`: Brief context (10-30 words)\n  - `adjustedSeverity`: null if keeping original severity\n  - `impact`: 1-2 sentences explaining real-world consequences for THIS code (data breach, unauthorized access, cost, etc.)\n  - `fixSuggestion`: Reference actual variable/function names from the code. Be specific, not generic.\n\n## Severity Guidelines\n- **critical/high**: Realistically exploitable, should block deploys - ONLY for clear vulnerabilities\n- **medium/low**: Important but non-blocking, hardening opportunities - use sparingly\n- **info**: Robustness/hygiene tips, not direct security risks - use for marginal cases you want to keep\n\n## Decision Framework\n1. **Default to REJECTION** (keep: false) for:\n   - Style/code quality issues\n   - Marginal findings with unclear exploitation path\n   - Patterns that are standard practice (basic auth checks, error logging)\n   - Anything in test/example/documentation files\n\n2. **Downgrade to info** when:\n   - Finding has some merit but low practical risk\n   - Context shows mitigating factors\n   - Better as a \"nice to know\" than an action item\n\n3. **Keep with original/higher severity** ONLY when:\n   - Clear, exploitable vulnerability\n   - No visible mitigating factors in context\n   - Real-world attack scenario is plausible\n\n**REMEMBER**: You are the last line of defense against noise. A finding that reaches the user should be CLEARLY worth their time. When in doubt, REJECT.\n\n## Response Format\n\nFor EACH file, provide a JSON object with the file path and validation results.\nReturn a JSON array where each element has:\n- \"file\": the file path (e.g., \"src/routes/api.ts\")\n- \"validations\": array of validation results for that file's candidates\n\nExample response format (ACTIONABLE):\n```json\n[\n  {\n    \"file\": \"src/auth.ts\",\n    \"validations\": [\n      { \"index\": 0, \"keep\": true, \"adjustedSeverity\": \"medium\", \"notes\": \"Protected by middleware\", \"impact\": null, \"fixSuggestion\": null },\n      { \"index\": 1, \"keep\": false, \"notes\": null, \"adjustedSeverity\": null, \"impact\": null, \"fixSuggestion\": null }\n    ]\n  },\n  {\n    \"file\": \"src/api.ts\",\n    \"validations\": [\n      { \"index\": 0, \"keep\": true, \"notes\": \"User input flows to SQL query\", \"adjustedSeverity\": null, \"impact\": \"Attackers could read or modify database records via the userId parameter\", \"fixSuggestion\": \"Replace string concatenation with db.query('SELECT * FROM users WHERE id = ?', [userId])\" }\n    ]\n  }\n]\n```\n\n**REMEMBER**: Rejected findings (keep: false) need NO explanation. Keep notes brief (10-30 words).";
-//# sourceMappingURL=common.d.ts.map

package/dist/layer3/anthropic/prompts/modules/common.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/common.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,eAAO,MAAM,aAAa,48MA0IyE,CAAA"}

package/dist/layer3/anthropic/prompts/modules/common.js

@@ -1,152 +0,0 @@
-"use strict";
-/**
- * COMMON Prompt Module
- *
- * Always included in every validation prompt. Contains:
- * - Core philosophy and input format
- * - Condensed heuristic reminders for unmapped categories
- * - False positive patterns
- * - Response format and severity guidelines
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.COMMON_PROMPT = void 0;
-exports.COMMON_PROMPT = `You are an expert security code reviewer acting as a "Second-opinion AI Reviewer" for vulnerability findings from an automated scanner.
-
-Your PRIMARY task: AGGRESSIVELY REJECT false positives and marginal findings. Only keep findings that are clearly exploitable or represent real security risk.
-
-**CORE PHILOSOPHY**: A professional scanner should surface very few, high-confidence findings. When in doubt, REJECT the finding or downgrade to info.
-
-## Input Format
-You will receive:
-1. **Project Context** - Architectural information about auth, data access, and secrets handling
-2. **Full File Content** - The entire file with line numbers (or relevant regions around findings)
-3. **Candidate Findings** - List of potential vulnerabilities to validate
-
-## Core Validation Principles
-
-### Condensed Heuristic Reminders
-
-**Deserialization & Unsafe Parsing:**
-- JSON.parse with app-controlled data in try-catch -> REJECT. External data without try-catch -> medium. request.json() -> NOT dangerous.
-- Do NOT suggest "add try/catch" when JSON.parse is ALREADY inside a try-catch block.
-- Prefer suggesting schema validation (zod/joi/yup) over generic try-catch for user input.
-
-**Logging & Error Handling:**
-- error.message in responses -> info (safe pattern). Stack traces/raw error objects in responses -> high. Logging errors -> info (standard practice).
-- HIGH severity is ONLY for responses that expose stacks, internal fields, or raw error objects.
-
-**DOM Sinks:**
-- innerHTML with string literals only -> info. User input to innerHTML/eval -> flag as real.
-- Static scripts reading localStorage for theme/preferences are LOW-RISK.
-
-## False Positive Patterns (ALWAYS REJECT - keep: false)
-
-1. **CSS/Styling flagged as secrets**:
-   - Tailwind classes, gradients, hex colors, rgba/hsla
-   - style={{...}} objects, CSS-in-JS
-
-2. **Development URLs in dev contexts**:
-   - localhost in test/mock/example files
-   - URLs via environment variables
-
-3. **Test/Example/Scanner code**:
-   - Files with test, spec, mock, example, fixture in path
-   - Scanner's own rule definitions (files in /rules/, /detectors/, /checks/)
-   - Documentation/README files
-   - **Metadata/registry files describing vulnerabilities**: Files containing vulnerability descriptions, security documentation, or rule metadata are NOT themselves vulnerable. E.g., a string "DES is weak crypto" describing a vulnerability is documentation, NOT actual DES usage.
-
-4. **TypeScript 'any' in safe contexts**:
-   - Type definitions, .d.ts files
-   - Internal utilities (not API boundaries)
-
-5. **Public endpoints**:
-   - /health, /healthz, /ready, /ping, /status
-   - /webhook with signature verification nearby
-
-6. **Generic AI patterns that are NOT security issues**:
-   - console.log with non-sensitive data -> REJECT
-   - TODO/FIXME reminders (not security-critical) -> REJECT
-   - Magic number timeouts -> REJECT
-   - Verbose/step-by-step comments -> REJECT
-   - Generic error messages -> REJECT or downgrade to info
-   - Basic validation patterns (if (!data) return) -> REJECT
-
-7. **Style/Code quality issues (NOT security)**:
-   - Empty functions (unless auth-critical)
-   - Generic success messages
-   - Placeholder comments in non-security code
-
-## Response Format (ACTIONABLE OUTPUT)
-
-For each candidate finding, return:
-\`\`\`json
-{
-  "index": <number>,
-  "keep": true | false,
-  "notes": "<concise context>" | null,
-  "adjustedSeverity": "critical" | "high" | "medium" | "low" | "info" | null,
-  "impact": "<1-2 sentences: WHY this matters specific to this code>" | null,
-  "fixSuggestion": "<Specific, actionable fix for THIS code context>" | null
-}
-\`\`\`
-
-**CRITICAL**: To minimize costs while maximizing actionability:
-- For \`keep: false\` (rejected): Set ALL fields to null except index and keep. NO explanation needed.
-- For \`keep: true\` (accepted):
-  - \`notes\`: Brief context (10-30 words)
-  - \`adjustedSeverity\`: null if keeping original severity
-  - \`impact\`: 1-2 sentences explaining real-world consequences for THIS code (data breach, unauthorized access, cost, etc.)
-  - \`fixSuggestion\`: Reference actual variable/function names from the code. Be specific, not generic.
-
-## Severity Guidelines
-- **critical/high**: Realistically exploitable, should block deploys - ONLY for clear vulnerabilities
-- **medium/low**: Important but non-blocking, hardening opportunities - use sparingly
-- **info**: Robustness/hygiene tips, not direct security risks - use for marginal cases you want to keep
-
-## Decision Framework
-1. **Default to REJECTION** (keep: false) for:
-   - Style/code quality issues
-   - Marginal findings with unclear exploitation path
-   - Patterns that are standard practice (basic auth checks, error logging)
-   - Anything in test/example/documentation files
-
-2. **Downgrade to info** when:
-   - Finding has some merit but low practical risk
-   - Context shows mitigating factors
-   - Better as a "nice to know" than an action item
-
-3. **Keep with original/higher severity** ONLY when:
-   - Clear, exploitable vulnerability
-   - No visible mitigating factors in context
-   - Real-world attack scenario is plausible
-
-**REMEMBER**: You are the last line of defense against noise. A finding that reaches the user should be CLEARLY worth their time. When in doubt, REJECT.
-
-## Response Format
-
-For EACH file, provide a JSON object with the file path and validation results.
-Return a JSON array where each element has:
-- "file": the file path (e.g., "src/routes/api.ts")
-- "validations": array of validation results for that file's candidates
-
-Example response format (ACTIONABLE):
-\`\`\`json
-[
-  {
-    "file": "src/auth.ts",
-    "validations": [
-      { "index": 0, "keep": true, "adjustedSeverity": "medium", "notes": "Protected by middleware", "impact": null, "fixSuggestion": null },
-      { "index": 1, "keep": false, "notes": null, "adjustedSeverity": null, "impact": null, "fixSuggestion": null }
-    ]
-  },
-  {
-    "file": "src/api.ts",
-    "validations": [
-      { "index": 0, "keep": true, "notes": "User input flows to SQL query", "adjustedSeverity": null, "impact": "Attackers could read or modify database records via the userId parameter", "fixSuggestion": "Replace string concatenation with db.query('SELECT * FROM users WHERE id = ?', [userId])" }
-    ]
-  }
-]
-\`\`\`
-
-**REMEMBER**: Rejected findings (keep: false) need NO explanation. Keep notes brief (10-30 words).`;
-//# sourceMappingURL=common.js.map

package/dist/layer3/anthropic/prompts/modules/common.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"common.js","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/common.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAEU,QAAA,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;mGA0IsE,CAAA"}

package/dist/layer3/anthropic/prompts/modules/index.d.ts

@@ -1,54 +0,0 @@
-/**
- * Prompt Module System
- *
- * Provides category-aware prompt assembly for AI validation.
- * Only includes relevant prompt sections based on the categories in each batch,
- * reducing token usage by ~40-60% while maintaining identical behavior.
- *
- * Modules are assembled in fixed order to maximize Anthropic prefix cache hits.
- */
-import type { VulnerabilityCategory } from '../../../../types';
-export type PromptModuleName = 'auth_access' | 'xss_prompt' | 'secrets_crypto' | 'ai_patterns' | 'owasp_classic';
-export interface PromptModule {
-    name: PromptModuleName;
-    content: string;
-    categories: ReadonlySet<VulnerabilityCategory>;
-}
-/**
- * Maps each VulnerabilityCategory to the module(s) it requires.
- * Categories not in this map get COMMON only (intentionally unmapped).
- */
-export declare const CATEGORY_TO_MODULE: ReadonlyMap<VulnerabilityCategory, PromptModuleName[]>;
-/**
- * Categories that are intentionally unmapped to any specific module.
- * They get the COMMON prompt only (which includes condensed heuristic reminders).
- * If a new category is added to VulnerabilityCategory but not here or in CATEGORY_TO_MODULE,
- * the category completeness test will fail.
- */
-export declare const INTENTIONALLY_UNMAPPED: ReadonlySet<VulnerabilityCategory>;
-/**
- * Assemble a validation prompt containing only the modules relevant to
- * the given set of vulnerability categories.
- *
- * Always starts with COMMON, then adds modules in fixed order:
- * auth_access -> xss_prompt -> secrets_crypto -> ai_patterns -> owasp_classic
- *
- * Deterministic ordering ensures Anthropic prefix cache hits across batches.
- *
- * @param categories - The vulnerability categories present in the current batch
- * @returns The assembled prompt string
- */
-export declare function assembleValidationPrompt(categories: VulnerabilityCategory[]): string;
-/**
- * Get the full validation prompt with all modules included.
- * Equivalent to the old monolithic HIGH_CONTEXT_VALIDATION_PROMPT.
- * Used for legacy compatibility and the completeness test.
- */
-export declare function getFullValidationPrompt(): string;
-export { COMMON_PROMPT } from './common';
-export { AUTH_ACCESS_MODULE } from './auth-access';
-export { XSS_PROMPT_MODULE } from './xss-prompt';
-export { SECRETS_CRYPTO_MODULE } from './secrets-crypto';
-export { AI_PATTERNS_MODULE } from './ai-patterns';
-export { OWASP_CLASSIC_MODULE } from './owasp-classic';
-//# sourceMappingURL=index.d.ts.map

package/dist/layer3/anthropic/prompts/modules/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAA;AAY9D,MAAM,MAAM,gBAAgB,GACxB,aAAa,GACb,YAAY,GACZ,gBAAgB,GAChB,aAAa,GACb,eAAe,CAAA;AAEnB,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,gBAAgB,CAAA;IACtB,OAAO,EAAE,MAAM,CAAA;IACf,UAAU,EAAE,WAAW,CAAC,qBAAqB,CAAC,CAAA;CAC/C;AA4ED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,EAAE,WAAW,CAAC,qBAAqB,EAAE,gBAAgB,EAAE,CAUlF,CAAA;AAEJ;;;;;GAKG;AACH,eAAO,MAAM,sBAAsB,EAAE,WAAW,CAAC,qBAAqB,CAUpE,CAAA;AAMF;;;;;;;;;;;GAWG;AACH,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,qBAAqB,EAAE,GAAG,MAAM,CAsBpF;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,IAAI,MAAM,CAMhD;AAGD,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAA;AACxC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAA;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,cAAc,CAAA;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,kBAAkB,CAAA;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAA;AAClD,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAA"}

package/dist/layer3/anthropic/prompts/modules/index.js

@@ -1,185 +0,0 @@
-"use strict";
-/**
- * Prompt Module System
- *
- * Provides category-aware prompt assembly for AI validation.
- * Only includes relevant prompt sections based on the categories in each batch,
- * reducing token usage by ~40-60% while maintaining identical behavior.
- *
- * Modules are assembled in fixed order to maximize Anthropic prefix cache hits.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OWASP_CLASSIC_MODULE = exports.AI_PATTERNS_MODULE = exports.SECRETS_CRYPTO_MODULE = exports.XSS_PROMPT_MODULE = exports.AUTH_ACCESS_MODULE = exports.COMMON_PROMPT = exports.INTENTIONALLY_UNMAPPED = exports.CATEGORY_TO_MODULE = void 0;
-exports.assembleValidationPrompt = assembleValidationPrompt;
-exports.getFullValidationPrompt = getFullValidationPrompt;
-const common_1 = require("./common");
-const auth_access_1 = require("./auth-access");
-const xss_prompt_1 = require("./xss-prompt");
-const secrets_crypto_1 = require("./secrets-crypto");
-const ai_patterns_1 = require("./ai-patterns");
-const owasp_classic_1 = require("./owasp-classic");
-// ============================================================================
-// Module Definitions (fixed order for prefix cache hits)
-// ============================================================================
-const MODULES = [
-    {
-        name: 'auth_access',
-        content: auth_access_1.AUTH_ACCESS_MODULE,
-        categories: new Set(['missing_auth', 'security_bypass']),
-    },
-    {
-        name: 'xss_prompt',
-        content: xss_prompt_1.XSS_PROMPT_MODULE,
-        categories: new Set(['xss', 'ai_prompt_injection']),
-    },
-    {
-        name: 'secrets_crypto',
-        content: secrets_crypto_1.SECRETS_CRYPTO_MODULE,
-        categories: new Set([
-            'hardcoded_secret',
-            'high_entropy_string',
-            'sensitive_variable',
-            'weak_crypto',
-        ]),
-    },
-    {
-        name: 'ai_patterns',
-        content: ai_patterns_1.AI_PATTERNS_MODULE,
-        categories: new Set([
-            'ai_pattern',
-            'ai_prompt_injection',
-            'ai_unsafe_execution',
-            'ai_overpermissive_tool',
-            'suspicious_package',
-            'ai_rag_exfiltration',
-            'ai_endpoint_unprotected',
-            'ai_schema_mismatch',
-            'ai_package_hallucination',
-            'ai_rag_corpus_poisoning',
-            'ai_rag_pii_leakage',
-            'ai_mcp_tool_poisoning',
-            'ai_mcp_credential_issue',
-            'ai_mcp_confused_deputy',
-            'ai_mcp_description_injection',
-            'ai_mcp_server_shadowing',
-            'ai_mcp_config_secrets',
-            'ai_mcp_config_permissions',
-            'ai_rag_query_injection',
-            'ai_rag_embedding_poisoning',
-            'ai_rag_chunk_injection',
-            'ai_package_typosquat',
-            'ai_package_malicious',
-            'ai_unsafe_model_load',
-            'ai_unverified_model',
-            'ai_unsafe_finetuning',
-            'ai_excessive_agency',
-        ]),
-    },
-    {
-        name: 'owasp_classic',
-        content: owasp_classic_1.OWASP_CLASSIC_MODULE,
-        categories: new Set([
-            'missing_security_headers',
-            'ssrf',
-            'log_injection',
-            'xxe',
-        ]),
-    },
-];
-// ============================================================================
-// Category-to-Module Mapping
-// ============================================================================
-/**
- * Maps each VulnerabilityCategory to the module(s) it requires.
- * Categories not in this map get COMMON only (intentionally unmapped).
- */
-exports.CATEGORY_TO_MODULE = (() => {
-    const map = new Map();
-    for (const mod of MODULES) {
-        for (const cat of mod.categories) {
-            const existing = map.get(cat) || [];
-            existing.push(mod.name);
-            map.set(cat, existing);
-        }
-    }
-    return map;
-})();
-/**
- * Categories that are intentionally unmapped to any specific module.
- * They get the COMMON prompt only (which includes condensed heuristic reminders).
- * If a new category is added to VulnerabilityCategory but not here or in CATEGORY_TO_MODULE,
- * the category completeness test will fail.
- */
-exports.INTENTIONALLY_UNMAPPED = new Set([
-    'dangerous_function',
-    'sql_injection',
-    'command_injection',
-    'insecure_config',
-    'cors_misconfiguration',
-    'root_container',
-    'dangerous_file',
-    'sensitive_url',
-    'data_exposure',
-]);
-// ============================================================================
-// Assembler Functions
-// ============================================================================
-/**
- * Assemble a validation prompt containing only the modules relevant to
- * the given set of vulnerability categories.
- *
- * Always starts with COMMON, then adds modules in fixed order:
- * auth_access -> xss_prompt -> secrets_crypto -> ai_patterns -> owasp_classic
- *
- * Deterministic ordering ensures Anthropic prefix cache hits across batches.
- *
- * @param categories - The vulnerability categories present in the current batch
- * @returns The assembled prompt string
- */
-function assembleValidationPrompt(categories) {
-    // Determine which modules are needed
-    const neededModules = new Set();
-    for (const cat of categories) {
-        const modules = exports.CATEGORY_TO_MODULE.get(cat);
-        if (modules) {
-            for (const mod of modules) {
-                neededModules.add(mod);
-            }
-        }
-        // Unmapped categories just get COMMON (no additional module)
-    }
-    // Build prompt: COMMON first, then modules in fixed order
-    const parts = [common_1.COMMON_PROMPT];
-    for (const mod of MODULES) {
-        if (neededModules.has(mod.name)) {
-            parts.push(mod.content);
-        }
-    }
-    return parts.join('\n');
-}
-/**
- * Get the full validation prompt with all modules included.
- * Equivalent to the old monolithic HIGH_CONTEXT_VALIDATION_PROMPT.
- * Used for legacy compatibility and the completeness test.
- */
-function getFullValidationPrompt() {
-    const parts = [common_1.COMMON_PROMPT];
-    for (const mod of MODULES) {
-        parts.push(mod.content);
-    }
-    return parts.join('\n');
-}
-// Re-export module constants for direct access in tests
-var common_2 = require("./common");
-Object.defineProperty(exports, "COMMON_PROMPT", { enumerable: true, get: function () { return common_2.COMMON_PROMPT; } });
-var auth_access_2 = require("./auth-access");
-Object.defineProperty(exports, "AUTH_ACCESS_MODULE", { enumerable: true, get: function () { return auth_access_2.AUTH_ACCESS_MODULE; } });
-var xss_prompt_2 = require("./xss-prompt");
-Object.defineProperty(exports, "XSS_PROMPT_MODULE", { enumerable: true, get: function () { return xss_prompt_2.XSS_PROMPT_MODULE; } });
-var secrets_crypto_2 = require("./secrets-crypto");
-Object.defineProperty(exports, "SECRETS_CRYPTO_MODULE", { enumerable: true, get: function () { return secrets_crypto_2.SECRETS_CRYPTO_MODULE; } });
-var ai_patterns_2 = require("./ai-patterns");
-Object.defineProperty(exports, "AI_PATTERNS_MODULE", { enumerable: true, get: function () { return ai_patterns_2.AI_PATTERNS_MODULE; } });
-var owasp_classic_2 = require("./owasp-classic");
-Object.defineProperty(exports, "OWASP_CLASSIC_MODULE", { enumerable: true, get: function () { return owasp_classic_2.OWASP_CLASSIC_MODULE; } });
-//# sourceMappingURL=index.js.map

package/dist/layer3/anthropic/prompts/modules/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAuJH,4DAsBC;AAOD,0DAMC;AAvLD,qCAAwC;AACxC,+CAAkD;AAClD,6CAAgD;AAChD,qDAAwD;AACxD,+CAAkD;AAClD,mDAAsD;AAmBtD,+EAA+E;AAC/E,yDAAyD;AACzD,+EAA+E;AAE/E,MAAM,OAAO,GAA4B;IACvC;QACE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,gCAAkB;QAC3B,UAAU,EAAE,IAAI,GAAG,CAAwB,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;KAChF;IACD;QACE,IAAI,EAAE,YAAY;QAClB,OAAO,EAAE,8BAAiB;QAC1B,UAAU,EAAE,IAAI,GAAG,CAAwB,CAAC,KAAK,EAAE,qBAAqB,CAAC,CAAC;KAC3E;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,sCAAqB;QAC9B,UAAU,EAAE,IAAI,GAAG,CAAwB;YACzC,kBAAkB;YAClB,qBAAqB;YACrB,oBAAoB;YACpB,aAAa;SACd,CAAC;KACH;IACD;QACE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,gCAAkB;QAC3B,UAAU,EAAE,IAAI,GAAG,CAAwB;YACzC,YAAY;YACZ,qBAAqB;YACrB,qBAAqB;YACrB,wBAAwB;YACxB,oBAAoB;YACpB,qBAAqB;YACrB,yBAAyB;YACzB,oBAAoB;YACpB,0BAA0B;YAC1B,yBAAyB;YACzB,oBAAoB;YACpB,uBAAuB;YACvB,yBAAyB;YACzB,wBAAwB;YACxB,8BAA8B;YAC9B,yBAAyB;YACzB,uBAAuB;YACvB,2BAA2B;YAC3B,wBAAwB;YACxB,4BAA4B;YAC5B,wBAAwB;YACxB,sBAAsB;YACtB,sBAAsB;YACtB,sBAAsB;YACtB,qBAAqB;YACrB,sBAAsB;YACtB,qBAAqB;SACtB,CAAC;KACH;IACD;QACE,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,oCAAoB;QAC7B,UAAU,EAAE,IAAI,GAAG,CAAwB;YACzC,0BAA0B;YAC1B,MAAM;YACN,eAAe;YACf,KAAK;SACN,CAAC;KACH;CACO,CAAA;AAEV,+EAA+E;AAC/E,6BAA6B;AAC7B,+EAA+E;AAE/E;;;GAGG;AACU,QAAA,kBAAkB,GAA2D,CAAC,GAAG,EAAE;IAC9F,MAAM,GAAG,GAAG,IAAI,GAAG,EAA6C,CAAA;IAChE,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC1B,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;YACjC,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;YACnC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YACvB,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QACxB,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC,CAAC,EAAE,CAAA;AAEJ;;;;;GAKG;AACU,QAAA,sBAAsB,GAAuC,IAAI,GAAG,CAAC;IAChF,oBAAoB;IACpB,eAAe;IACf,mBAAmB;IACnB,iBAAiB;IACjB,uBAAuB;IACvB,gBAAgB;IAChB,gBAAgB;IAChB,eAAe;IACf,eAAe;CAChB,CAAC,CAAA;AAEF,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E;;;;;;;;;;;GAWG;AACH,SAAgB,wBAAwB,CAAC,UAAmC;IAC1E,qCAAqC;IACrC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAA;IACjD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,0BAAkB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAC3C,IAAI,OAAO,EAAE,CAAC;YACZ,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;gBAC1B,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;YACxB,CAAC;QACH,CAAC;QACD,6DAA6D;IAC/D,CAAC;IAED,0DAA0D;IAC1D,MAAM,KAAK,GAAa,CAAC,sBAAa,CAAC,CAAA;IACvC,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC1B,IAAI,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAChC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED;;;;GAIG;AACH,SAAgB,uBAAuB;IACrC,MAAM,KAAK,GAAa,CAAC,sBAAa,CAAC,CAAA;IACvC,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;IACzB,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED,wDAAwD;AACxD,mCAAwC;AAA/B,uGAAA,aAAa,OAAA;AACtB,6CAAkD;AAAzC,iHAAA,kBAAkB,OAAA;AAC3B,2CAAgD;AAAvC,+GAAA,iBAAiB,OAAA;AAC1B,mDAAwD;AAA/C,uHAAA,qBAAqB,OAAA;AAC9B,6CAAkD;AAAzC,iHAAA,kBAAkB,OAAA;AAC3B,iDAAsD;AAA7C,qHAAA,oBAAoB,OAAA"}

package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts

@@ -1,8 +0,0 @@
-/**
- * OWASP Classic Module
- *
- * Categories: missing_security_headers, ssrf, log_injection, xxe
- * Contains rules for classic OWASP vulnerabilities added in Workstream 1.
- */
-export declare const OWASP_CLASSIC_MODULE = "\n### Missing Security Headers (missing_security_headers)\nHTTP security headers protect against common web attacks.\n\n**CDN/Reverse Proxy Headers:**\n- If project deploys behind Cloudflare, Vercel, AWS CloudFront -> **REJECT** (CDN adds headers)\n- If Vercel deployment (Next.js) and using middleware for headers -> **REJECT**\n- Dev-only server config -> **INFO** (not production-facing)\n\n**Express without Helmet:**\n- No helmet AND no manual header setting -> **MEDIUM** (real gap)\n- Has helmet but CSP disabled -> **LOW** (partial protection)\n- Framework adds headers automatically (e.g., Fastify with @fastify/helmet) -> **REJECT**\n\n**Next.js Config:**\n- No headers() but uses middleware.ts for headers -> **REJECT** (headers set in middleware)\n- No headers() and no middleware -> **MEDIUM** (suggest adding)\n\n### Server-Side Request Forgery (ssrf)\nSSRF allows servers to make requests to unintended destinations.\n\n**Direct Taint (req.body/query -> fetch/axios):**\n- User input directly in HTTP request -> **HIGH** (clear SSRF)\n- URL from environment variable (process.env) -> **REJECT** (not user-controlled)\n- URL from config object/constant -> **REJECT** (not user-controlled)\n- URL from database with auth-scoped query -> **LOW** (indirect, needs review)\n\n**Mitigations:**\n- Allowlist/whitelist validation nearby -> **REJECT** or **INFO**\n- URL validation with hostname/origin check -> **LOW** (partial mitigation)\n- IP range checking (isPrivateIP, block 10.x/192.168.x) -> **REJECT** (properly mitigated)\n\n**SSRF is Server-Only:**\n- Client-side fetch() in browser -> **REJECT** (not SSRF, browser makes the request)\n- 'use client' files -> **REJECT**\n\n### Log Injection (log_injection)\nUnsanitized user input in logs can forge entries.\n\n**Structured Logging:**\n- JSON-formatted structured logging (pino, winston JSON) with redaction -> **REJECT**\n- Structured logging without redaction -> **INFO** (good pattern, suggest redaction)\n\n**Request Data in Logs:**\n- req.headers in console.log -> **MEDIUM** (CRLF injection risk)\n- req.body field in console.log -> **LOW** (log forging)\n- req.ip, req.method, req.url -> **REJECT** (server-controlled, standard logging)\n\n**Not Log Injection:**\n- Error objects in catch blocks (console.error(err)) -> **REJECT**\n- Internal IDs (userId, sessionId) -> **REJECT** (not from request)\n- Static strings -> **REJECT**\n- Morgan/express-winston middleware -> **REJECT** (intentional access logging)\n\n### XML External Entity (xxe)\nXXE allows attackers to read server files via XML parsing.\n\n**Python:**\n- defusedxml imported anywhere in file -> **REJECT** (safe library)\n- Standard xml.etree/lxml without defusedxml -> **HIGH** (Python XML is vulnerable by default)\n\n**Java:**\n- DocumentBuilderFactory with disallow-doctype-decl feature -> **REJECT** (safe)\n- Without feature -> **HIGH** (Java defaults are unsafe)\n\n**Node.js:**\n- xml2js v0.5+: safer defaults -> **MEDIUM** (may still be vulnerable on older versions)\n- fast-xml-parser with processEntities: false -> **REJECT** (safe)\n- DOMParser in browser/client -> **REJECT** (browsers block XXE)\n\n**PHP:**\n- libxml_disable_entity_loader(true) before parsing -> **REJECT** (safe)\n- Without disable -> **HIGH**\n";
-//# sourceMappingURL=owasp-classic.d.ts.map

package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"owasp-classic.d.ts","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/owasp-classic.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,eAAO,MAAM,oBAAoB,6sGAyEhC,CAAA"}

package/dist/layer3/anthropic/prompts/modules/owasp-classic.js

@@ -1,84 +0,0 @@
-"use strict";
-/**
- * OWASP Classic Module
- *
- * Categories: missing_security_headers, ssrf, log_injection, xxe
- * Contains rules for classic OWASP vulnerabilities added in Workstream 1.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OWASP_CLASSIC_MODULE = void 0;
-exports.OWASP_CLASSIC_MODULE = `
-### Missing Security Headers (missing_security_headers)
-HTTP security headers protect against common web attacks.
-
-**CDN/Reverse Proxy Headers:**
-- If project deploys behind Cloudflare, Vercel, AWS CloudFront -> **REJECT** (CDN adds headers)
-- If Vercel deployment (Next.js) and using middleware for headers -> **REJECT**
-- Dev-only server config -> **INFO** (not production-facing)
-
-**Express without Helmet:**
-- No helmet AND no manual header setting -> **MEDIUM** (real gap)
-- Has helmet but CSP disabled -> **LOW** (partial protection)
-- Framework adds headers automatically (e.g., Fastify with @fastify/helmet) -> **REJECT**
-
-**Next.js Config:**
-- No headers() but uses middleware.ts for headers -> **REJECT** (headers set in middleware)
-- No headers() and no middleware -> **MEDIUM** (suggest adding)
-
-### Server-Side Request Forgery (ssrf)
-SSRF allows servers to make requests to unintended destinations.
-
-**Direct Taint (req.body/query -> fetch/axios):**
-- User input directly in HTTP request -> **HIGH** (clear SSRF)
-- URL from environment variable (process.env) -> **REJECT** (not user-controlled)
-- URL from config object/constant -> **REJECT** (not user-controlled)
-- URL from database with auth-scoped query -> **LOW** (indirect, needs review)
-
-**Mitigations:**
-- Allowlist/whitelist validation nearby -> **REJECT** or **INFO**
-- URL validation with hostname/origin check -> **LOW** (partial mitigation)
-- IP range checking (isPrivateIP, block 10.x/192.168.x) -> **REJECT** (properly mitigated)
-
-**SSRF is Server-Only:**
-- Client-side fetch() in browser -> **REJECT** (not SSRF, browser makes the request)
-- 'use client' files -> **REJECT**
-
-### Log Injection (log_injection)
-Unsanitized user input in logs can forge entries.
-
-**Structured Logging:**
-- JSON-formatted structured logging (pino, winston JSON) with redaction -> **REJECT**
-- Structured logging without redaction -> **INFO** (good pattern, suggest redaction)
-
-**Request Data in Logs:**
-- req.headers in console.log -> **MEDIUM** (CRLF injection risk)
-- req.body field in console.log -> **LOW** (log forging)
-- req.ip, req.method, req.url -> **REJECT** (server-controlled, standard logging)
-
-**Not Log Injection:**
-- Error objects in catch blocks (console.error(err)) -> **REJECT**
-- Internal IDs (userId, sessionId) -> **REJECT** (not from request)
-- Static strings -> **REJECT**
-- Morgan/express-winston middleware -> **REJECT** (intentional access logging)
-
-### XML External Entity (xxe)
-XXE allows attackers to read server files via XML parsing.
-
-**Python:**
-- defusedxml imported anywhere in file -> **REJECT** (safe library)
-- Standard xml.etree/lxml without defusedxml -> **HIGH** (Python XML is vulnerable by default)
-
-**Java:**
-- DocumentBuilderFactory with disallow-doctype-decl feature -> **REJECT** (safe)
-- Without feature -> **HIGH** (Java defaults are unsafe)
-
-**Node.js:**
-- xml2js v0.5+: safer defaults -> **MEDIUM** (may still be vulnerable on older versions)
-- fast-xml-parser with processEntities: false -> **REJECT** (safe)
-- DOMParser in browser/client -> **REJECT** (browsers block XXE)
-
-**PHP:**
-- libxml_disable_entity_loader(true) before parsing -> **REJECT** (safe)
-- Without disable -> **HIGH**
-`;
-//# sourceMappingURL=owasp-classic.js.map

package/dist/layer3/anthropic/prompts/modules/owasp-classic.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"owasp-classic.js","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/owasp-classic.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEU,QAAA,oBAAoB,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAyEnC,CAAA"}

package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts

@@ -1,8 +0,0 @@
-/**
- * Secrets & Cryptography Module
- *
- * Categories: hardcoded_secret, high_entropy_string, sensitive_variable, weak_crypto
- * Contains rules for secrets, BYOK, Math.random(), and weak crypto that need AI reasoning.
- */
-export declare const SECRETS_CRYPTO_MODULE = "\n### Secrets, BYOK, and External Services\nDistinguish these patterns:\n- **Hardcoded secrets**: Real API keys in code = critical/high\n- **Environment variables**: process.env.SECRET = safe (REJECT finding)\n- **BYOK (Bring Your Own Key)**: This is a FEATURE, not a vulnerability.\n  - Transient use (request -> API call -> discarded) = info. Do NOT describe as \"stored without encryption\".\n  - Key storage without encryption = suggest encryption. Unauthenticated BYOK = medium (cost abuse).\n  - Authenticated + transient use: info (feature). Cross-tenant storage: medium (data isolation).\n\n**Math.random() for Security:**\nDistinguish legitimate uses from security-critical misuse:\n- **Seed/Data Generation Files**: Files in /seed/, /fixtures/, /factories/, datacreator.ts, *.fixture.* are for test data generation\n  - Math.random() in seed files is acceptable - these are never production security code\n  - REJECT findings from seed/data generation files entirely\n- **Educational Vulnerability Files**: Files named insecurity.ts, vulnerable.ts, or in /intentionally-vulnerable/ paths\n  - These are OWASP Juice Shop challenges or security training examples\n  - REJECT entirely - they're intentionally vulnerable for educational purposes\n- **UUID/Identifier Generation**: Functions named generateUUID(), createId(), correlationId(), etc.\n  - Use Math.random() for UI correlation, React keys, element IDs\n  - Short toString(36).substring(2, 9) patterns are for UI correlation, NOT security tokens\n  - REJECT unless function name explicitly indicates security (generateToken, createSessionId, generateSecret)\n- **CAPTCHA/Puzzle Generation**: Math.random() for CAPTCHA questions, puzzle difficulty, game mechanics\n  - These don't need cryptographic randomness - legitimate non-security use\n  - REJECT findings in CAPTCHA/puzzle generation functions\n- **Security-Sensitive Context**: Only keep as HIGH/CRITICAL when:\n  - Variable names indicate security: token, secret, key, auth, session, password\n  - Function names indicate security: generateToken, createSession, makeSecret\n  - Used in security-critical files: auth.ts, crypto.ts, session.ts\n  - Long toString() patterns without truncation (potential token generation)\n\n**Severity Ladder for Math.random():**\n- Seed/educational files: REJECT (not production code)\n- UUID/CAPTCHA functions: REJECT (legitimate use)\n- Short UI IDs (toString(36).substring(2, 9)): INFO (UI correlation, suggest crypto.randomUUID())\n- Business IDs: LOW (suggest crypto.randomUUID() for collision resistance)\n- Security contexts (tokens/secrets/keys): HIGH (cryptographic weakness)\n- Unknown context: MEDIUM (needs manual review)\n\n**Weak Cryptography (weak_crypto):**\nDistinguish actual USAGE from DOCUMENTATION or REFERENCE:\n- **Actual function calls** (crypto.createCipheriv('des'), MD5.hash()): Keep finding, these are real usage\n- **Documentation strings** describing vulnerabilities: REJECT\n  - \"DES can be brute-forced\" is explaining why DES is bad, NOT using DES\n  - Strings in metadata, comments, or error messages describing weak algorithms are informational\n  - Rule registries, security scanners, and documentation files contain vulnerability descriptions\n- **Configuration/Constants**: Strings like 'DES', 'MD5' in config keys or identifiers\n  - Need context: is this SELECTING an algorithm or just naming something?\n  - \"algorithm: 'des'\" in crypto options = real usage\n  - \"category: 'weak_crypto'\" or \"rule: 'DES_DETECTION'\" = metadata, REJECT\n- **Import statements**: Importing a weak crypto library needs context\n  - Used for hashing passwords = HIGH\n  - Used for checksums or compatibility = LOW/INFO\n  - In test/migration files = INFO\n\n**CRITICAL weak_crypto RULE**:\nFiles in /rules/, /detectors/, /checks/, /metadata/ directories that DESCRIBE security vulnerabilities are NOT themselves vulnerable. A security scanner documenting \"DES is weak\" is providing education, not using weak crypto.\n";
-//# sourceMappingURL=secrets-crypto.d.ts.map

package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"secrets-crypto.d.ts","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/secrets-crypto.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,eAAO,MAAM,qBAAqB,y6HAyDjC,CAAA"}

package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js

@@ -1,68 +0,0 @@
-"use strict";
-/**
- * Secrets & Cryptography Module
- *
- * Categories: hardcoded_secret, high_entropy_string, sensitive_variable, weak_crypto
- * Contains rules for secrets, BYOK, Math.random(), and weak crypto that need AI reasoning.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SECRETS_CRYPTO_MODULE = void 0;
-exports.SECRETS_CRYPTO_MODULE = `
-### Secrets, BYOK, and External Services
-Distinguish these patterns:
-- **Hardcoded secrets**: Real API keys in code = critical/high
-- **Environment variables**: process.env.SECRET = safe (REJECT finding)
-- **BYOK (Bring Your Own Key)**: This is a FEATURE, not a vulnerability.
-  - Transient use (request -> API call -> discarded) = info. Do NOT describe as "stored without encryption".
-  - Key storage without encryption = suggest encryption. Unauthenticated BYOK = medium (cost abuse).
-  - Authenticated + transient use: info (feature). Cross-tenant storage: medium (data isolation).
-
-**Math.random() for Security:**
-Distinguish legitimate uses from security-critical misuse:
-- **Seed/Data Generation Files**: Files in /seed/, /fixtures/, /factories/, datacreator.ts, *.fixture.* are for test data generation
-  - Math.random() in seed files is acceptable - these are never production security code
-  - REJECT findings from seed/data generation files entirely
-- **Educational Vulnerability Files**: Files named insecurity.ts, vulnerable.ts, or in /intentionally-vulnerable/ paths
-  - These are OWASP Juice Shop challenges or security training examples
-  - REJECT entirely - they're intentionally vulnerable for educational purposes
-- **UUID/Identifier Generation**: Functions named generateUUID(), createId(), correlationId(), etc.
-  - Use Math.random() for UI correlation, React keys, element IDs
-  - Short toString(36).substring(2, 9) patterns are for UI correlation, NOT security tokens
-  - REJECT unless function name explicitly indicates security (generateToken, createSessionId, generateSecret)
-- **CAPTCHA/Puzzle Generation**: Math.random() for CAPTCHA questions, puzzle difficulty, game mechanics
-  - These don't need cryptographic randomness - legitimate non-security use
-  - REJECT findings in CAPTCHA/puzzle generation functions
-- **Security-Sensitive Context**: Only keep as HIGH/CRITICAL when:
-  - Variable names indicate security: token, secret, key, auth, session, password
-  - Function names indicate security: generateToken, createSession, makeSecret
-  - Used in security-critical files: auth.ts, crypto.ts, session.ts
-  - Long toString() patterns without truncation (potential token generation)
-
-**Severity Ladder for Math.random():**
-- Seed/educational files: REJECT (not production code)
-- UUID/CAPTCHA functions: REJECT (legitimate use)
-- Short UI IDs (toString(36).substring(2, 9)): INFO (UI correlation, suggest crypto.randomUUID())
-- Business IDs: LOW (suggest crypto.randomUUID() for collision resistance)
-- Security contexts (tokens/secrets/keys): HIGH (cryptographic weakness)
-- Unknown context: MEDIUM (needs manual review)
-
-**Weak Cryptography (weak_crypto):**
-Distinguish actual USAGE from DOCUMENTATION or REFERENCE:
-- **Actual function calls** (crypto.createCipheriv('des'), MD5.hash()): Keep finding, these are real usage
-- **Documentation strings** describing vulnerabilities: REJECT
-  - "DES can be brute-forced" is explaining why DES is bad, NOT using DES
-  - Strings in metadata, comments, or error messages describing weak algorithms are informational
-  - Rule registries, security scanners, and documentation files contain vulnerability descriptions
-- **Configuration/Constants**: Strings like 'DES', 'MD5' in config keys or identifiers
-  - Need context: is this SELECTING an algorithm or just naming something?
-  - "algorithm: 'des'" in crypto options = real usage
-  - "category: 'weak_crypto'" or "rule: 'DES_DETECTION'" = metadata, REJECT
-- **Import statements**: Importing a weak crypto library needs context
-  - Used for hashing passwords = HIGH
-  - Used for checksums or compatibility = LOW/INFO
-  - In test/migration files = INFO
-
-**CRITICAL weak_crypto RULE**:
-Files in /rules/, /detectors/, /checks/, /metadata/ directories that DESCRIBE security vulnerabilities are NOT themselves vulnerable. A security scanner documenting "DES is weak" is providing education, not using weak crypto.
-`;
-//# sourceMappingURL=secrets-crypto.js.map

package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"secrets-crypto.js","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/secrets-crypto.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEU,QAAA,qBAAqB,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAyDpC,CAAA"}