npm - @oculum/scanner - Versions diffs - 1.0.14 → 1.0.15 - Mend

@oculum/scanner 1.0.14 → 1.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1323) hide show

package/dist/detect/ai-code/index.d.ts +6 -11
package/dist/detect/ai-code/index.d.ts.map +1 -1
package/dist/detect/ai-code/index.js +6 -24
package/dist/detect/ai-code/index.js.map +1 -1
package/dist/detect/ast-rules/agent-tools-ast.d.ts +14 -0
package/dist/detect/ast-rules/agent-tools-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/agent-tools-ast.js +809 -0
package/dist/detect/ast-rules/agent-tools-ast.js.map +1 -0
package/dist/detect/ast-rules/ai-fingerprinting-ast.d.ts +14 -0
package/dist/detect/ast-rules/ai-fingerprinting-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/ai-fingerprinting-ast.js +344 -0
package/dist/detect/ast-rules/ai-fingerprinting-ast.js.map +1 -0
package/dist/detect/ast-rules/auth-patterns-ast.d.ts +14 -0
package/dist/detect/ast-rules/auth-patterns-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/auth-patterns-ast.js +280 -0
package/dist/detect/ast-rules/auth-patterns-ast.js.map +1 -0
package/dist/detect/ast-rules/byok-ast.d.ts +13 -0
package/dist/detect/ast-rules/byok-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/byok-ast.js +180 -0
package/dist/detect/ast-rules/byok-ast.js.map +1 -0
package/dist/detect/ast-rules/child-process-ast.d.ts +13 -0
package/dist/detect/ast-rules/child-process-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/child-process-ast.js +252 -0
package/dist/detect/ast-rules/child-process-ast.js.map +1 -0
package/dist/detect/ast-rules/dangerous-eval-ast.d.ts +13 -0
package/dist/detect/ast-rules/dangerous-eval-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/dangerous-eval-ast.js +218 -0
package/dist/detect/ast-rules/dangerous-eval-ast.js.map +1 -0
package/dist/detect/ast-rules/data-exposure-ast.d.ts +13 -0
package/dist/detect/ast-rules/data-exposure-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/data-exposure-ast.js +158 -0
package/dist/detect/ast-rules/data-exposure-ast.js.map +1 -0
package/dist/detect/ast-rules/dom-xss-ast.d.ts +14 -0
package/dist/detect/ast-rules/dom-xss-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/dom-xss-ast.js +217 -0
package/dist/detect/ast-rules/dom-xss-ast.js.map +1 -0
package/dist/detect/ast-rules/endpoint-protection-ast.d.ts +13 -0
package/dist/detect/ast-rules/endpoint-protection-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/endpoint-protection-ast.js +228 -0
package/dist/detect/ast-rules/endpoint-protection-ast.js.map +1 -0
package/dist/detect/ast-rules/entropy-ast.d.ts +17 -0
package/dist/detect/ast-rules/entropy-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/entropy-ast.js +265 -0
package/dist/detect/ast-rules/entropy-ast.js.map +1 -0
package/dist/detect/ast-rules/flask-debug-ast.d.ts +10 -0
package/dist/detect/ast-rules/flask-debug-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/flask-debug-ast.js +125 -0
package/dist/detect/ast-rules/flask-debug-ast.js.map +1 -0
package/dist/detect/ast-rules/framework-checks-ast.d.ts +13 -0
package/dist/detect/ast-rules/framework-checks-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/framework-checks-ast.js +185 -0
package/dist/detect/ast-rules/framework-checks-ast.js.map +1 -0
package/dist/detect/ast-rules/helpers/call-analysis.d.ts +62 -0
package/dist/detect/ast-rules/helpers/call-analysis.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/call-analysis.js +217 -0
package/dist/detect/ast-rules/helpers/call-analysis.js.map +1 -0
package/dist/detect/ast-rules/helpers/context-detection.d.ts +33 -0
package/dist/detect/ast-rules/helpers/context-detection.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/context-detection.js +256 -0
package/dist/detect/ast-rules/helpers/context-detection.js.map +1 -0
package/dist/detect/ast-rules/helpers/control-flow.d.ts +40 -0
package/dist/detect/ast-rules/helpers/control-flow.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/control-flow.js +174 -0
package/dist/detect/ast-rules/helpers/control-flow.js.map +1 -0
package/dist/detect/ast-rules/helpers/import-analysis.d.ts +43 -0
package/dist/detect/ast-rules/helpers/import-analysis.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/import-analysis.js +149 -0
package/dist/detect/ast-rules/helpers/import-analysis.js.map +1 -0
package/dist/detect/ast-rules/helpers/index.d.ts +16 -0
package/dist/detect/ast-rules/helpers/index.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/index.js +112 -0
package/dist/detect/ast-rules/helpers/index.js.map +1 -0
package/dist/detect/ast-rules/helpers/python-helpers.d.ts +215 -0
package/dist/detect/ast-rules/helpers/python-helpers.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/python-helpers.js +935 -0
package/dist/detect/ast-rules/helpers/python-helpers.js.map +1 -0
package/dist/detect/ast-rules/helpers/scope-analysis.d.ts +50 -0
package/dist/detect/ast-rules/helpers/scope-analysis.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/scope-analysis.js +194 -0
package/dist/detect/ast-rules/helpers/scope-analysis.js.map +1 -0
package/dist/detect/ast-rules/helpers/string-analysis.d.ts +57 -0
package/dist/detect/ast-rules/helpers/string-analysis.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/string-analysis.js +184 -0
package/dist/detect/ast-rules/helpers/string-analysis.js.map +1 -0
package/dist/detect/ast-rules/helpers/type-extraction.d.ts +44 -0
package/dist/detect/ast-rules/helpers/type-extraction.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/type-extraction.js +125 -0
package/dist/detect/ast-rules/helpers/type-extraction.js.map +1 -0
package/dist/detect/ast-rules/helpers/user-input.d.ts +35 -0
package/dist/detect/ast-rules/helpers/user-input.d.ts.map +1 -0
package/dist/detect/ast-rules/helpers/user-input.js +243 -0
package/dist/detect/ast-rules/helpers/user-input.js.map +1 -0
package/dist/detect/ast-rules/index.d.ts +112 -0
package/dist/detect/ast-rules/index.d.ts.map +1 -0
package/dist/detect/ast-rules/index.js +232 -0
package/dist/detect/ast-rules/index.js.map +1 -0
package/dist/detect/ast-rules/json-parse-ast.d.ts +13 -0
package/dist/detect/ast-rules/json-parse-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/json-parse-ast.js +143 -0
package/dist/detect/ast-rules/json-parse-ast.js.map +1 -0
package/dist/detect/ast-rules/log-injection-ast.d.ts +14 -0
package/dist/detect/ast-rules/log-injection-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/log-injection-ast.js +235 -0
package/dist/detect/ast-rules/log-injection-ast.js.map +1 -0
package/dist/detect/ast-rules/logic-gates-ast.d.ts +14 -0
package/dist/detect/ast-rules/logic-gates-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/logic-gates-ast.js +312 -0
package/dist/detect/ast-rules/logic-gates-ast.js.map +1 -0
package/dist/detect/ast-rules/mcp-security-ast.d.ts +14 -0
package/dist/detect/ast-rules/mcp-security-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/mcp-security-ast.js +755 -0
package/dist/detect/ast-rules/mcp-security-ast.js.map +1 -0
package/dist/detect/ast-rules/model-supply-chain-ast.d.ts +13 -0
package/dist/detect/ast-rules/model-supply-chain-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/model-supply-chain-ast.js +188 -0
package/dist/detect/ast-rules/model-supply-chain-ast.js.map +1 -0
package/dist/detect/ast-rules/package-hallucination-ast.d.ts +13 -0
package/dist/detect/ast-rules/package-hallucination-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/package-hallucination-ast.js +607 -0
package/dist/detect/ast-rules/package-hallucination-ast.js.map +1 -0
package/dist/detect/ast-rules/prompt-hygiene-ast.d.ts +15 -0
package/dist/detect/ast-rules/prompt-hygiene-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/prompt-hygiene-ast.js +332 -0
package/dist/detect/ast-rules/prompt-hygiene-ast.js.map +1 -0
package/dist/detect/ast-rules/rag-safety-ast.d.ts +18 -0
package/dist/detect/ast-rules/rag-safety-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/rag-safety-ast.js +640 -0
package/dist/detect/ast-rules/rag-safety-ast.js.map +1 -0
package/dist/detect/ast-rules/request-validation-ast.d.ts +13 -0
package/dist/detect/ast-rules/request-validation-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/request-validation-ast.js +116 -0
package/dist/detect/ast-rules/request-validation-ast.js.map +1 -0
package/dist/detect/ast-rules/risky-imports-ast.d.ts +14 -0
package/dist/detect/ast-rules/risky-imports-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/risky-imports-ast.js +114 -0
package/dist/detect/ast-rules/risky-imports-ast.js.map +1 -0
package/dist/detect/ast-rules/schema-validation-ast.d.ts +14 -0
package/dist/detect/ast-rules/schema-validation-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/schema-validation-ast.js +233 -0
package/dist/detect/ast-rules/schema-validation-ast.js.map +1 -0
package/dist/detect/ast-rules/secret-patterns-ast.d.ts +17 -0
package/dist/detect/ast-rules/secret-patterns-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/secret-patterns-ast.js +199 -0
package/dist/detect/ast-rules/secret-patterns-ast.js.map +1 -0
package/dist/detect/ast-rules/security-headers-ast.d.ts +14 -0
package/dist/detect/ast-rules/security-headers-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/security-headers-ast.js +187 -0
package/dist/detect/ast-rules/security-headers-ast.js.map +1 -0
package/dist/detect/ast-rules/sql-injection-ast.d.ts +17 -0
package/dist/detect/ast-rules/sql-injection-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/sql-injection-ast.js +497 -0
package/dist/detect/ast-rules/sql-injection-ast.js.map +1 -0
package/dist/detect/ast-rules/ssrf-ast.d.ts +14 -0
package/dist/detect/ast-rules/ssrf-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/ssrf-ast.js +573 -0
package/dist/detect/ast-rules/ssrf-ast.js.map +1 -0
package/dist/detect/ast-rules/taint-fix-templates.d.ts +18 -0
package/dist/detect/ast-rules/taint-fix-templates.d.ts.map +1 -0
package/dist/detect/ast-rules/taint-fix-templates.js +92 -0
package/dist/detect/ast-rules/taint-fix-templates.js.map +1 -0
package/dist/detect/ast-rules/taint-flow-ast.d.ts +24 -0
package/dist/detect/ast-rules/taint-flow-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/taint-flow-ast.js +340 -0
package/dist/detect/ast-rules/taint-flow-ast.js.map +1 -0
package/dist/detect/ast-rules/variables-ast.d.ts +24 -0
package/dist/detect/ast-rules/variables-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/variables-ast.js +362 -0
package/dist/detect/ast-rules/variables-ast.js.map +1 -0
package/dist/detect/ast-rules/weak-crypto-ast.d.ts +15 -0
package/dist/detect/ast-rules/weak-crypto-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/weak-crypto-ast.js +406 -0
package/dist/detect/ast-rules/weak-crypto-ast.js.map +1 -0
package/dist/detect/ast-rules/xxe-ast.d.ts +13 -0
package/dist/detect/ast-rules/xxe-ast.d.ts.map +1 -0
package/dist/detect/ast-rules/xxe-ast.js +157 -0
package/dist/detect/ast-rules/xxe-ast.js.map +1 -0
package/dist/detect/config/agent-skill-injection.d.ts.map +1 -1
package/dist/detect/config/agent-skill-injection.js +2 -24
package/dist/detect/config/agent-skill-injection.js.map +1 -1
package/dist/detect/config/index.d.ts +1 -0
package/dist/detect/config/index.d.ts.map +1 -1
package/dist/detect/config/index.js +3 -1
package/dist/detect/config/index.js.map +1 -1
package/dist/detect/config/osv-check.d.ts.map +1 -1
package/dist/detect/config/osv-check.js +6 -1
package/dist/detect/config/osv-check.js.map +1 -1
package/dist/detect/config/package-check.d.ts.map +1 -1
package/dist/detect/config/package-check.js +6 -1
package/dist/detect/config/package-check.js.map +1 -1
package/dist/detect/config/rules-file-backdoor.d.ts +36 -0
package/dist/detect/config/rules-file-backdoor.d.ts.map +1 -0
package/dist/detect/config/rules-file-backdoor.js +379 -0
package/dist/detect/config/rules-file-backdoor.js.map +1 -0
package/dist/detect/index.d.ts +43 -6
package/dist/detect/index.d.ts.map +1 -1
package/dist/detect/index.js +70 -7
package/dist/detect/index.js.map +1 -1
package/dist/detect/secrets/config-audit.d.ts.map +1 -1
package/dist/detect/secrets/config-audit.js +36 -3
package/dist/detect/secrets/config-audit.js.map +1 -1
package/dist/detect/secrets/entropy.d.ts.map +1 -1
package/dist/detect/secrets/entropy.js +180 -0
package/dist/detect/secrets/entropy.js.map +1 -1
package/dist/detect/secrets/index.d.ts +0 -2
package/dist/detect/secrets/index.d.ts.map +1 -1
package/dist/detect/secrets/index.js +7 -17
package/dist/detect/secrets/index.js.map +1 -1
package/dist/detect/structural/index.d.ts +15 -28
package/dist/detect/structural/index.d.ts.map +1 -1
package/dist/detect/structural/index.js +20 -497
package/dist/detect/structural/index.js.map +1 -1
package/dist/index.d.ts +3 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +9 -1
package/dist/index.js.map +1 -1
package/dist/model/auth-helper-detector.d.ts.map +1 -1
package/dist/model/auth-helper-detector.js +2 -7
package/dist/model/auth-helper-detector.js.map +1 -1
package/dist/model/import-resolver.d.ts.map +1 -1
package/dist/model/import-resolver.js +94 -0
package/dist/model/import-resolver.js.map +1 -1
package/dist/model/imported-auth-detector.js +8 -8
package/dist/model/imported-auth-detector.js.map +1 -1
package/dist/model/index.d.ts +8 -0
package/dist/model/index.d.ts.map +1 -1
package/dist/model/index.js +198 -73
package/dist/model/index.js.map +1 -1
package/dist/model/module-graph.d.ts.map +1 -1
package/dist/model/module-graph.js +22 -9
package/dist/model/module-graph.js.map +1 -1
package/dist/model/project-context.d.ts +1 -1
package/dist/model/project-context.d.ts.map +1 -1
package/dist/model/project-context.js +34 -0
package/dist/model/project-context.js.map +1 -1
package/dist/model/route-auth-resolver.d.ts.map +1 -1
package/dist/model/route-auth-resolver.js +17 -2
package/dist/model/route-auth-resolver.js.map +1 -1
package/dist/model/route-discovery/index.js +1 -1
package/dist/model/route-discovery/index.js.map +1 -1
package/dist/model/route-discovery/nextjs.js +1 -1
package/dist/model/route-discovery/nextjs.js.map +1 -1
package/dist/model/route-discovery/python.d.ts +6 -3
package/dist/model/route-discovery/python.d.ts.map +1 -1
package/dist/model/route-discovery/python.js +132 -9
package/dist/model/route-discovery/python.js.map +1 -1
package/dist/model/route-discovery/types.d.ts +1 -1
package/dist/model/route-discovery/types.d.ts.map +1 -1
package/dist/model/route-discovery/utils.d.ts +8 -0
package/dist/model/route-discovery/utils.d.ts.map +1 -1
package/dist/model/route-discovery/utils.js +70 -0
package/dist/model/route-discovery/utils.js.map +1 -1
package/dist/model/taint-types.d.ts +0 -4
package/dist/model/taint-types.d.ts.map +1 -1
package/dist/parse/ast.d.ts +58 -0
package/dist/parse/ast.d.ts.map +1 -0
package/dist/parse/ast.js +230 -0
package/dist/parse/ast.js.map +1 -0
package/dist/parse/call-graph.d.ts +41 -0
package/dist/parse/call-graph.d.ts.map +1 -0
package/dist/parse/call-graph.js +386 -0
package/dist/parse/call-graph.js.map +1 -0
package/dist/parse/file-classifier.d.ts +11 -0
package/dist/parse/file-classifier.d.ts.map +1 -1
package/dist/parse/file-classifier.js +63 -15
package/dist/parse/file-classifier.js.map +1 -1
package/dist/parse/node-index.d.ts +32 -0
package/dist/parse/node-index.d.ts.map +1 -0
package/dist/parse/node-index.js +103 -0
package/dist/parse/node-index.js.map +1 -0
package/dist/parse/type-extractor.d.ts +50 -0
package/dist/parse/type-extractor.d.ts.map +1 -0
package/dist/parse/type-extractor.js +243 -0
package/dist/parse/type-extractor.js.map +1 -0
package/dist/pipeline/config.d.ts +7 -1
package/dist/pipeline/config.d.ts.map +1 -1
package/dist/pipeline/config.js.map +1 -1
package/dist/pipeline/index.d.ts +3 -3
package/dist/pipeline/index.d.ts.map +1 -1
package/dist/pipeline/index.js +192 -64
package/dist/pipeline/index.js.map +1 -1
package/dist/pipeline/modes/incremental.d.ts.map +1 -1
package/dist/pipeline/modes/incremental.js +2 -7
package/dist/pipeline/modes/incremental.js.map +1 -1
package/dist/postprocess/dedup.d.ts +5 -2
package/dist/postprocess/dedup.d.ts.map +1 -1
package/dist/postprocess/dedup.js +47 -16
package/dist/postprocess/dedup.js.map +1 -1
package/dist/report/build-result.d.ts +9 -4
package/dist/report/build-result.d.ts.map +1 -1
package/dist/report/build-result.js +15 -4
package/dist/report/build-result.js.map +1 -1
package/dist/report/formatters/cli-terminal.d.ts +1 -1
package/dist/report/formatters/cli-terminal.d.ts.map +1 -1
package/dist/report/formatters/cli-terminal.js +434 -231
package/dist/report/formatters/cli-terminal.js.map +1 -1
package/dist/report/sanitize.d.ts +10 -0
package/dist/report/sanitize.d.ts.map +1 -0
package/dist/report/sanitize.js +19 -0
package/dist/report/sanitize.js.map +1 -0
package/dist/score/adjustments.d.ts +20 -2
package/dist/score/adjustments.d.ts.map +1 -1
package/dist/score/adjustments.js +108 -37
package/dist/score/adjustments.js.map +1 -1
package/dist/score/confidence.d.ts +6 -0
package/dist/score/confidence.d.ts.map +1 -1
package/dist/score/confidence.js +10 -4
package/dist/score/confidence.js.map +1 -1
package/dist/score/evidence.d.ts +25 -0
package/dist/score/evidence.d.ts.map +1 -0
package/dist/score/evidence.js +51 -0
package/dist/score/evidence.js.map +1 -0
package/dist/score/index.d.ts +3 -1
package/dist/score/index.d.ts.map +1 -1
package/dist/score/index.js +25 -50
package/dist/score/index.js.map +1 -1
package/dist/score/types.d.ts +5 -1
package/dist/score/types.d.ts.map +1 -1
package/dist/shared/category-filter.d.ts.map +1 -1
package/dist/shared/category-filter.js +12 -0
package/dist/shared/category-filter.js.map +1 -1
package/dist/shared/regex-utils.d.ts +3 -0
package/dist/shared/regex-utils.d.ts.map +1 -0
package/dist/shared/regex-utils.js +8 -0
package/dist/shared/regex-utils.js.map +1 -0
package/dist/shared/registry-clients.d.ts +7 -0
package/dist/shared/registry-clients.d.ts.map +1 -1
package/dist/shared/registry-clients.js +94 -17
package/dist/shared/registry-clients.js.map +1 -1
package/dist/shared/rules/metadata.d.ts.map +1 -1
package/dist/shared/rules/metadata.js +17 -0
package/dist/shared/rules/metadata.js.map +1 -1
package/dist/shared/types.d.ts +59 -15
package/dist/shared/types.d.ts.map +1 -1
package/dist/shared/types.js +38 -21
package/dist/shared/types.js.map +1 -1
package/dist/taint/async-flow.d.ts +44 -0
package/dist/taint/async-flow.d.ts.map +1 -0
package/dist/taint/async-flow.js +271 -0
package/dist/taint/async-flow.js.map +1 -0
package/dist/taint/cfg-builder.d.ts +35 -0
package/dist/taint/cfg-builder.d.ts.map +1 -0
package/dist/taint/cfg-builder.js +980 -0
package/dist/taint/cfg-builder.js.map +1 -0
package/dist/taint/cfg-types.d.ts +76 -0
package/dist/taint/cfg-types.d.ts.map +1 -0
package/dist/taint/cfg-types.js +13 -0
package/dist/taint/cfg-types.js.map +1 -0
package/dist/taint/constant-propagation.d.ts +34 -0
package/dist/taint/constant-propagation.d.ts.map +1 -0
package/dist/taint/constant-propagation.js +164 -0
package/dist/taint/constant-propagation.js.map +1 -0
package/dist/taint/cross-file-analyzer.d.ts +27 -0
package/dist/taint/cross-file-analyzer.d.ts.map +1 -0
package/dist/taint/cross-file-analyzer.js +99 -0
package/dist/taint/cross-file-analyzer.js.map +1 -0
package/dist/taint/cross-file-index.d.ts +59 -0
package/dist/taint/cross-file-index.d.ts.map +1 -0
package/dist/taint/cross-file-index.js +183 -0
package/dist/taint/cross-file-index.js.map +1 -0
package/dist/taint/def-use.d.ts +27 -0
package/dist/taint/def-use.d.ts.map +1 -0
package/dist/taint/def-use.js +519 -0
package/dist/taint/def-use.js.map +1 -0
package/dist/taint/file-analysis-cache.d.ts +47 -0
package/dist/taint/file-analysis-cache.d.ts.map +1 -0
package/dist/taint/file-analysis-cache.js +107 -0
package/dist/taint/file-analysis-cache.js.map +1 -0
package/dist/taint/framework-models.d.ts +77 -0
package/dist/taint/framework-models.d.ts.map +1 -0
package/dist/taint/framework-models.js +258 -0
package/dist/taint/framework-models.js.map +1 -0
package/dist/taint/helpers.d.ts +31 -0
package/dist/taint/helpers.d.ts.map +1 -0
package/dist/taint/helpers.js +130 -0
package/dist/taint/helpers.js.map +1 -0
package/dist/taint/index.d.ts +28 -0
package/dist/taint/index.d.ts.map +1 -0
package/dist/taint/index.js +77 -0
package/dist/taint/index.js.map +1 -0
package/dist/taint/llm-registry.d.ts +47 -0
package/dist/taint/llm-registry.d.ts.map +1 -0
package/dist/taint/llm-registry.js +152 -0
package/dist/taint/llm-registry.js.map +1 -0
package/dist/taint/llm-risk-scoring.d.ts +54 -0
package/dist/taint/llm-risk-scoring.d.ts.map +1 -0
package/dist/taint/llm-risk-scoring.js +376 -0
package/dist/taint/llm-risk-scoring.js.map +1 -0
package/dist/taint/propagation-types.d.ts +104 -0
package/dist/taint/propagation-types.d.ts.map +1 -0
package/dist/taint/propagation-types.js +98 -0
package/dist/taint/propagation-types.js.map +1 -0
package/dist/taint/propagation.d.ts +111 -0
package/dist/taint/propagation.d.ts.map +1 -0
package/dist/taint/propagation.js +1576 -0
package/dist/taint/propagation.js.map +1 -0
package/dist/taint/sanitizer-registry.d.ts +26 -0
package/dist/taint/sanitizer-registry.d.ts.map +1 -0
package/dist/taint/sanitizer-registry.js +422 -0
package/dist/taint/sanitizer-registry.js.map +1 -0
package/dist/taint/sink-classifier.d.ts +27 -0
package/dist/taint/sink-classifier.d.ts.map +1 -0
package/dist/taint/sink-classifier.js +1166 -0
package/dist/taint/sink-classifier.js.map +1 -0
package/dist/taint/source-classifier.d.ts +29 -0
package/dist/taint/source-classifier.d.ts.map +1 -0
package/dist/taint/source-classifier.js +814 -0
package/dist/taint/source-classifier.js.map +1 -0
package/dist/taint/taint-analyzer.d.ts +33 -0
package/dist/taint/taint-analyzer.d.ts.map +1 -0
package/dist/taint/taint-analyzer.js +88 -0
package/dist/taint/taint-analyzer.js.map +1 -0
package/dist/taint/taint-summary.d.ts +37 -0
package/dist/taint/taint-summary.d.ts.map +1 -0
package/dist/taint/taint-summary.js +293 -0
package/dist/taint/taint-summary.js.map +1 -0
package/dist/taint/types.d.ts +47 -0
package/dist/taint/types.d.ts.map +1 -0
package/dist/taint/types.js +19 -0
package/dist/taint/types.js.map +1 -0
package/dist/validate/clients.d.ts +2 -1
package/dist/validate/clients.d.ts.map +1 -1
package/dist/validate/clients.js +3 -2
package/dist/validate/clients.js.map +1 -1
package/dist/validate/index.d.ts +5 -6
package/dist/validate/index.d.ts.map +1 -1
package/dist/validate/index.js +22 -21
package/dist/validate/index.js.map +1 -1
package/dist/validate/prompts/modules/ai-patterns.d.ts +1 -1
package/dist/validate/prompts/modules/ai-patterns.d.ts.map +1 -1
package/dist/validate/prompts/modules/ai-patterns.js +16 -0
package/dist/validate/prompts/modules/ai-patterns.js.map +1 -1
package/dist/validate/prompts/modules/common.d.ts +1 -1
package/dist/validate/prompts/modules/common.d.ts.map +1 -1
package/dist/validate/prompts/modules/common.js +12 -3
package/dist/validate/prompts/modules/common.js.map +1 -1
package/dist/validate/providers/anthropic.d.ts +4 -4
package/dist/validate/providers/anthropic.d.ts.map +1 -1
package/dist/validate/providers/anthropic.js +85 -58
package/dist/validate/providers/anthropic.js.map +1 -1
package/dist/validate/providers/openai.d.ts +4 -4
package/dist/validate/providers/openai.d.ts.map +1 -1
package/dist/validate/providers/openai.js +149 -99
package/dist/validate/providers/openai.js.map +1 -1
package/dist/validate/request-builder.d.ts +2 -8
package/dist/validate/request-builder.d.ts.map +1 -1
package/dist/validate/request-builder.js +4 -34
package/dist/validate/request-builder.js.map +1 -1
package/dist/validate/types.d.ts +9 -0
package/dist/validate/types.d.ts.map +1 -1
package/dist/validate/types.js.map +1 -1
package/dist/validate/utils/path-helpers.js +2 -2
package/dist/validate/utils/path-helpers.js.map +1 -1
package/dist/validate/utils/response-parser.d.ts +10 -0
package/dist/validate/utils/response-parser.d.ts.map +1 -1
package/dist/validate/utils/response-parser.js +21 -2
package/dist/validate/utils/response-parser.js.map +1 -1
package/dist/validate/utils/retry.d.ts.map +1 -1
package/dist/validate/utils/retry.js +19 -4
package/dist/validate/utils/retry.js.map +1 -1
package/package.json +7 -4
package/src/__tests__/benchmark/fixtures/layer2/ai-execution-sinks.ts +1 -1
package/src/__tests__/benchmark/planted-benchmark.test.ts +337 -0
package/src/__tests__/benchmark/utils/test-runner.ts +38 -4
package/src/__tests__/category-filter.test.ts +5 -1
package/src/__tests__/context-engine/route-discovery/python.test.ts +726 -0
package/src/__tests__/detect/ast-rules.test.ts +1043 -0
package/src/__tests__/detect/offline-mode.test.ts +147 -0
package/src/__tests__/detect/python-ast-rules.test.ts +569 -0
package/src/__tests__/detect/python-helpers.test.ts +536 -0
package/src/__tests__/detect/python-sast-rules.test.ts +453 -0
package/src/__tests__/detect/rules-file-backdoor-decoders.test.ts +151 -0
package/src/__tests__/detect/rules-file-backdoor.test.ts +284 -0
package/src/__tests__/detect/taint-fix-templates.test.ts +150 -0
package/src/__tests__/detect/taint-path-serialization.test.ts +170 -0
package/src/__tests__/parse/call-graph.test.ts +300 -0
package/src/__tests__/parse/python-parser.test.ts +274 -0
package/src/__tests__/regression/known-false-positives.test.ts +491 -9
package/src/__tests__/regression/rules-file-backdoor.test.ts +137 -0
package/src/__tests__/score/adjustments.test.ts +34 -16
package/src/__tests__/score/confidence.test.ts +84 -57
package/src/__tests__/score/evidence-scoring.test.ts +249 -0
package/src/__tests__/score/evidence.test.ts +144 -0
package/src/__tests__/score/scoring-integration.test.ts +56 -34
package/src/__tests__/score/taint-adjustments.test.ts +14 -228
package/src/__tests__/snapshots/__snapshots__/scan-depth.test.ts.snap +65 -59
package/src/__tests__/snapshots/scan-depth.test.ts +39 -7
package/src/__tests__/taint/async-flow.test.ts +247 -0
package/src/__tests__/taint/cfg-builder.test.ts +835 -0
package/src/__tests__/taint/constant-propagation.test.ts +302 -0
package/src/__tests__/taint/cross-file-index.test.ts +683 -0
package/src/__tests__/taint/cross-file-integration.test.ts +275 -0
package/src/__tests__/taint/cross-file-propagation.test.ts +910 -0
package/src/__tests__/taint/def-use.test.ts +132 -0
package/src/__tests__/taint/field-sensitive-sinks.test.ts +179 -0
package/src/__tests__/taint/field-sensitivity.test.ts +342 -0
package/src/__tests__/taint/file-analysis-cache.test.ts +290 -0
package/src/__tests__/taint/framework-models.test.ts +227 -0
package/src/__tests__/taint/llm-flow-graph.test.ts +850 -0
package/src/__tests__/taint/llm-risk-scoring.test.ts +439 -0
package/src/__tests__/taint/performance-parity.test.ts +315 -0
package/src/__tests__/taint/propagation.test.ts +621 -0
package/src/__tests__/taint/python-cross-file.test.ts +494 -0
package/src/__tests__/taint/python-taint.test.ts +1344 -0
package/src/__tests__/taint/sanitizer-registry.test.ts +304 -0
package/src/__tests__/taint/sanitizer-regression.test.ts +111 -0
package/src/__tests__/taint/sink-classifier.test.ts +537 -0
package/src/__tests__/taint/source-classifier.test.ts +367 -0
package/src/__tests__/taint/taint-pipeline.test.ts +418 -0
package/src/__tests__/taint/taint-smoke.test.ts +400 -0
package/src/__tests__/taint/taint-summary.test.ts +472 -0
package/src/detect/ai-code/index.ts +6 -11
package/src/detect/ast-rules/agent-tools-ast.ts +861 -0
package/src/detect/ast-rules/ai-fingerprinting-ast.ts +451 -0
package/src/detect/ast-rules/auth-patterns-ast.ts +304 -0
package/src/detect/ast-rules/byok-ast.ts +195 -0
package/src/detect/ast-rules/child-process-ast.ts +276 -0
package/src/detect/ast-rules/dangerous-eval-ast.ts +227 -0
package/src/detect/ast-rules/data-exposure-ast.ts +162 -0
package/src/detect/ast-rules/dom-xss-ast.ts +260 -0
package/src/detect/ast-rules/endpoint-protection-ast.ts +231 -0
package/src/detect/ast-rules/entropy-ast.ts +268 -0
package/src/detect/ast-rules/flask-debug-ast.ts +148 -0
package/src/detect/ast-rules/framework-checks-ast.ts +200 -0
package/src/detect/ast-rules/helpers/call-analysis.ts +256 -0
package/src/detect/ast-rules/helpers/context-detection.ts +277 -0
package/src/detect/ast-rules/helpers/control-flow.ts +179 -0
package/src/detect/ast-rules/helpers/import-analysis.ts +185 -0
package/src/detect/ast-rules/helpers/index.ts +133 -0
package/src/detect/ast-rules/helpers/python-helpers.ts +1054 -0
package/src/detect/ast-rules/helpers/scope-analysis.ts +224 -0
package/src/detect/ast-rules/helpers/string-analysis.ts +215 -0
package/src/detect/ast-rules/helpers/type-extraction.ts +138 -0
package/src/detect/ast-rules/helpers/user-input.ts +256 -0
package/src/detect/ast-rules/index.ts +311 -0
package/src/detect/ast-rules/json-parse-ast.ts +162 -0
package/src/detect/ast-rules/log-injection-ast.ts +243 -0
package/src/detect/ast-rules/logic-gates-ast.ts +343 -0
package/src/detect/ast-rules/mcp-security-ast.ts +808 -0
package/src/detect/ast-rules/model-supply-chain-ast.ts +202 -0
package/src/detect/ast-rules/package-hallucination-ast.ts +664 -0
package/src/detect/ast-rules/prompt-hygiene-ast.ts +329 -0
package/src/detect/ast-rules/rag-safety-ast.ts +689 -0
package/src/detect/ast-rules/request-validation-ast.ts +122 -0
package/src/detect/ast-rules/risky-imports-ast.ts +133 -0
package/src/detect/ast-rules/schema-validation-ast.ts +244 -0
package/src/detect/ast-rules/secret-patterns-ast.ts +223 -0
package/src/detect/ast-rules/security-headers-ast.ts +206 -0
package/src/detect/ast-rules/sql-injection-ast.ts +614 -0
package/src/detect/ast-rules/ssrf-ast.ts +601 -0
package/src/detect/ast-rules/taint-fix-templates.ts +108 -0
package/src/detect/ast-rules/taint-flow-ast.ts +416 -0
package/src/detect/ast-rules/variables-ast.ts +446 -0
package/src/detect/ast-rules/weak-crypto-ast.ts +441 -0
package/src/detect/ast-rules/xxe-ast.ts +184 -0
package/src/detect/config/agent-skill-injection.ts +2 -24
package/src/detect/config/index.ts +1 -0
package/src/detect/config/osv-check.ts +6 -1
package/src/detect/config/package-check.ts +6 -1
package/src/detect/config/rules-file-backdoor.ts +438 -0
package/src/detect/index.ts +146 -52
package/src/detect/secrets/config-audit.ts +37 -3
package/src/detect/secrets/entropy.ts +195 -0
package/src/detect/secrets/index.ts +7 -16
package/src/detect/structural/index.ts +23 -566
package/src/index.ts +7 -0
package/src/model/auth-helper-detector.ts +1 -7
package/src/model/import-resolver.ts +104 -0
package/src/model/imported-auth-detector.ts +1 -1
package/src/model/index.ts +240 -80
package/src/model/module-graph.ts +17 -5
package/src/model/project-context.ts +28 -1
package/src/model/route-auth-resolver.ts +18 -3
package/src/model/route-discovery/index.ts +1 -1
package/src/model/route-discovery/nextjs.ts +1 -1
package/src/model/route-discovery/python.ts +156 -9
package/src/model/route-discovery/types.ts +1 -1
package/src/model/route-discovery/utils.ts +73 -0
package/src/model/taint-types.ts +1 -6
package/src/parse/ast.ts +271 -0
package/src/parse/call-graph.ts +419 -0
package/src/parse/file-classifier.ts +69 -15
package/src/parse/node-index.ts +118 -0
package/src/parse/type-extractor.ts +293 -0
package/src/pipeline/config.ts +7 -0
package/src/pipeline/index.ts +464 -199
package/src/pipeline/modes/incremental.ts +1 -7
package/src/postprocess/dedup.ts +48 -17
package/src/report/build-result.ts +57 -29
package/src/report/formatters/cli-terminal.ts +731 -415
package/src/report/sanitize.ts +27 -0
package/src/score/adjustments.ts +113 -40
package/src/score/confidence.ts +10 -5
package/src/score/evidence.ts +55 -0
package/src/score/index.ts +27 -55
package/src/score/types.ts +4 -0
package/src/shared/category-filter.ts +12 -0
package/src/shared/regex-utils.ts +4 -0
package/src/shared/registry-clients.ts +106 -18
package/src/shared/rules/__tests__/metadata.test.ts +5 -1
package/src/shared/rules/metadata.ts +19 -0
package/src/shared/types.ts +372 -253
package/src/taint/async-flow.ts +301 -0
package/src/taint/cfg-builder.ts +1127 -0
package/src/taint/cfg-types.ts +110 -0
package/src/taint/constant-propagation.ts +170 -0
package/src/taint/cross-file-analyzer.ts +118 -0
package/src/taint/cross-file-index.ts +275 -0
package/src/taint/def-use.ts +556 -0
package/src/taint/file-analysis-cache.ts +145 -0
package/src/taint/framework-models.ts +313 -0
package/src/taint/helpers.ts +138 -0
package/src/taint/index.ts +71 -0
package/src/taint/llm-registry.ts +174 -0
package/src/taint/llm-risk-scoring.ts +412 -0
package/src/taint/propagation-types.ts +188 -0
package/src/taint/propagation.ts +1750 -0
package/src/taint/sanitizer-registry.ts +490 -0
package/src/taint/sink-classifier.ts +1402 -0
package/src/taint/source-classifier.ts +859 -0
package/src/taint/taint-analyzer.ts +112 -0
package/src/taint/taint-summary.ts +341 -0
package/src/taint/types.ts +86 -0
package/src/validate/clients.ts +3 -2
package/src/validate/index.ts +89 -53
package/src/validate/prompts/modules/ai-patterns.ts +16 -0
package/src/validate/prompts/modules/common.ts +12 -3
package/src/validate/providers/anthropic.ts +254 -148
package/src/validate/providers/openai.ts +363 -218
package/src/validate/request-builder.ts +2 -45
package/src/validate/types.ts +9 -0
package/src/validate/utils/path-helpers.ts +2 -2
package/src/validate/utils/response-parser.ts +32 -3
package/src/validate/utils/retry.ts +19 -4
package/dist/ai-context/index.d.ts +0 -6
package/dist/ai-context/index.d.ts.map +0 -1
package/dist/ai-context/index.js +0 -13
package/dist/ai-context/index.js.map +0 -1
package/dist/ai-context/manager.d.ts +0 -67
package/dist/ai-context/manager.d.ts.map +0 -1
package/dist/ai-context/manager.js +0 -104
package/dist/ai-context/manager.js.map +0 -1
package/dist/baseline/diff.d.ts +0 -32
package/dist/baseline/diff.d.ts.map +0 -1
package/dist/baseline/diff.js +0 -119
package/dist/baseline/diff.js.map +0 -1
package/dist/baseline/index.d.ts +0 -9
package/dist/baseline/index.d.ts.map +0 -1
package/dist/baseline/index.js +0 -19
package/dist/baseline/index.js.map +0 -1
package/dist/baseline/manager.d.ts +0 -67
package/dist/baseline/manager.d.ts.map +0 -1
package/dist/baseline/manager.js +0 -180
package/dist/baseline/manager.js.map +0 -1
package/dist/baseline/types.d.ts +0 -91
package/dist/baseline/types.d.ts.map +0 -1
package/dist/baseline/types.js +0 -12
package/dist/baseline/types.js.map +0 -1
package/dist/category-filter.d.ts +0 -125
package/dist/category-filter.d.ts.map +0 -1
package/dist/category-filter.js +0 -360
package/dist/category-filter.js.map +0 -1
package/dist/detect/ai-code/agent-tools.d.ts +0 -22
package/dist/detect/ai-code/agent-tools.d.ts.map +0 -1
package/dist/detect/ai-code/agent-tools.js +0 -1509
package/dist/detect/ai-code/agent-tools.js.map +0 -1
package/dist/detect/ai-code/byok-patterns.d.ts +0 -15
package/dist/detect/ai-code/byok-patterns.d.ts.map +0 -1
package/dist/detect/ai-code/byok-patterns.js +0 -313
package/dist/detect/ai-code/byok-patterns.js.map +0 -1
package/dist/detect/ai-code/endpoint-protection.d.ts +0 -38
package/dist/detect/ai-code/endpoint-protection.d.ts.map +0 -1
package/dist/detect/ai-code/endpoint-protection.js +0 -349
package/dist/detect/ai-code/endpoint-protection.js.map +0 -1
package/dist/detect/ai-code/execution-sinks.d.ts +0 -21
package/dist/detect/ai-code/execution-sinks.d.ts.map +0 -1
package/dist/detect/ai-code/execution-sinks.js +0 -1158
package/dist/detect/ai-code/execution-sinks.js.map +0 -1
package/dist/detect/ai-code/fingerprinting.d.ts +0 -10
package/dist/detect/ai-code/fingerprinting.d.ts.map +0 -1
package/dist/detect/ai-code/fingerprinting.js +0 -665
package/dist/detect/ai-code/fingerprinting.js.map +0 -1
package/dist/detect/ai-code/mcp-security.d.ts +0 -20
package/dist/detect/ai-code/mcp-security.d.ts.map +0 -1
package/dist/detect/ai-code/mcp-security.js +0 -880
package/dist/detect/ai-code/mcp-security.js.map +0 -1
package/dist/detect/ai-code/model-supply-chain.d.ts +0 -23
package/dist/detect/ai-code/model-supply-chain.d.ts.map +0 -1
package/dist/detect/ai-code/model-supply-chain.js +0 -447
package/dist/detect/ai-code/model-supply-chain.js.map +0 -1
package/dist/detect/ai-code/package-hallucination.d.ts +0 -22
package/dist/detect/ai-code/package-hallucination.d.ts.map +0 -1
package/dist/detect/ai-code/package-hallucination.js +0 -841
package/dist/detect/ai-code/package-hallucination.js.map +0 -1
package/dist/detect/ai-code/prompt-hygiene.d.ts +0 -22
package/dist/detect/ai-code/prompt-hygiene.d.ts.map +0 -1
package/dist/detect/ai-code/prompt-hygiene.js +0 -1177
package/dist/detect/ai-code/prompt-hygiene.js.map +0 -1
package/dist/detect/ai-code/rag-safety.d.ts +0 -24
package/dist/detect/ai-code/rag-safety.d.ts.map +0 -1
package/dist/detect/ai-code/rag-safety.js +0 -913
package/dist/detect/ai-code/rag-safety.js.map +0 -1
package/dist/detect/ai-code/schema-validation.d.ts +0 -28
package/dist/detect/ai-code/schema-validation.d.ts.map +0 -1
package/dist/detect/ai-code/schema-validation.js +0 -378
package/dist/detect/ai-code/schema-validation.js.map +0 -1
package/dist/detect/secrets/patterns.d.ts +0 -11
package/dist/detect/secrets/patterns.d.ts.map +0 -1
package/dist/detect/secrets/patterns.js +0 -518
package/dist/detect/secrets/patterns.js.map +0 -1
package/dist/detect/secrets/weak-crypto.d.ts +0 -10
package/dist/detect/secrets/weak-crypto.d.ts.map +0 -1
package/dist/detect/secrets/weak-crypto.js +0 -432
package/dist/detect/secrets/weak-crypto.js.map +0 -1
package/dist/detect/structural/auth-patterns.d.ts +0 -22
package/dist/detect/structural/auth-patterns.d.ts.map +0 -1
package/dist/detect/structural/auth-patterns.js +0 -533
package/dist/detect/structural/auth-patterns.js.map +0 -1
package/dist/detect/structural/dangerous-functions/child-process.d.ts +0 -16
package/dist/detect/structural/dangerous-functions/child-process.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/child-process.js +0 -74
package/dist/detect/structural/dangerous-functions/child-process.js.map +0 -1
package/dist/detect/structural/dangerous-functions/dom-xss.d.ts +0 -34
package/dist/detect/structural/dangerous-functions/dom-xss.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/dom-xss.js +0 -230
package/dist/detect/structural/dangerous-functions/dom-xss.js.map +0 -1
package/dist/detect/structural/dangerous-functions/index.d.ts +0 -16
package/dist/detect/structural/dangerous-functions/index.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/index.js +0 -1193
package/dist/detect/structural/dangerous-functions/index.js.map +0 -1
package/dist/detect/structural/dangerous-functions/json-parse.d.ts +0 -31
package/dist/detect/structural/dangerous-functions/json-parse.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/json-parse.js +0 -326
package/dist/detect/structural/dangerous-functions/json-parse.js.map +0 -1
package/dist/detect/structural/dangerous-functions/math-random.d.ts +0 -111
package/dist/detect/structural/dangerous-functions/math-random.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/math-random.js +0 -684
package/dist/detect/structural/dangerous-functions/math-random.js.map +0 -1
package/dist/detect/structural/dangerous-functions/patterns.d.ts +0 -21
package/dist/detect/structural/dangerous-functions/patterns.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/patterns.js +0 -163
package/dist/detect/structural/dangerous-functions/patterns.js.map +0 -1
package/dist/detect/structural/dangerous-functions/request-validation.d.ts +0 -13
package/dist/detect/structural/dangerous-functions/request-validation.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/request-validation.js +0 -126
package/dist/detect/structural/dangerous-functions/request-validation.js.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts +0 -24
package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/control-flow.js +0 -70
package/dist/detect/structural/dangerous-functions/utils/control-flow.js.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts +0 -31
package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/helpers.js +0 -147
package/dist/detect/structural/dangerous-functions/utils/helpers.js.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/index.d.ts +0 -9
package/dist/detect/structural/dangerous-functions/utils/index.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/index.js +0 -23
package/dist/detect/structural/dangerous-functions/utils/index.js.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts +0 -22
package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts.map +0 -1
package/dist/detect/structural/dangerous-functions/utils/schema-validation.js +0 -102
package/dist/detect/structural/dangerous-functions/utils/schema-validation.js.map +0 -1
package/dist/detect/structural/data-exposure.d.ts +0 -19
package/dist/detect/structural/data-exposure.d.ts.map +0 -1
package/dist/detect/structural/data-exposure.js +0 -262
package/dist/detect/structural/data-exposure.js.map +0 -1
package/dist/detect/structural/framework-checks.d.ts +0 -10
package/dist/detect/structural/framework-checks.d.ts.map +0 -1
package/dist/detect/structural/framework-checks.js +0 -389
package/dist/detect/structural/framework-checks.js.map +0 -1
package/dist/detect/structural/log-injection.d.ts +0 -18
package/dist/detect/structural/log-injection.d.ts.map +0 -1
package/dist/detect/structural/log-injection.js +0 -217
package/dist/detect/structural/log-injection.js.map +0 -1
package/dist/detect/structural/logic-gates.d.ts +0 -10
package/dist/detect/structural/logic-gates.d.ts.map +0 -1
package/dist/detect/structural/logic-gates.js +0 -227
package/dist/detect/structural/logic-gates.js.map +0 -1
package/dist/detect/structural/risky-imports.d.ts +0 -10
package/dist/detect/structural/risky-imports.d.ts.map +0 -1
package/dist/detect/structural/risky-imports.js +0 -168
package/dist/detect/structural/risky-imports.js.map +0 -1
package/dist/detect/structural/security-headers.d.ts +0 -18
package/dist/detect/structural/security-headers.d.ts.map +0 -1
package/dist/detect/structural/security-headers.js +0 -196
package/dist/detect/structural/security-headers.js.map +0 -1
package/dist/detect/structural/ssrf-detection.d.ts +0 -18
package/dist/detect/structural/ssrf-detection.d.ts.map +0 -1
package/dist/detect/structural/ssrf-detection.js +0 -263
package/dist/detect/structural/ssrf-detection.js.map +0 -1
package/dist/detect/structural/variables.d.ts +0 -11
package/dist/detect/structural/variables.d.ts.map +0 -1
package/dist/detect/structural/variables.js +0 -159
package/dist/detect/structural/variables.js.map +0 -1
package/dist/detect/structural/xxe-detection.d.ts +0 -18
package/dist/detect/structural/xxe-detection.d.ts.map +0 -1
package/dist/detect/structural/xxe-detection.js +0 -245
package/dist/detect/structural/xxe-detection.js.map +0 -1
package/dist/filtering/context-adjustments.d.ts +0 -23
package/dist/filtering/context-adjustments.d.ts.map +0 -1
package/dist/filtering/context-adjustments.js +0 -100
package/dist/filtering/context-adjustments.js.map +0 -1
package/dist/filtering/index.d.ts +0 -3
package/dist/filtering/index.d.ts.map +0 -1
package/dist/filtering/index.js +0 -8
package/dist/filtering/index.js.map +0 -1
package/dist/filtering/pipeline.d.ts +0 -48
package/dist/filtering/pipeline.d.ts.map +0 -1
package/dist/filtering/pipeline.js +0 -76
package/dist/filtering/pipeline.js.map +0 -1
package/dist/formatters/ai-context.d.ts +0 -23
package/dist/formatters/ai-context.d.ts.map +0 -1
package/dist/formatters/ai-context.js +0 -238
package/dist/formatters/ai-context.js.map +0 -1
package/dist/formatters/cli-terminal.d.ts +0 -65
package/dist/formatters/cli-terminal.d.ts.map +0 -1
package/dist/formatters/cli-terminal.js +0 -735
package/dist/formatters/cli-terminal.js.map +0 -1
package/dist/formatters/github-comment.d.ts +0 -41
package/dist/formatters/github-comment.d.ts.map +0 -1
package/dist/formatters/github-comment.js +0 -370
package/dist/formatters/github-comment.js.map +0 -1
package/dist/formatters/grouping.d.ts +0 -52
package/dist/formatters/grouping.d.ts.map +0 -1
package/dist/formatters/grouping.js +0 -152
package/dist/formatters/grouping.js.map +0 -1
package/dist/formatters/ide/claude-code.d.ts +0 -17
package/dist/formatters/ide/claude-code.d.ts.map +0 -1
package/dist/formatters/ide/claude-code.js +0 -94
package/dist/formatters/ide/claude-code.js.map +0 -1
package/dist/formatters/ide/cursor.d.ts +0 -13
package/dist/formatters/ide/cursor.d.ts.map +0 -1
package/dist/formatters/ide/cursor.js +0 -125
package/dist/formatters/ide/cursor.js.map +0 -1
package/dist/formatters/ide/index.d.ts +0 -62
package/dist/formatters/ide/index.d.ts.map +0 -1
package/dist/formatters/ide/index.js +0 -184
package/dist/formatters/ide/index.js.map +0 -1
package/dist/formatters/ide/windsurf.d.ts +0 -13
package/dist/formatters/ide/windsurf.d.ts.map +0 -1
package/dist/formatters/ide/windsurf.js +0 -117
package/dist/formatters/ide/windsurf.js.map +0 -1
package/dist/formatters/index.d.ts +0 -11
package/dist/formatters/index.d.ts.map +0 -1
package/dist/formatters/index.js +0 -54
package/dist/formatters/index.js.map +0 -1
package/dist/formatters/vscode-diagnostic.d.ts +0 -103
package/dist/formatters/vscode-diagnostic.d.ts.map +0 -1
package/dist/formatters/vscode-diagnostic.js +0 -151
package/dist/formatters/vscode-diagnostic.js.map +0 -1
package/dist/layer1/comments.d.ts +0 -11
package/dist/layer1/comments.d.ts.map +0 -1
package/dist/layer1/comments.js +0 -203
package/dist/layer1/comments.js.map +0 -1
package/dist/layer1/config-audit.d.ts +0 -11
package/dist/layer1/config-audit.d.ts.map +0 -1
package/dist/layer1/config-audit.js +0 -311
package/dist/layer1/config-audit.js.map +0 -1
package/dist/layer1/config-mcp-audit.d.ts +0 -23
package/dist/layer1/config-mcp-audit.d.ts.map +0 -1
package/dist/layer1/config-mcp-audit.js +0 -239
package/dist/layer1/config-mcp-audit.js.map +0 -1
package/dist/layer1/entropy.d.ts +0 -11
package/dist/layer1/entropy.d.ts.map +0 -1
package/dist/layer1/entropy.js +0 -741
package/dist/layer1/entropy.js.map +0 -1
package/dist/layer1/file-flags.d.ts +0 -10
package/dist/layer1/file-flags.d.ts.map +0 -1
package/dist/layer1/file-flags.js +0 -119
package/dist/layer1/file-flags.js.map +0 -1
package/dist/layer1/index.d.ts +0 -38
package/dist/layer1/index.d.ts.map +0 -1
package/dist/layer1/index.js +0 -170
package/dist/layer1/index.js.map +0 -1
package/dist/layer1/patterns.d.ts +0 -11
package/dist/layer1/patterns.d.ts.map +0 -1
package/dist/layer1/patterns.js +0 -512
package/dist/layer1/patterns.js.map +0 -1
package/dist/layer1/urls.d.ts +0 -11
package/dist/layer1/urls.d.ts.map +0 -1
package/dist/layer1/urls.js +0 -444
package/dist/layer1/urls.js.map +0 -1
package/dist/layer1/weak-crypto.d.ts +0 -10
package/dist/layer1/weak-crypto.d.ts.map +0 -1
package/dist/layer1/weak-crypto.js +0 -428
package/dist/layer1/weak-crypto.js.map +0 -1
package/dist/layer2/ai-agent-tools.d.ts +0 -22
package/dist/layer2/ai-agent-tools.d.ts.map +0 -1
package/dist/layer2/ai-agent-tools.js +0 -1490
package/dist/layer2/ai-agent-tools.js.map +0 -1
package/dist/layer2/ai-endpoint-protection.d.ts +0 -38
package/dist/layer2/ai-endpoint-protection.d.ts.map +0 -1
package/dist/layer2/ai-endpoint-protection.js +0 -346
package/dist/layer2/ai-endpoint-protection.js.map +0 -1
package/dist/layer2/ai-execution-sinks.d.ts +0 -21
package/dist/layer2/ai-execution-sinks.d.ts.map +0 -1
package/dist/layer2/ai-execution-sinks.js +0 -1155
package/dist/layer2/ai-execution-sinks.js.map +0 -1
package/dist/layer2/ai-fingerprinting.d.ts +0 -10
package/dist/layer2/ai-fingerprinting.d.ts.map +0 -1
package/dist/layer2/ai-fingerprinting.js +0 -650
package/dist/layer2/ai-fingerprinting.js.map +0 -1
package/dist/layer2/ai-mcp-security.d.ts +0 -20
package/dist/layer2/ai-mcp-security.d.ts.map +0 -1
package/dist/layer2/ai-mcp-security.js +0 -877
package/dist/layer2/ai-mcp-security.js.map +0 -1
package/dist/layer2/ai-package-hallucination.d.ts +0 -22
package/dist/layer2/ai-package-hallucination.d.ts.map +0 -1
package/dist/layer2/ai-package-hallucination.js +0 -828
package/dist/layer2/ai-package-hallucination.js.map +0 -1
package/dist/layer2/ai-prompt-hygiene.d.ts +0 -22
package/dist/layer2/ai-prompt-hygiene.d.ts.map +0 -1
package/dist/layer2/ai-prompt-hygiene.js +0 -1156
package/dist/layer2/ai-prompt-hygiene.js.map +0 -1
package/dist/layer2/ai-rag-safety.d.ts +0 -24
package/dist/layer2/ai-rag-safety.d.ts.map +0 -1
package/dist/layer2/ai-rag-safety.js +0 -910
package/dist/layer2/ai-rag-safety.js.map +0 -1
package/dist/layer2/ai-schema-validation.d.ts +0 -28
package/dist/layer2/ai-schema-validation.d.ts.map +0 -1
package/dist/layer2/ai-schema-validation.js +0 -375
package/dist/layer2/ai-schema-validation.js.map +0 -1
package/dist/layer2/auth-antipatterns.d.ts +0 -22
package/dist/layer2/auth-antipatterns.d.ts.map +0 -1
package/dist/layer2/auth-antipatterns.js +0 -522
package/dist/layer2/auth-antipatterns.js.map +0 -1
package/dist/layer2/byok-patterns.d.ts +0 -15
package/dist/layer2/byok-patterns.d.ts.map +0 -1
package/dist/layer2/byok-patterns.js +0 -302
package/dist/layer2/byok-patterns.js.map +0 -1
package/dist/layer2/dangerous-functions/child-process.d.ts +0 -16
package/dist/layer2/dangerous-functions/child-process.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/child-process.js +0 -74
package/dist/layer2/dangerous-functions/child-process.js.map +0 -1
package/dist/layer2/dangerous-functions/dom-xss.d.ts +0 -34
package/dist/layer2/dangerous-functions/dom-xss.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/dom-xss.js +0 -230
package/dist/layer2/dangerous-functions/dom-xss.js.map +0 -1
package/dist/layer2/dangerous-functions/index.d.ts +0 -16
package/dist/layer2/dangerous-functions/index.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/index.js +0 -1152
package/dist/layer2/dangerous-functions/index.js.map +0 -1
package/dist/layer2/dangerous-functions/json-parse.d.ts +0 -31
package/dist/layer2/dangerous-functions/json-parse.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/json-parse.js +0 -319
package/dist/layer2/dangerous-functions/json-parse.js.map +0 -1
package/dist/layer2/dangerous-functions/math-random.d.ts +0 -111
package/dist/layer2/dangerous-functions/math-random.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/math-random.js +0 -684
package/dist/layer2/dangerous-functions/math-random.js.map +0 -1
package/dist/layer2/dangerous-functions/patterns.d.ts +0 -21
package/dist/layer2/dangerous-functions/patterns.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/patterns.js +0 -163
package/dist/layer2/dangerous-functions/patterns.js.map +0 -1
package/dist/layer2/dangerous-functions/request-validation.d.ts +0 -13
package/dist/layer2/dangerous-functions/request-validation.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/request-validation.js +0 -119
package/dist/layer2/dangerous-functions/request-validation.js.map +0 -1
package/dist/layer2/dangerous-functions/utils/control-flow.d.ts +0 -24
package/dist/layer2/dangerous-functions/utils/control-flow.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/utils/control-flow.js +0 -70
package/dist/layer2/dangerous-functions/utils/control-flow.js.map +0 -1
package/dist/layer2/dangerous-functions/utils/helpers.d.ts +0 -31
package/dist/layer2/dangerous-functions/utils/helpers.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/utils/helpers.js +0 -147
package/dist/layer2/dangerous-functions/utils/helpers.js.map +0 -1
package/dist/layer2/dangerous-functions/utils/index.d.ts +0 -9
package/dist/layer2/dangerous-functions/utils/index.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/utils/index.js +0 -23
package/dist/layer2/dangerous-functions/utils/index.js.map +0 -1
package/dist/layer2/dangerous-functions/utils/schema-validation.d.ts +0 -22
package/dist/layer2/dangerous-functions/utils/schema-validation.d.ts.map +0 -1
package/dist/layer2/dangerous-functions/utils/schema-validation.js +0 -102
package/dist/layer2/dangerous-functions/utils/schema-validation.js.map +0 -1
package/dist/layer2/data-exposure.d.ts +0 -19
package/dist/layer2/data-exposure.d.ts.map +0 -1
package/dist/layer2/data-exposure.js +0 -255
package/dist/layer2/data-exposure.js.map +0 -1
package/dist/layer2/framework-checks.d.ts +0 -10
package/dist/layer2/framework-checks.d.ts.map +0 -1
package/dist/layer2/framework-checks.js +0 -384
package/dist/layer2/framework-checks.js.map +0 -1
package/dist/layer2/index.d.ts +0 -74
package/dist/layer2/index.d.ts.map +0 -1
package/dist/layer2/index.js +0 -544
package/dist/layer2/index.js.map +0 -1
package/dist/layer2/log-injection.d.ts +0 -18
package/dist/layer2/log-injection.d.ts.map +0 -1
package/dist/layer2/log-injection.js +0 -214
package/dist/layer2/log-injection.js.map +0 -1
package/dist/layer2/logic-gates.d.ts +0 -10
package/dist/layer2/logic-gates.d.ts.map +0 -1
package/dist/layer2/logic-gates.js +0 -220
package/dist/layer2/logic-gates.js.map +0 -1
package/dist/layer2/model-supply-chain.d.ts +0 -23
package/dist/layer2/model-supply-chain.d.ts.map +0 -1
package/dist/layer2/model-supply-chain.js +0 -444
package/dist/layer2/model-supply-chain.js.map +0 -1
package/dist/layer2/risky-imports.d.ts +0 -10
package/dist/layer2/risky-imports.d.ts.map +0 -1
package/dist/layer2/risky-imports.js +0 -165
package/dist/layer2/risky-imports.js.map +0 -1
package/dist/layer2/security-headers.d.ts +0 -18
package/dist/layer2/security-headers.d.ts.map +0 -1
package/dist/layer2/security-headers.js +0 -187
package/dist/layer2/security-headers.js.map +0 -1
package/dist/layer2/ssrf-detection.d.ts +0 -18
package/dist/layer2/ssrf-detection.d.ts.map +0 -1
package/dist/layer2/ssrf-detection.js +0 -252
package/dist/layer2/ssrf-detection.js.map +0 -1
package/dist/layer2/variables.d.ts +0 -11
package/dist/layer2/variables.d.ts.map +0 -1
package/dist/layer2/variables.js +0 -156
package/dist/layer2/variables.js.map +0 -1
package/dist/layer2/xxe-detection.d.ts +0 -18
package/dist/layer2/xxe-detection.d.ts.map +0 -1
package/dist/layer2/xxe-detection.js +0 -242
package/dist/layer2/xxe-detection.js.map +0 -1
package/dist/layer3/anthropic/auto-dismiss.d.ts +0 -24
package/dist/layer3/anthropic/auto-dismiss.d.ts.map +0 -1
package/dist/layer3/anthropic/auto-dismiss.js +0 -199
package/dist/layer3/anthropic/auto-dismiss.js.map +0 -1
package/dist/layer3/anthropic/clients.d.ts +0 -44
package/dist/layer3/anthropic/clients.d.ts.map +0 -1
package/dist/layer3/anthropic/clients.js +0 -81
package/dist/layer3/anthropic/clients.js.map +0 -1
package/dist/layer3/anthropic/index.d.ts +0 -41
package/dist/layer3/anthropic/index.d.ts.map +0 -1
package/dist/layer3/anthropic/index.js +0 -141
package/dist/layer3/anthropic/index.js.map +0 -1
package/dist/layer3/anthropic/prompts/index.d.ts +0 -8
package/dist/layer3/anthropic/prompts/index.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/index.js +0 -16
package/dist/layer3/anthropic/prompts/index.js.map +0 -1
package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts +0 -19
package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/modules/ai-patterns.js +0 -156
package/dist/layer3/anthropic/prompts/modules/ai-patterns.js.map +0 -1
package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts +0 -9
package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/modules/auth-access.js +0 -25
package/dist/layer3/anthropic/prompts/modules/auth-access.js.map +0 -1
package/dist/layer3/anthropic/prompts/modules/common.d.ts +0 -11
package/dist/layer3/anthropic/prompts/modules/common.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/modules/common.js +0 -152
package/dist/layer3/anthropic/prompts/modules/common.js.map +0 -1
package/dist/layer3/anthropic/prompts/modules/index.d.ts +0 -54
package/dist/layer3/anthropic/prompts/modules/index.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/modules/index.js +0 -185
package/dist/layer3/anthropic/prompts/modules/index.js.map +0 -1
package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts +0 -8
package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/modules/owasp-classic.js +0 -84
package/dist/layer3/anthropic/prompts/modules/owasp-classic.js.map +0 -1
package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts +0 -8
package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js +0 -68
package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js.map +0 -1
package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts +0 -8
package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/modules/xss-prompt.js +0 -22
package/dist/layer3/anthropic/prompts/modules/xss-prompt.js.map +0 -1
package/dist/layer3/anthropic/prompts/semantic-analysis.d.ts +0 -15
package/dist/layer3/anthropic/prompts/semantic-analysis.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/semantic-analysis.js +0 -169
package/dist/layer3/anthropic/prompts/semantic-analysis.js.map +0 -1
package/dist/layer3/anthropic/prompts/validation.d.ts +0 -18
package/dist/layer3/anthropic/prompts/validation.d.ts.map +0 -1
package/dist/layer3/anthropic/prompts/validation.js +0 -25
package/dist/layer3/anthropic/prompts/validation.js.map +0 -1
package/dist/layer3/anthropic/providers/anthropic.d.ts +0 -21
package/dist/layer3/anthropic/providers/anthropic.d.ts.map +0 -1
package/dist/layer3/anthropic/providers/anthropic.js +0 -269
package/dist/layer3/anthropic/providers/anthropic.js.map +0 -1
package/dist/layer3/anthropic/providers/index.d.ts +0 -8
package/dist/layer3/anthropic/providers/index.d.ts.map +0 -1
package/dist/layer3/anthropic/providers/index.js +0 -15
package/dist/layer3/anthropic/providers/index.js.map +0 -1
package/dist/layer3/anthropic/providers/openai.d.ts +0 -18
package/dist/layer3/anthropic/providers/openai.d.ts.map +0 -1
package/dist/layer3/anthropic/providers/openai.js +0 -343
package/dist/layer3/anthropic/providers/openai.js.map +0 -1
package/dist/layer3/anthropic/request-builder.d.ts +0 -27
package/dist/layer3/anthropic/request-builder.d.ts.map +0 -1
package/dist/layer3/anthropic/request-builder.js +0 -150
package/dist/layer3/anthropic/request-builder.js.map +0 -1
package/dist/layer3/anthropic/types.d.ts +0 -88
package/dist/layer3/anthropic/types.d.ts.map +0 -1
package/dist/layer3/anthropic/types.js +0 -38
package/dist/layer3/anthropic/types.js.map +0 -1
package/dist/layer3/anthropic/utils/context-extractor.d.ts +0 -55
package/dist/layer3/anthropic/utils/context-extractor.d.ts.map +0 -1
package/dist/layer3/anthropic/utils/context-extractor.js +0 -161
package/dist/layer3/anthropic/utils/context-extractor.js.map +0 -1
package/dist/layer3/anthropic/utils/index.d.ts +0 -11
package/dist/layer3/anthropic/utils/index.d.ts.map +0 -1
package/dist/layer3/anthropic/utils/index.js +0 -27
package/dist/layer3/anthropic/utils/index.js.map +0 -1
package/dist/layer3/anthropic/utils/path-helpers.d.ts +0 -21
package/dist/layer3/anthropic/utils/path-helpers.d.ts.map +0 -1
package/dist/layer3/anthropic/utils/path-helpers.js +0 -69
package/dist/layer3/anthropic/utils/path-helpers.js.map +0 -1
package/dist/layer3/anthropic/utils/response-parser.d.ts +0 -40
package/dist/layer3/anthropic/utils/response-parser.d.ts.map +0 -1
package/dist/layer3/anthropic/utils/response-parser.js +0 -285
package/dist/layer3/anthropic/utils/response-parser.js.map +0 -1
package/dist/layer3/anthropic/utils/retry.d.ts +0 -15
package/dist/layer3/anthropic/utils/retry.d.ts.map +0 -1
package/dist/layer3/anthropic/utils/retry.js +0 -62
package/dist/layer3/anthropic/utils/retry.js.map +0 -1
package/dist/layer3/index.d.ts +0 -27
package/dist/layer3/index.d.ts.map +0 -1
package/dist/layer3/index.js +0 -150
package/dist/layer3/index.js.map +0 -1
package/dist/layer3/osv-check.d.ts +0 -75
package/dist/layer3/osv-check.d.ts.map +0 -1
package/dist/layer3/osv-check.js +0 -308
package/dist/layer3/osv-check.js.map +0 -1
package/dist/layer3/package-check.d.ts +0 -63
package/dist/layer3/package-check.d.ts.map +0 -1
package/dist/layer3/package-check.js +0 -508
package/dist/layer3/package-check.js.map +0 -1
package/dist/model/cross-file-taint.d.ts +0 -40
package/dist/model/cross-file-taint.d.ts.map +0 -1
package/dist/model/cross-file-taint.js +0 -290
package/dist/model/cross-file-taint.js.map +0 -1
package/dist/model/function-classifier.d.ts +0 -32
package/dist/model/function-classifier.d.ts.map +0 -1
package/dist/model/function-classifier.js +0 -143
package/dist/model/function-classifier.js.map +0 -1
package/dist/model/sanitiser-detection.d.ts +0 -27
package/dist/model/sanitiser-detection.d.ts.map +0 -1
package/dist/model/sanitiser-detection.js +0 -224
package/dist/model/sanitiser-detection.js.map +0 -1
package/dist/model/sink-matcher.d.ts +0 -17
package/dist/model/sink-matcher.d.ts.map +0 -1
package/dist/model/sink-matcher.js +0 -141
package/dist/model/sink-matcher.js.map +0 -1
package/dist/model/sink-patterns.d.ts +0 -19
package/dist/model/sink-patterns.d.ts.map +0 -1
package/dist/model/sink-patterns.js +0 -88
package/dist/model/sink-patterns.js.map +0 -1
package/dist/model/source-discovery.d.ts +0 -15
package/dist/model/source-discovery.d.ts.map +0 -1
package/dist/model/source-discovery.js +0 -170
package/dist/model/source-discovery.js.map +0 -1
package/dist/model/taint-tracker.d.ts +0 -21
package/dist/model/taint-tracker.d.ts.map +0 -1
package/dist/model/taint-tracker.js +0 -281
package/dist/model/taint-tracker.js.map +0 -1
package/dist/modes/incremental.d.ts +0 -66
package/dist/modes/incremental.d.ts.map +0 -1
package/dist/modes/incremental.js +0 -200
package/dist/modes/incremental.js.map +0 -1
package/dist/rules/framework-fixes.d.ts +0 -48
package/dist/rules/framework-fixes.d.ts.map +0 -1
package/dist/rules/framework-fixes.js +0 -439
package/dist/rules/framework-fixes.js.map +0 -1
package/dist/rules/index.d.ts +0 -8
package/dist/rules/index.d.ts.map +0 -1
package/dist/rules/index.js +0 -18
package/dist/rules/index.js.map +0 -1
package/dist/rules/metadata.d.ts +0 -43
package/dist/rules/metadata.d.ts.map +0 -1
package/dist/rules/metadata.js +0 -800
package/dist/rules/metadata.js.map +0 -1
package/dist/score/auto-dismiss.d.ts +0 -28
package/dist/score/auto-dismiss.d.ts.map +0 -1
package/dist/score/auto-dismiss.js +0 -200
package/dist/score/auto-dismiss.js.map +0 -1
package/dist/suppression/config-loader.d.ts +0 -74
package/dist/suppression/config-loader.d.ts.map +0 -1
package/dist/suppression/config-loader.js +0 -424
package/dist/suppression/config-loader.js.map +0 -1
package/dist/suppression/hash.d.ts +0 -48
package/dist/suppression/hash.d.ts.map +0 -1
package/dist/suppression/hash.js +0 -88
package/dist/suppression/hash.js.map +0 -1
package/dist/suppression/index.d.ts +0 -11
package/dist/suppression/index.d.ts.map +0 -1
package/dist/suppression/index.js +0 -39
package/dist/suppression/index.js.map +0 -1
package/dist/suppression/inline-parser.d.ts +0 -39
package/dist/suppression/inline-parser.d.ts.map +0 -1
package/dist/suppression/inline-parser.js +0 -218
package/dist/suppression/inline-parser.js.map +0 -1
package/dist/suppression/manager.d.ts +0 -94
package/dist/suppression/manager.d.ts.map +0 -1
package/dist/suppression/manager.js +0 -292
package/dist/suppression/manager.js.map +0 -1
package/dist/suppression/types.d.ts +0 -151
package/dist/suppression/types.d.ts.map +0 -1
package/dist/suppression/types.js +0 -28
package/dist/suppression/types.js.map +0 -1
package/dist/types.d.ts +0 -331
package/dist/types.d.ts.map +0 -1
package/dist/types.js +0 -124
package/dist/types.js.map +0 -1
package/dist/utils/auth-helper-detector.d.ts +0 -56
package/dist/utils/auth-helper-detector.d.ts.map +0 -1
package/dist/utils/auth-helper-detector.js +0 -360
package/dist/utils/auth-helper-detector.js.map +0 -1
package/dist/utils/code-analysis.d.ts +0 -39
package/dist/utils/code-analysis.d.ts.map +0 -1
package/dist/utils/code-analysis.js +0 -159
package/dist/utils/code-analysis.js.map +0 -1
package/dist/utils/comment-analyzer.d.ts +0 -38
package/dist/utils/comment-analyzer.d.ts.map +0 -1
package/dist/utils/comment-analyzer.js +0 -218
package/dist/utils/comment-analyzer.js.map +0 -1
package/dist/utils/context-helpers.d.ts +0 -219
package/dist/utils/context-helpers.d.ts.map +0 -1
package/dist/utils/context-helpers.js +0 -886
package/dist/utils/context-helpers.js.map +0 -1
package/dist/utils/diff-detector.d.ts +0 -53
package/dist/utils/diff-detector.d.ts.map +0 -1
package/dist/utils/diff-detector.js +0 -104
package/dist/utils/diff-detector.js.map +0 -1
package/dist/utils/diff-parser.d.ts +0 -80
package/dist/utils/diff-parser.d.ts.map +0 -1
package/dist/utils/diff-parser.js +0 -202
package/dist/utils/diff-parser.js.map +0 -1
package/dist/utils/environment-context.d.ts +0 -76
package/dist/utils/environment-context.d.ts.map +0 -1
package/dist/utils/environment-context.js +0 -271
package/dist/utils/environment-context.js.map +0 -1
package/dist/utils/imported-auth-detector.d.ts +0 -37
package/dist/utils/imported-auth-detector.d.ts.map +0 -1
package/dist/utils/imported-auth-detector.js +0 -251
package/dist/utils/imported-auth-detector.js.map +0 -1
package/dist/utils/intent-detector.d.ts +0 -66
package/dist/utils/intent-detector.d.ts.map +0 -1
package/dist/utils/intent-detector.js +0 -282
package/dist/utils/intent-detector.js.map +0 -1
package/dist/utils/middleware-detector.d.ts +0 -55
package/dist/utils/middleware-detector.d.ts.map +0 -1
package/dist/utils/middleware-detector.js +0 -260
package/dist/utils/middleware-detector.js.map +0 -1
package/dist/utils/oauth-flow-detector.d.ts +0 -41
package/dist/utils/oauth-flow-detector.d.ts.map +0 -1
package/dist/utils/oauth-flow-detector.js +0 -202
package/dist/utils/oauth-flow-detector.js.map +0 -1
package/dist/utils/parsed-file.d.ts +0 -51
package/dist/utils/parsed-file.d.ts.map +0 -1
package/dist/utils/parsed-file.js +0 -95
package/dist/utils/parsed-file.js.map +0 -1
package/dist/utils/path-exclusions.d.ts +0 -55
package/dist/utils/path-exclusions.d.ts.map +0 -1
package/dist/utils/path-exclusions.js +0 -224
package/dist/utils/path-exclusions.js.map +0 -1
package/dist/utils/project-context-builder.d.ts +0 -119
package/dist/utils/project-context-builder.d.ts.map +0 -1
package/dist/utils/project-context-builder.js +0 -534
package/dist/utils/project-context-builder.js.map +0 -1
package/dist/utils/registry-clients.d.ts +0 -93
package/dist/utils/registry-clients.d.ts.map +0 -1
package/dist/utils/registry-clients.js +0 -273
package/dist/utils/registry-clients.js.map +0 -1
package/dist/utils/route-hierarchy.d.ts +0 -50
package/dist/utils/route-hierarchy.d.ts.map +0 -1
package/dist/utils/route-hierarchy.js +0 -226
package/dist/utils/route-hierarchy.js.map +0 -1
package/dist/utils/schema-semantics.d.ts +0 -45
package/dist/utils/schema-semantics.d.ts.map +0 -1
package/dist/utils/schema-semantics.js +0 -193
package/dist/utils/schema-semantics.js.map +0 -1
package/dist/utils/trpc-analyzer.d.ts +0 -78
package/dist/utils/trpc-analyzer.d.ts.map +0 -1
package/dist/utils/trpc-analyzer.js +0 -297
package/dist/utils/trpc-analyzer.js.map +0 -1
package/src/__tests__/context-engine/cross-file-taint.test.ts +0 -284
package/src/__tests__/context-engine/function-classifier.test.ts +0 -146
package/src/__tests__/context-engine/integration.test.ts +0 -320
package/src/__tests__/context-engine/sanitiser-detection.test.ts +0 -187
package/src/__tests__/context-engine/sink-matcher.test.ts +0 -251
package/src/__tests__/context-engine/source-discovery.test.ts +0 -186
package/src/__tests__/context-engine/taint-tracker.test.ts +0 -182
package/src/__tests__/snapshots/__snapshots__/anthropic-validation-refactor.test.ts.snap +0 -750
package/src/__tests__/snapshots/__snapshots__/dangerous-functions-refactor.test.ts.snap +0 -555
package/src/__tests__/snapshots/anthropic-validation-refactor.test.ts +0 -321
package/src/__tests__/snapshots/dangerous-functions-refactor.test.ts +0 -439
package/src/detect/ai-code/agent-tools.ts +0 -1662
package/src/detect/ai-code/byok-patterns.ts +0 -354
package/src/detect/ai-code/endpoint-protection.ts +0 -406
package/src/detect/ai-code/execution-sinks.ts +0 -1310
package/src/detect/ai-code/fingerprinting.ts +0 -774
package/src/detect/ai-code/mcp-security.ts +0 -937
package/src/detect/ai-code/model-supply-chain.ts +0 -535
package/src/detect/ai-code/package-hallucination.ts +0 -955
package/src/detect/ai-code/prompt-hygiene.ts +0 -1314
package/src/detect/ai-code/rag-safety.ts +0 -977
package/src/detect/ai-code/schema-validation.ts +0 -427
package/src/detect/secrets/patterns.ts +0 -561
package/src/detect/secrets/weak-crypto.ts +0 -485
package/src/detect/structural/__tests__/math-random-enhanced.test.ts +0 -405
package/src/detect/structural/auth-patterns.ts +0 -621
package/src/detect/structural/dangerous-functions/child-process.ts +0 -98
package/src/detect/structural/dangerous-functions/dom-xss.ts +0 -292
package/src/detect/structural/dangerous-functions/index.ts +0 -1556
package/src/detect/structural/dangerous-functions/json-parse.ts +0 -393
package/src/detect/structural/dangerous-functions/math-random.ts +0 -789
package/src/detect/structural/dangerous-functions/patterns.ts +0 -176
package/src/detect/structural/dangerous-functions/request-validation.ts +0 -153
package/src/detect/structural/dangerous-functions/utils/control-flow.ts +0 -35
package/src/detect/structural/dangerous-functions/utils/helpers.ts +0 -170
package/src/detect/structural/dangerous-functions/utils/index.ts +0 -25
package/src/detect/structural/dangerous-functions/utils/schema-validation.ts +0 -106
package/src/detect/structural/data-exposure.ts +0 -302
package/src/detect/structural/framework-checks.ts +0 -439
package/src/detect/structural/log-injection.ts +0 -254
package/src/detect/structural/logic-gates.ts +0 -256
package/src/detect/structural/risky-imports.ts +0 -197
package/src/detect/structural/security-headers.ts +0 -231
package/src/detect/structural/ssrf-detection.ts +0 -300
package/src/detect/structural/variables.ts +0 -177
package/src/detect/structural/xxe-detection.ts +0 -295
package/src/model/cross-file-taint.ts +0 -374
package/src/model/function-classifier.ts +0 -184
package/src/model/sanitiser-detection.ts +0 -268
package/src/model/sink-matcher.ts +0 -178
package/src/model/sink-patterns.ts +0 -109
package/src/model/source-discovery.ts +0 -209
package/src/model/taint-tracker.ts +0 -333
package/src/score/auto-dismiss.ts +0 -224

package/src/detect/ast-rules/taint-fix-templates.ts ADDED Viewed

@@ -0,0 +1,108 @@
+/**
+ * Taint-Specific Fix Templates
+ *
+ * Provides context-specific fix steps for taint flow findings based on
+ * source type, sink type, and taint kind. Returns 3-5 actionable steps
+ * instead of generic "Sanitize or validate user input" advice.
+ */
+import type { TaintSourceType, TaintSinkType, TaintKind } from '../../taint/types'
+// ============================================================================
+// Sink-Specific Fix Steps (primary axis)
+// ============================================================================
+const SINK_FIX_STEPS: Record<TaintKind, string[]> = {
+  sql: [
+    'Use parameterized queries or prepared statements (e.g., db.query("SELECT * FROM users WHERE id = $1", [id]))',
+    'Use ORM query builder methods (Prisma, Knex, Sequelize) instead of raw SQL',
+    'Never concatenate or interpolate user input into SQL strings',
+  ],
+  xss: [
+    'Escape output using your framework\'s built-in mechanism (React auto-escapes JSX, use textContent instead of innerHTML)',
+    'Sanitize HTML with DOMPurify.sanitize() before rendering dynamic content',
+    'Avoid dangerouslySetInnerHTML, innerHTML, and document.write with user data',
+  ],
+  command: [
+    'Use execFile() with an argument array instead of exec() with shell strings',
+    'Validate inputs against an allowlist of permitted values',
+    'Never pass user input directly to shell commands or eval()',
+  ],
+  ssrf: [
+    'Validate URLs against an allowlist of permitted domains',
+    'Reject requests to private/internal IP ranges (10.x, 172.16.x, 192.168.x, 169.254.x)',
+    'Parse the URL and verify the hostname before making the request',
+  ],
+  prompt: [
+    'Delimit user input with clear markers (e.g., <user_input>...</user_input>) in prompts',
+    'Use the structured messages API with separate system/user roles instead of string concatenation',
+    'Apply input length limits and content filtering before prompt construction',
+  ],
+  path: [
+    'Use path.resolve() and verify the result is within the allowed base directory',
+    'Reject inputs containing "../" or absolute paths',
+    'Use path.join() with a fixed base path and validate the resolved path stays within bounds',
+  ],
+}
+// ============================================================================
+// Source-Aware Prefix Steps (secondary axis)
+// ============================================================================
+const SOURCE_PREFIX: Partial<Record<TaintSourceType, string>> = {
+  http_body: 'Validate request body with a schema library (zod, joi, yup) before use',
+  http_query: 'Validate and sanitize URL query parameters before use',
+  http_params: 'Validate URL path parameters (check format, length, allowlist)',
+  http_headers: 'Validate and sanitize request headers before use',
+  llm_output: 'Treat LLM output as untrusted — validate and sanitize before passing to sinks',
+  rag_retrieval: 'Sanitize retrieved documents before including in prompts or rendering',
+  tool_output: 'Validate tool/function call output before further processing',
+  tool_input: 'Validate tool input parameters before execution',
+  conversation_history: 'Sanitize conversation history entries before reuse in prompts',
+  websocket_message: 'Validate and sanitize WebSocket message payloads',
+  file_upload: 'Validate file upload content and metadata before processing',
+  cli_args: 'Validate CLI arguments against expected patterns before use',
+}
+// ============================================================================
+// Public API
+// ============================================================================
+/**
+ * Get context-specific fix steps for a taint finding.
+ *
+ * @param sourceType - The taint source type (e.g., 'http_body', 'llm_output')
+ * @param sinkType - The taint sink type (e.g., 'sql_query', 'eval')
+ * @param taintKind - The taint kind (e.g., 'sql', 'xss', 'command')
+ * @returns Array of 3-5 actionable fix steps
+ */
+export function getTaintFixSteps(
+  sourceType: TaintSourceType | string,
+  sinkType: TaintSinkType | string,
+  taintKind: TaintKind
+): string[] {
+  const steps: string[] = []
+  // Add source-aware prefix step if available
+  const prefix = SOURCE_PREFIX[sourceType as TaintSourceType]
+  if (prefix) {
+    steps.push(prefix)
+  }
+  // Add sink-specific fix steps (primary guidance)
+  const sinkSteps = SINK_FIX_STEPS[taintKind]
+  if (sinkSteps) {
+    steps.push(...sinkSteps)
+  }
+  // Fallback for unknown combinations
+  if (steps.length === 0) {
+    steps.push(
+      'Validate and sanitize user input before passing to security-sensitive functions',
+      'Use framework-provided safe APIs instead of raw string manipulation',
+      'Apply the principle of least privilege when handling untrusted data',
+    )
+  }
+  return steps
+}

package/src/detect/ast-rules/taint-flow-ast.ts ADDED Viewed

@@ -0,0 +1,416 @@
+/**
+ * AST-Based Taint Flow Detection
+ *
+ * Runs the v2 taint engine (CFG-based forward propagation) during AST detection
+ * and emits Vulnerability objects for confirmed taint flows from user input to
+ * dangerous sinks without sanitization.
+ *
+ * Registers one rule per TaintKind so each gets its own VulnerabilityCategory.
+ * Findings are cached per-file (by AST hash) so the taint engine only runs once
+ * even though 6 rules query results.
+ */
+import type { ParsedAST } from "../../parse/ast";
+import { registerASTRule, type ASTRuleMatch } from "./index";
+import { getTaintFixSteps } from "./taint-fix-templates";
+import { analyzeTaintsForFile } from "../../taint/taint-analyzer";
+import type { TaintFinding } from "../../taint/propagation-types";
+import type { TaintKind } from "../../taint/types";
+import type {
+  VulnerabilityCategory,
+  VulnerabilitySeverity,
+  TaintPathOutput,
+} from "../../shared/types";
+import {
+  isScannerOrFixtureFile,
+  isTestOrMockFile,
+} from "../../parse/file-classifier";
+import {
+  assessPromptInjectionRisk,
+  assessExecutionRisk,
+} from "../../taint/llm-risk-scoring";
+// ============================================================================
+// TaintKind → Vulnerability Mapping
+// ============================================================================
+const KIND_TO_CATEGORY: Record<TaintKind, VulnerabilityCategory> = {
+  sql: "sql_injection",
+  xss: "xss",
+  command: "command_injection",
+  ssrf: "ssrf",
+  prompt: "ai_prompt_injection",
+  path: "dangerous_function",
+};
+const KIND_TO_SEVERITY: Record<TaintKind, VulnerabilitySeverity> = {
+  sql: "high",
+  xss: "high",
+  command: "high",
+  ssrf: "high",
+  prompt: "medium",
+  path: "medium",
+};
+const KIND_TO_TITLE: Record<TaintKind, string> = {
+  sql: "SQL injection via unsanitized data flow",
+  xss: "Cross-site scripting via unsanitized data flow",
+  command: "Command injection via unsanitized data flow",
+  ssrf: "Server-side request forgery via unsanitized data flow",
+  prompt: "Prompt injection via unsanitized data flow",
+  path: "Path traversal via unsanitized data flow",
+};
+// ============================================================================
+// Taint Path Serialization
+// ============================================================================
+/** Convert internal TaintFinding to serializable TaintPathOutput. */
+export function serializeTaintPath(finding: TaintFinding): TaintPathOutput {
+  return {
+    sourceType: finding.source.sourceType,
+    sourceLine: finding.source.line,
+    sinkType: finding.sink.sinkType,
+    sinkLine: finding.sink.line,
+    taintKinds: [...finding.matchingKinds],
+    sanitized: false,
+    steps: finding.path.map((step) => ({
+      line: step.line,
+      variable: step.variable,
+      taintKinds: [...step.taintKinds],
+      description: step.description,
+      stepType: step.stepType,
+      ...(step.filePath ? { filePath: step.filePath } : {}),
+      ...(step.functionName ? { functionName: step.functionName } : {}),
+    })),
+  };
+}
+// ============================================================================
+// Per-file Findings Cache
+// ============================================================================
+/** IMPORTANT: Must call clearTaintFlowCache() between scans to prevent stale data. */
+const findingsCache = new Map<string, TaintFinding[]>();
+/** Project-level findings cache — keyed by filePath → findings in that file.
+ *  IMPORTANT: Must call clearTaintFlowCache() between scans to prevent stale data. */
+const projectFindingsCache = new Map<string, TaintFinding[]>();
+let hasProjectFindings = false;
+/**
+ * Pre-populate the cache with project-level cross-file taint findings.
+ * Called by detect/index.ts after running analyzeTaintsForProject().
+ * When set, the per-file fallback is skipped.
+ */
+export function setProjectFindings(findings: TaintFinding[]): void {
+  projectFindingsCache.clear();
+  for (const f of findings) {
+    const existing = projectFindingsCache.get(f.filePath) ?? [];
+    existing.push(f);
+    projectFindingsCache.set(f.filePath, existing);
+  }
+  hasProjectFindings = true;
+}
+function getFindings(ast: ParsedAST): TaintFinding[] {
+  // Prefer project-level cross-file findings when available
+  if (hasProjectFindings) {
+    return projectFindingsCache.get(ast.filePath) ?? [];
+  }
+  // Fallback: per-file analysis (no cross-file context)
+  const cached = findingsCache.get(ast.hash);
+  if (cached !== undefined) return cached;
+  const findings = analyzeTaintsForFile(ast, ast.filePath);
+  findingsCache.set(ast.hash, findings);
+  return findings;
+}
+/** Clear findings cache between scans. */
+export function clearTaintFlowCache(): void {
+  findingsCache.clear();
+  projectFindingsCache.clear();
+  hasProjectFindings = false;
+}
+// ============================================================================
+// LLM-Aware Category / Severity Routing
+// ============================================================================
+/** Source types that indicate LLM-related data flow */
+const LLM_SOURCE_TYPES = new Set([
+  "llm_output",
+  "tool_output",
+  "rag_retrieval",
+  "conversation_history",
+]);
+/** Sink types that are prompt-related */
+const PROMPT_SINK_TYPES = new Set(["prompt_construction", "system_prompt"]);
+/** LangChain message class names — LLM output wrapped in these is output packaging, not injection */
+const LANGCHAIN_MESSAGE_CLASS_RE =
+  /AIMessage|HumanMessage|SystemMessage|ChatMessage|AIMessageChunk|HumanMessageChunk|BaseMessage/;
+/** Check if a taint finding's sink involves LangChain message class wrapping (output packaging) */
+function isOutputPackaging(finding: TaintFinding): boolean {
+  const sinkExpr = finding.sink.expression;
+  return LANGCHAIN_MESSAGE_CLASS_RE.test(sinkExpr);
+}
+/** HTTP source types that represent direct user input */
+const HTTP_SOURCE_TYPES = new Set([
+  "http_body",
+  "http_query",
+  "http_params",
+  "http_header",
+  "form_input",
+  "url_param",
+]);
+function isHTTPSourceType(sourceType: string): boolean {
+  return HTTP_SOURCE_TYPES.has(sourceType);
+}
+/** Check if a file path matches context builder / prompt template patterns */
+function isContextBuilderFile(filePath: string): boolean {
+  return /context[-_]?builder|system[-_]?prompt|prompt[-_]?template|prompt[-_]?builder/i.test(
+    filePath,
+  );
+}
+/**
+ * Determine category and severity for a taint finding, with LLM-aware routing:
+ *
+ * - User input → prompt sink → ai_prompt_injection (with risk scoring)
+ * - LLM output → execution sink → ai_unsafe_execution (with risk scoring)
+ * - Standard taint flow → original kind-based mapping
+ */
+function getCategoryAndSeverity(
+  finding: TaintFinding,
+  kind: TaintKind,
+  content: string,
+): {
+  category: VulnerabilityCategory;
+  severity: VulnerabilitySeverity;
+  note: string;
+} {
+  const isLLMSource = LLM_SOURCE_TYPES.has(finding.source.sourceType);
+  const isPromptSink = PROMPT_SINK_TYPES.has(finding.sink.sinkType);
+  // LLM output → prompt sink with LangChain message class wrapping → output packaging (info)
+  if (isLLMSource && isPromptSink && isOutputPackaging(finding)) {
+    return {
+      category: "ai_prompt_injection",
+      severity: "info",
+      note: `LLM output wrapped in message class (output packaging) at line ${finding.sink.line} — standard multi-turn conversation pattern.`,
+    };
+  }
+  // User input → prompt sink → ai_prompt_injection (with risk scoring)
+  if (kind === "prompt" && isPromptSink) {
+    // FP-49: Internal context builder — non-HTTP sources in prompt builder files
+    if (
+      !isHTTPSourceType(finding.source.sourceType) &&
+      isContextBuilderFile(finding.filePath)
+    ) {
+      return {
+        category: "ai_prompt_injection",
+        severity: "info",
+        note: `Internal context builder: non-HTTP source flows to prompt construction in ${finding.filePath.split("/").pop()} — internal data assembly, not user-facing injection vector.`,
+      };
+    }
+    const risk = assessPromptInjectionRisk(finding, content);
+    return {
+      category: risk.adjustedCategory,
+      severity: risk.adjustedSeverity,
+      note: risk.note,
+    };
+  }
+  // LLM output → execution sink → ai_unsafe_execution (with risk scoring)
+  if (isLLMSource && !isPromptSink) {
+    const risk = assessExecutionRisk(finding, content);
+    return {
+      category: risk.adjustedCategory,
+      severity: risk.adjustedSeverity,
+      note: risk.note,
+    };
+  }
+  // LLM output → prompt sink → indirect prompt injection (multi-agent attack vector)
+  if (isLLMSource && isPromptSink) {
+    const sourceDesc = finding.source.sourceType.replace(/_/g, " ");
+    return {
+      category: "ai_prompt_injection",
+      severity: "medium",
+      note: `Indirect prompt injection: ${sourceDesc} at line ${finding.source.line} flows into another model's prompt at line ${finding.sink.line}. An attacker who controls the first model's output can manipulate the second model via injected instructions.`,
+    };
+  }
+  // Standard taint flow (unchanged)
+  const sourceDesc = finding.source.sourceType.replace(/_/g, " ");
+  const sinkDesc = finding.sink.sinkType.replace(/_/g, " ");
+  const pathLen = finding.path.length;
+  const note = `User input from ${sourceDesc} at line ${finding.source.line} flows to ${sinkDesc} (${kind}) through ${pathLen} step${pathLen === 1 ? "" : "s"} without sanitization`;
+  return {
+    category: KIND_TO_CATEGORY[kind],
+    severity: KIND_TO_SEVERITY[kind],
+    note,
+  };
+}
+// ============================================================================
+// Guard Clause / Early-Return Suppression
+// ============================================================================
+/**
+ * Validation keywords in if-conditions that indicate input validation or auth checks.
+ * Presence of these + early return/throw between source and sink suppresses the finding.
+ */
+const GUARD_VALIDATION_RE =
+  /\.startsWith\(|\.startswith\(|\.includes\(|\.endsWith\(|\.endswith\(|\.indexOf\(|\.some\(|\.every\(|\.has\(|\bnot\s+in\b|\bin\s+(?:allowed|whitelist|allowlist)\b|!==\s*(?:\w*(?:userId|ownerId|user_id|owner_id))|(?:userId|ownerId|user_id|owner_id)\w*\s*!==|!\s*(?:args\.)?(?:approved|confirmed)|\.(?:approved|confirmed)\b|(?:allowed|whitelist|allowlist)\b/i;
+/**
+ * Check if there's a guard clause (validation + early exit) between/around
+ * a taint source and sink that would make the finding a false positive.
+ *
+ * Looks for: if (validation_pattern) { return | throw | raise }
+ * within a window around the source-to-sink range.
+ */
+function hasGuardClause(content: string, finding: TaintFinding): boolean {
+  const lines = content.split("\n");
+  const startLine = Math.max(
+    0,
+    Math.min(finding.source.line, finding.sink.line) - 5,
+  );
+  const endLine = Math.min(
+    lines.length,
+    Math.max(finding.source.line, finding.sink.line) + 6,
+  );
+  for (let i = startLine; i < endLine; i++) {
+    const line = lines[i];
+    // Match if-statement line containing a validation keyword
+    if (/^\s*if\s*[\(\s]/.test(line) && GUARD_VALIDATION_RE.test(line)) {
+      // Check same line and next 3 lines for early exit
+      for (let j = i; j < Math.min(lines.length, i + 4); j++) {
+        if (/\b(?:return|throw)\b/.test(lines[j])) return true;
+      }
+    }
+    // Python: if ... : \n    return/raise
+    if (
+      /^\s*if\s+/.test(line) &&
+      GUARD_VALIDATION_RE.test(line) &&
+      line.trimEnd().endsWith(":")
+    ) {
+      for (let j = i + 1; j < Math.min(lines.length, i + 3); j++) {
+        if (/^\s+(?:return|raise)\b/.test(lines[j])) return true;
+      }
+    }
+  }
+  return false;
+}
+// ============================================================================
+// Register One Rule Per TaintKind
+// ============================================================================
+const ALL_KINDS: TaintKind[] = [
+  "sql",
+  "xss",
+  "command",
+  "ssrf",
+  "prompt",
+  "path",
+];
+for (const kind of ALL_KINDS) {
+  registerASTRule({
+    id: `ast-taint-flow-${kind}`,
+    title: KIND_TO_TITLE[kind],
+    description: `User input flows to a ${kind}-vulnerable sink without proper sanitization`,
+    severity: KIND_TO_SEVERITY[kind],
+    category: KIND_TO_CATEGORY[kind],
+    suggestedFix:
+      "Sanitize or validate user input before passing it to security-sensitive functions.",
+    languages: ["javascript", "typescript", "tsx", "python"],
+    confidence: "high",
+    baseConfidence: 0.7,
+    requiresAIValidation: false,
+    layer: 2,
+    source: "structural",
+    detect(ast: ParsedAST, content: string): ASTRuleMatch[] {
+      if (isScannerOrFixtureFile(ast.filePath)) return [];
+      if (isTestOrMockFile(ast.filePath)) return [];
+      const findings = getFindings(ast);
+      const matches: ASTRuleMatch[] = [];
+      // Dedup: one finding per sink line per taint kind.
+      // Multiple sources to the same sink are suppressed to reduce noise.
+      const emittedSinks = new Set<number>();
+      for (const finding of findings) {
+        if (finding.matchingKinds.has(kind)) {
+          if (emittedSinks.has(finding.sink.line)) continue;
+          // Suppress findings where source and sink originate from the same LLM call.
+          // This happens when a function's return value is an llm_output source and
+          // one of its input parameters hits a prompt sink — not a real data flow.
+          // A path with only source→sink (2 steps) is trivially short, indicating
+          // a same-expression or same-call scenario rather than a real data flow.
+          const MAX_STEPS_SAME_CALL = 2;
+          if (
+            finding.source.line === finding.sink.line &&
+            finding.path.length <= MAX_STEPS_SAME_CALL &&
+            LLM_SOURCE_TYPES.has(finding.source.sourceType) &&
+            PROMPT_SINK_TYPES.has(finding.sink.sinkType)
+          ) {
+            continue;
+          }
+          // Suppress findings where source and sink originate from the same LLM call.
+          // This happens when a function's return value is an llm_output source and
+          // one of its input parameters hits a prompt sink — not a real data flow.
+          if (finding.source.line === finding.sink.line
+              && finding.path.length <= 2
+              && LLM_SOURCE_TYPES.has(finding.source.sourceType)
+              && PROMPT_SINK_TYPES.has(finding.sink.sinkType)) {
+            continue
+          }
+          // Suppress findings where a guard clause (validation + early exit)
+          // protects the sink from reaching tainted data
+          if (hasGuardClause(content, finding)) continue;
+          emittedSinks.add(finding.sink.line);
+          const resolved = getCategoryAndSeverity(finding, kind, content);
+          const fixSteps = getTaintFixSteps(
+            finding.source.sourceType,
+            finding.sink.sinkType,
+            kind,
+          );
+          matches.push({
+            node: finding.sink.node,
+            severity: resolved.severity,
+            note: resolved.note,
+            taintPath: serializeTaintPath(finding),
+            evidenceLevel: "proven",
+            fixSteps,
+            // Override category when LLM routing changes it
+            ...(resolved.category !== KIND_TO_CATEGORY[kind]
+              ? { category: resolved.category }
+              : {}),
+          });
+        }
+      }
+      return matches;
+    },
+  });
+}