@oculum/scanner 1.0.14 → 1.0.15

package/dist/layer3/anthropic/auto-dismiss.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auto-dismiss.js","sourceRoot":"","sources":["../../../src/layer3/anthropic/auto-dismiss.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAqLH,sDAoCC;AArND,iEAOoC;AACpC,uCAAgD;AAEhD,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,MAAM,kBAAkB,GAAsB;IAC5C,2EAA2E;IAC3E;QACE,IAAI,EAAE,WAAW;QACjB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,IAAA,kCAAgB,EAAC,OAAO,CAAC,QAAQ,CAAC;QACtD,MAAM,EAAE,2BAA2B;KACpC;IAED,0CAA0C;IAC1C;QACE,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,IAAA,+BAAa,EAAC,OAAO,CAAC,QAAQ,CAAC;QACnD,MAAM,EAAE,8BAA8B;KACvC;IAED,sBAAsB;IACtB;QACE,IAAI,EAAE,oBAAoB;QAC1B,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC;QACjE,MAAM,EAAE,+BAA+B;KACxC;IAED,oCAAoC;IACpC;QACE,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,IAAA,wCAAsB,EAAC,OAAO,CAAC,QAAQ,CAAC;QAC5D,MAAM,EAAE,iCAAiC;KAC1C;IAED,0DAA0D;IAC1D;QACE,IAAI,EAAE,mBAAmB;QACzB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,kBAAkB,IAAI,OAAO,CAAC,QAAQ,KAAK,qBAAqB,EAAE,CAAC;gBAC1F,OAAO,KAAK,CAAA;YACd,CAAC;YACD,OAAO,IAAA,mCAAiB,EAAC,OAAO,CAAC,WAAW,CAAC,CAAA;QAC/C,CAAC;QACD,MAAM,EAAE,2CAA2C;KACpD;IAED,gDAAgD;IAChD;QACE,IAAI,EAAE,uBAAuB;QAC7B,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,cAAc;gBAAE,OAAO,KAAK,CAAA;YACrD,OAAO,IAAA,kCAAgB,EAAC,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAA;QAChE,CAAC;QACD,MAAM,EAAE,kDAAkD;KAC3D;IAED,+CAA+C;IAC/C;QACE,IAAI,EAAE,aAAa;QACnB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,qBAAqB;gBAAE,OAAO,KAAK,CAAA;YAC5D,MAAM,aAAa,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAA;YAC5G,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,CAAA;YACnD,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAA;YAC9E,OAAO,UAAU,IAAI,CAAC,CAAA;QACxB,CAAC;QACD,MAAM,EAAE,qCAAqC;KAC9C;IAED,yDAAyD;IACzD;QACE,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,8DAA8D;YAC9D,IAAI,OAAO,CAAC,QAAQ,KAAK,YAAY;gBAAE,OAAO,KAAK,CAAA;YACnD,OAAO,IAAA,2BAAS,EAAC,OAAO,CAAC,WAAW,CAAC,CAAA;QACvC,CAAC;QACD,MAAM,EAAE,+BAA+B;KACxC;IAED,8CAA8C;IAC9C,kEAAkE;IAClE,oFAAoF;IACpF,0EAA0E;IAC1E;QACE,IAAI,EAAE,yBAAyB;QAC/B,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM;gBAAE,OAAO,KAAK,CAAA;YAC7C,6DAA6D;YAC7D,2DAA2D;YAC3D,MAAM,IAAI,GAAG,IAAA,0BAAkB,EAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,CAAA;YAChE,OAAO,IAAI,KAAK,MAAM,CAAA;QACxB,CAAC;QACD,MAAM,EAAE,wDAAwD;KACjE;IAED,+CAA+C;IAC/C;QACE,IAAI,EAAE,iBAAiB;QACvB,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,YAAY;gBAAE,OAAO,KAAK,CAAA;YACnD,MAAM,eAAe,GAAG;gBACtB,+EAA+E;gBAC/E,iCAAiC;gBACjC,8BAA8B;gBAC9B,yDAAyD;aAC1D,CAAA;YACD,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAA;QAC/D,CAAC;QACD,MAAM,EAAE,4CAA4C;KACrD;IAED,qEAAqE;IACrE;QACE,IAAI,EAAE,qBAAqB;QAC3B,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,YAAY;gBAAE,OAAO,KAAK,CAAA;YACnD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAA;YAC9D,2DAA2D;YAC3D,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAAE,OAAO,IAAI,CAAA;YACnD,MAAM,eAAe,GAAG,CAAC,iBAAiB,EAAE,kBAAkB,EAAE,0CAA0C,CAAC,CAAA;YAC3G,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;QACtE,CAAC;QACD,MAAM,EAAE,oCAAoC;KAC7C;IAED,kEAAkE;IAClE;QACE,IAAI,EAAE,sBAAsB;QAC5B,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,YAAY;gBAAE,OAAO,KAAK,CAAA;YACnD,OAAO,6CAA6C,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAA;QAChF,CAAC;QACD,MAAM,EAAE,0CAA0C;KACnD;IAED,6DAA6D;IAC7D;QACE,IAAI,EAAE,yBAAyB;QAC/B,KAAK,EAAE,CAAC,OAAO,EAAE,EAAE;YACjB,IAAI,OAAO,CAAC,QAAQ,KAAK,YAAY;gBAAE,OAAO,KAAK,CAAA;YACnD,OAAO,OAAO,CAAC,QAAQ,KAAK,MAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,KAAK,CAAA;QAClE,CAAC;QACD,MAAM,EAAE,oEAAoE;KAC7E;CACF,CAAA;AAED,+EAA+E;AAC/E,2BAA2B;AAC3B,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,yBAAyB,EAAG,4EAA4E;IACxG,yBAAyB,EAAG,2EAA2E;CACxG,CAAC,CAAA;AAEF;;;;;;;GAOG;AACH,SAAgB,qBAAqB,CACnC,QAAyB,EACzB,OAAiC,YAAY;IAK7C,MAAM,UAAU,GAAoB,EAAE,CAAA;IACtC,MAAM,SAAS,GAAoE,EAAE,CAAA;IAErF,6BAA6B;IAC7B,MAAM,eAAe,GAAG,IAAI,KAAK,SAAS;QACxC,CAAC,CAAC,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1E,CAAC,CAAC,kBAAkB,CAAA;IAEtB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,YAAY,GAAG,KAAK,CAAA;QAExB,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;gBACxB,SAAS,CAAC,IAAI,CAAC;oBACb,OAAO;oBACP,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,MAAM,EAAE,IAAI,CAAC,MAAM;iBACpB,CAAC,CAAA;gBACF,YAAY,GAAG,IAAI,CAAA;gBACnB,MAAK;YACP,CAAC;QACH,CAAC;QAED,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC1B,CAAC;IACH,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;AAClC,CAAC"}

package/dist/layer3/anthropic/clients.d.ts

@@ -1,44 +0,0 @@
-/**
- * AI Provider Client Factories
- *
- * Provides lazy-initialized clients for OpenAI and Anthropic APIs.
- */
-import Anthropic from '@anthropic-ai/sdk';
-import OpenAI from 'openai';
-/**
- * Initialize Anthropic client
- */
-export declare function getAnthropicClient(): Anthropic;
-/**
- * Initialize OpenAI client (singleton)
- */
-export declare function getOpenAIClient(): OpenAI;
-/**
- * GPT-5-mini pricing constants (per 1M tokens)
- */
-export declare const GPT5_MINI_PRICING: {
-    input: number;
-    cached: number;
-    output: number;
-};
-/**
- * Claude 3.5 Haiku pricing constants (per 1M tokens)
- */
-export declare const HAIKU_PRICING: {
-    input: number;
-    cacheWrite: number;
-    cacheRead: number;
-    output: number;
-};
-/**
- * Number of files to include in each API call (Phase 2 optimization)
- * Batching multiple files reduces API overhead and leverages prompt caching better
- */
-export declare const FILES_PER_API_BATCH = 8;
-/**
- * Number of API batches to process in parallel (Phase 3 optimization)
- * Higher values = faster scans but more API load
- * OpenAI/GPT-5-mini handles this well
- */
-export declare const PARALLEL_API_BATCHES = 6;
-//# sourceMappingURL=clients.d.ts.map

package/dist/layer3/anthropic/clients.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"clients.d.ts","sourceRoot":"","sources":["../../../src/layer3/anthropic/clients.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,SAAS,MAAM,mBAAmB,CAAA;AACzC,OAAO,MAAM,MAAM,QAAQ,CAAA;AAM3B;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,SAAS,CAM9C;AASD;;GAEG;AACH,wBAAgB,eAAe,IAAI,MAAM,CASxC;AAMD;;GAEG;AACH,eAAO,MAAM,iBAAiB;;;;CAI7B,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,aAAa;;;;;CAKzB,CAAA;AAMD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,IAAI,CAAA;AAEpC;;;;GAIG;AACH,eAAO,MAAM,oBAAoB,IAAI,CAAA"}

package/dist/layer3/anthropic/clients.js

@@ -1,81 +0,0 @@
-"use strict";
-/**
- * AI Provider Client Factories
- *
- * Provides lazy-initialized clients for OpenAI and Anthropic APIs.
- */
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.PARALLEL_API_BATCHES = exports.FILES_PER_API_BATCH = exports.HAIKU_PRICING = exports.GPT5_MINI_PRICING = void 0;
-exports.getAnthropicClient = getAnthropicClient;
-exports.getOpenAIClient = getOpenAIClient;
-const sdk_1 = __importDefault(require("@anthropic-ai/sdk"));
-const openai_1 = __importDefault(require("openai"));
-// ============================================================================
-// Anthropic Client
-// ============================================================================
-/**
- * Initialize Anthropic client
- */
-function getAnthropicClient() {
-    const apiKey = process.env.ANTHROPIC_API_KEY;
-    if (!apiKey) {
-        throw new Error('ANTHROPIC_API_KEY environment variable is not set');
-    }
-    return new sdk_1.default({ apiKey });
-}
-// ============================================================================
-// OpenAI Client
-// ============================================================================
-// Singleton instance for connection reuse
-let openaiClient = null;
-/**
- * Initialize OpenAI client (singleton)
- */
-function getOpenAIClient() {
-    if (!openaiClient) {
-        const apiKey = process.env.OPENAI_API_KEY;
-        if (!apiKey) {
-            throw new Error('OPENAI_API_KEY environment variable is not set');
-        }
-        openaiClient = new openai_1.default({ apiKey });
-    }
-    return openaiClient;
-}
-// ============================================================================
-// Pricing Constants
-// ============================================================================
-/**
- * GPT-5-mini pricing constants (per 1M tokens)
- */
-exports.GPT5_MINI_PRICING = {
-    input: 0.25, // $0.25 per 1M tokens
-    cached: 0.025, // $0.025 per 1M tokens (10% of input)
-    output: 2.00, // $2.00 per 1M tokens
-};
-/**
- * Claude 3.5 Haiku pricing constants (per 1M tokens)
- */
-exports.HAIKU_PRICING = {
-    input: 0.80, // $0.80 per 1M tokens
-    cacheWrite: 1.00, // $1.00 per 1M tokens (5m cache)
-    cacheRead: 0.08, // $0.08 per 1M tokens
-    output: 4.00, // $4.00 per 1M tokens
-};
-// ============================================================================
-// Batching Configuration
-// ============================================================================
-/**
- * Number of files to include in each API call (Phase 2 optimization)
- * Batching multiple files reduces API overhead and leverages prompt caching better
- */
-exports.FILES_PER_API_BATCH = 8;
-/**
- * Number of API batches to process in parallel (Phase 3 optimization)
- * Higher values = faster scans but more API load
- * OpenAI/GPT-5-mini handles this well
- */
-exports.PARALLEL_API_BATCHES = 6;
-//# sourceMappingURL=clients.js.map

package/dist/layer3/anthropic/clients.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"clients.js","sourceRoot":"","sources":["../../../src/layer3/anthropic/clients.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;;;;AAYH,gDAMC;AAYD,0CASC;AArCD,4DAAyC;AACzC,oDAA2B;AAE3B,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,kBAAkB;IAChC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;IAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAA;IACtE,CAAC;IACD,OAAO,IAAI,aAAS,CAAC,EAAE,MAAM,EAAE,CAAC,CAAA;AAClC,CAAC;AAED,+EAA+E;AAC/E,gBAAgB;AAChB,+EAA+E;AAE/E,0CAA0C;AAC1C,IAAI,YAAY,GAAkB,IAAI,CAAA;AAEtC;;GAEG;AACH,SAAgB,eAAe;IAC7B,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAA;QACzC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;QACnE,CAAC;QACD,YAAY,GAAG,IAAI,gBAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAA;IACvC,CAAC;IACD,OAAO,YAAY,CAAA;AACrB,CAAC;AAED,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E;;GAEG;AACU,QAAA,iBAAiB,GAAG;IAC/B,KAAK,EAAE,IAAI,EAAO,sBAAsB;IACxC,MAAM,EAAE,KAAK,EAAK,sCAAsC;IACxD,MAAM,EAAE,IAAI,EAAM,sBAAsB;CACzC,CAAA;AAED;;GAEG;AACU,QAAA,aAAa,GAAG;IAC3B,KAAK,EAAE,IAAI,EAAQ,sBAAsB;IACzC,UAAU,EAAE,IAAI,EAAG,iCAAiC;IACpD,SAAS,EAAE,IAAI,EAAI,sBAAsB;IACzC,MAAM,EAAE,IAAI,EAAO,sBAAsB;CAC1C,CAAA;AAED,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;;GAGG;AACU,QAAA,mBAAmB,GAAG,CAAC,CAAA;AAEpC;;;;GAIG;AACU,QAAA,oBAAoB,GAAG,CAAC,CAAA"}

package/dist/layer3/anthropic/index.d.ts

@@ -1,41 +0,0 @@
-/**
- * Layer 3: AI Semantic Analysis
- *
- * Uses Claude to perform deep security analysis including:
- * - Taint analysis (data flow from sources to sinks)
- * - Business logic flaw detection
- * - Missing authorization checks
- * - Cryptography validation
- * - Data exposure detection
- * - Framework-specific deep analysis
- *
- * Also provides high-context validation for Layer 1/2 findings.
- */
-import type { Vulnerability, ScanFile } from '../../types';
-import type { ProjectContext } from '../../utils/project-context-builder';
-import type { AIValidationResult, Layer3Context } from './types';
-export type { ValidationStats, AIValidationResult, Layer3Context } from './types';
-export { applyAutoDismissRules } from './auto-dismiss';
-/**
- * Analyze a single file using AI for deep security analysis (Layer 3)
- */
-export declare function analyzeWithAI(file: ScanFile, context?: Layer3Context): Promise<Vulnerability[]>;
-/**
- * Batch analyze multiple files using AI (Layer 3)
- * Processes files in batches to avoid rate limits
- */
-export declare function batchAnalyzeWithAI(files: ScanFile[], context?: Layer3Context, maxConcurrent?: number): Promise<Vulnerability[]>;
-/**
- * Validate Layer 1/2 findings using AI with HIGH-CONTEXT validation
- *
- * Key improvements over previous version:
- * 1. Sends FULL FILE CONTENT (not just snippets) for better context
- * 2. Includes PROJECT CONTEXT (auth patterns, data access, etc.)
- * 3. Uses generalised rules from Section 3 of the security model
- */
-export declare function validateFindingsWithAI(findings: Vulnerability[], files: ScanFile[], projectContext?: ProjectContext, onProgress?: (progress: {
-    filesProcessed: number;
-    totalFiles: number;
-    status: string;
-}) => void): Promise<AIValidationResult>;
-//# sourceMappingURL=index.d.ts.map

package/dist/layer3/anthropic/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/layer3/anthropic/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAA;AAC1D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qCAAqC,CAAA;AAEzE,OAAO,KAAK,EAAmB,kBAAkB,EAAE,aAAa,EAAa,MAAM,SAAS,CAAA;AAS5F,YAAY,EAAE,eAAe,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AACjF,OAAO,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAA;AAMtD;;GAEG;AACH,wBAAsB,aAAa,CACjC,IAAI,EAAE,QAAQ,EACd,OAAO,CAAC,EAAE,aAAa,GACtB,OAAO,CAAC,aAAa,EAAE,CAAC,CA+D1B;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,QAAQ,EAAE,EACjB,OAAO,CAAC,EAAE,aAAa,EACvB,aAAa,GAAE,MAAU,GACxB,OAAO,CAAC,aAAa,EAAE,CAAC,CAqB1B;AAMD;;;;;;;GAOG;AACH,wBAAsB,sBAAsB,CAC1C,QAAQ,EAAE,aAAa,EAAE,EACzB,KAAK,EAAE,QAAQ,EAAE,EACjB,cAAc,CAAC,EAAE,cAAc,EAC/B,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;IAAE,cAAc,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,KAAK,IAAI,GAC9F,OAAO,CAAC,kBAAkB,CAAC,CAiB7B"}

package/dist/layer3/anthropic/index.js

@@ -1,141 +0,0 @@
-"use strict";
-/**
- * Layer 3: AI Semantic Analysis
- *
- * Uses Claude to perform deep security analysis including:
- * - Taint analysis (data flow from sources to sinks)
- * - Business logic flaw detection
- * - Missing authorization checks
- * - Cryptography validation
- * - Data exposure detection
- * - Framework-specific deep analysis
- *
- * Also provides high-context validation for Layer 1/2 findings.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.applyAutoDismissRules = void 0;
-exports.analyzeWithAI = analyzeWithAI;
-exports.batchAnalyzeWithAI = batchAnalyzeWithAI;
-exports.validateFindingsWithAI = validateFindingsWithAI;
-const types_1 = require("./types");
-const clients_1 = require("./clients");
-const response_parser_1 = require("./utils/response-parser");
-const semantic_analysis_1 = require("./prompts/semantic-analysis");
-const openai_1 = require("./providers/openai");
-const anthropic_1 = require("./providers/anthropic");
-var auto_dismiss_1 = require("./auto-dismiss");
-Object.defineProperty(exports, "applyAutoDismissRules", { enumerable: true, get: function () { return auto_dismiss_1.applyAutoDismissRules; } });
-// ============================================================================
-// Layer 3: Deep AI Analysis
-// ============================================================================
-/**
- * Analyze a single file using AI for deep security analysis (Layer 3)
- */
-async function analyzeWithAI(file, context) {
-    const client = (0, clients_1.getAnthropicClient)();
-    // Prepare the code with line numbers for reference
-    const numberedCode = file.content
-        .split('\n')
-        .map((line, i) => `${i + 1}: ${line}`)
-        .join('\n');
-    // Build auth context for the prompt
-    const authContext = (0, semantic_analysis_1.buildAuthContextForPrompt)(context);
-    const userMessage = `Analyze this ${file.language} file for security vulnerabilities:
-
-File: ${file.path}${authContext}
-
-\`\`\`${file.language}
-${numberedCode}
-\`\`\`
-
-Return ONLY a JSON array of findings.`;
-    try {
-        const response = await client.messages.create({
-            model: 'claude-3-5-haiku-20241022',
-            max_tokens: 4096,
-            system: semantic_analysis_1.SECURITY_ANALYSIS_PROMPT,
-            messages: [
-                {
-                    role: 'user',
-                    content: userMessage,
-                },
-            ],
-        });
-        // Extract text content from response
-        const textContent = response.content.find((block) => block.type === 'text');
-        if (!textContent || textContent.type !== 'text') {
-            console.error('No text content in AI response');
-            return [];
-        }
-        // Parse the JSON response
-        const findings = (0, response_parser_1.parseAIResponse)(textContent.text);
-        // Convert to Vulnerability format
-        return findings.map((finding, index) => ({
-            id: `ai-${file.path}-${finding.lineNumber}-${index}`,
-            filePath: file.path,
-            lineNumber: finding.lineNumber,
-            lineContent: (0, response_parser_1.getLineContent)(file.content, finding.lineNumber),
-            severity: finding.severity,
-            category: finding.category,
-            title: finding.title,
-            description: finding.description,
-            suggestedFix: finding.suggestedFix,
-            confidence: 'high',
-            layer: 3,
-        }));
-    }
-    catch (error) {
-        console.error('AI analysis error:', error);
-        return [];
-    }
-}
-/**
- * Batch analyze multiple files using AI (Layer 3)
- * Processes files in batches to avoid rate limits
- */
-async function batchAnalyzeWithAI(files, context, maxConcurrent = 3) {
-    const vulnerabilities = [];
-    // Process files in batches to avoid rate limits
-    for (let i = 0; i < files.length; i += maxConcurrent) {
-        const batch = files.slice(i, i + maxConcurrent);
-        const results = await Promise.all(batch.map(file => analyzeWithAI(file, context).catch(err => {
-            console.error(`AI analysis failed for ${file.path}:`, err);
-            return [];
-        })));
-        vulnerabilities.push(...results.flat());
-        // Small delay between batches to avoid rate limits
-        if (i + maxConcurrent < files.length) {
-            await new Promise(resolve => setTimeout(resolve, 500));
-        }
-    }
-    return vulnerabilities;
-}
-// ============================================================================
-// Layer 2.5: High-Context Validation
-// ============================================================================
-/**
- * Validate Layer 1/2 findings using AI with HIGH-CONTEXT validation
- *
- * Key improvements over previous version:
- * 1. Sends FULL FILE CONTENT (not just snippets) for better context
- * 2. Includes PROJECT CONTEXT (auth patterns, data access, etc.)
- * 3. Uses generalised rules from Section 3 of the security model
- */
-async function validateFindingsWithAI(findings, files, projectContext, onProgress) {
-    // Initialize stats tracking
-    const stats = (0, types_1.createInitialStats)(findings.length);
-    if (findings.length === 0) {
-        return { vulnerabilities: [], stats };
-    }
-    // Check for provider override (GPT-5-mini is default for 47% cost savings)
-    const aiProvider = process.env.AI_PROVIDER || 'openai';
-    if (aiProvider === 'anthropic') {
-        console.log('[AI Validation] Using Anthropic provider (Claude 3.5 Haiku)');
-        return (0, anthropic_1.validateWithAnthropic)(findings, files, projectContext, stats, onProgress);
-    }
-    else {
-        console.log('[AI Validation] Using OpenAI provider (GPT-5-mini)');
-        return (0, openai_1.validateWithOpenAI)(findings, files, projectContext, stats);
-    }
-}
-//# sourceMappingURL=index.js.map

package/dist/layer3/anthropic/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/layer3/anthropic/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;AAwBH,sCAkEC;AAMD,gDAyBC;AAcD,wDAsBC;AAvJD,mCAA4C;AAC5C,uCAA8C;AAC9C,6DAA6G;AAC7G,mEAAiG;AACjG,+CAAuD;AACvD,qDAA6D;AAI7D,+CAAsD;AAA7C,qHAAA,qBAAqB,OAAA;AAE9B,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E;;GAEG;AACI,KAAK,UAAU,aAAa,CACjC,IAAc,EACd,OAAuB;IAEvB,MAAM,MAAM,GAAG,IAAA,4BAAkB,GAAE,CAAA;IAEnC,mDAAmD;IACnD,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO;SAC9B,KAAK,CAAC,IAAI,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;SACrC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEb,oCAAoC;IACpC,MAAM,WAAW,GAAG,IAAA,6CAAyB,EAAC,OAAO,CAAC,CAAA;IAEtD,MAAM,WAAW,GAAG,gBAAgB,IAAI,CAAC,QAAQ;;QAE3C,IAAI,CAAC,IAAI,GAAG,WAAW;;QAEvB,IAAI,CAAC,QAAQ;EACnB,YAAY;;;sCAGwB,CAAA;IAEpC,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC5C,KAAK,EAAE,2BAA2B;YAClC,UAAU,EAAE,IAAI;YAChB,MAAM,EAAE,4CAAwB;YAChC,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,MAAM;oBACZ,OAAO,EAAE,WAAW;iBACrB;aACF;SACF,CAAC,CAAA;QAEF,qCAAqC;QACrC,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAuB,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,MAAM,CAAC,CAAA;QAC7F,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YAChD,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAA;YAC/C,OAAO,EAAE,CAAA;QACX,CAAC;QAED,0BAA0B;QAC1B,MAAM,QAAQ,GAAG,IAAA,iCAAe,EAAC,WAAW,CAAC,IAAI,CAAC,CAAA;QAElD,kCAAkC;QAClC,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;YACvC,EAAE,EAAE,MAAM,IAAI,CAAC,IAAI,IAAI,OAAO,CAAC,UAAU,IAAI,KAAK,EAAE;YACpD,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,WAAW,EAAE,IAAA,gCAAc,EAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC;YAC7D,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,UAAU,EAAE,MAAe;YAC3B,KAAK,EAAE,CAAU;SAClB,CAAC,CAAC,CAAA;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAA;QAC1C,OAAO,EAAE,CAAA;IACX,CAAC;AACH,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,kBAAkB,CACtC,KAAiB,EACjB,OAAuB,EACvB,gBAAwB,CAAC;IAEzB,MAAM,eAAe,GAAoB,EAAE,CAAA;IAE3C,gDAAgD;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,aAAa,EAAE,CAAC;QACrD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,CAAA;QAC/C,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;YACzD,OAAO,CAAC,KAAK,CAAC,0BAA0B,IAAI,CAAC,IAAI,GAAG,EAAE,GAAG,CAAC,CAAA;YAC1D,OAAO,EAAE,CAAA;QACX,CAAC,CAAC,CAAC,CACJ,CAAA;QACD,eAAe,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;QAEvC,mDAAmD;QACnD,IAAI,CAAC,GAAG,aAAa,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;YACrC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAA;QACxD,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC;AAED,+EAA+E;AAC/E,qCAAqC;AACrC,+EAA+E;AAE/E;;;;;;;GAOG;AACI,KAAK,UAAU,sBAAsB,CAC1C,QAAyB,EACzB,KAAiB,EACjB,cAA+B,EAC/B,UAA+F;IAE/F,4BAA4B;IAC5B,MAAM,KAAK,GAAoB,IAAA,0BAAkB,EAAC,QAAQ,CAAC,MAAM,CAAC,CAAA;IAElE,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,CAAA;IACvC,CAAC;IAED,2EAA2E;IAC3E,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,QAAQ,CAAA;IACtD,IAAI,UAAU,KAAK,WAAW,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAA;QAC1E,OAAO,IAAA,iCAAqB,EAAC,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE,UAAU,CAAC,CAAA;IAClF,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAA;QACjE,OAAO,IAAA,2BAAkB,EAAC,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,CAAC,CAAA;IACnE,CAAC;AACH,CAAC"}

package/dist/layer3/anthropic/prompts/index.d.ts

@@ -1,8 +0,0 @@
-/**
- * Prompts Index
- *
- * Re-exports all prompt templates and helpers.
- */
-export { SECURITY_ANALYSIS_PROMPT, buildAuthContextForPrompt, } from './semantic-analysis';
-export { HIGH_CONTEXT_VALIDATION_PROMPT, assembleValidationPrompt, getFullValidationPrompt, } from './validation';
-//# sourceMappingURL=index.d.ts.map

package/dist/layer3/anthropic/prompts/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/layer3/anthropic/prompts/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EACL,wBAAwB,EACxB,yBAAyB,GAC1B,MAAM,qBAAqB,CAAA;AAE5B,OAAO,EACL,8BAA8B,EAC9B,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,cAAc,CAAA"}

package/dist/layer3/anthropic/prompts/index.js

@@ -1,16 +0,0 @@
-"use strict";
-/**
- * Prompts Index
- *
- * Re-exports all prompt templates and helpers.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getFullValidationPrompt = exports.assembleValidationPrompt = exports.HIGH_CONTEXT_VALIDATION_PROMPT = exports.buildAuthContextForPrompt = exports.SECURITY_ANALYSIS_PROMPT = void 0;
-var semantic_analysis_1 = require("./semantic-analysis");
-Object.defineProperty(exports, "SECURITY_ANALYSIS_PROMPT", { enumerable: true, get: function () { return semantic_analysis_1.SECURITY_ANALYSIS_PROMPT; } });
-Object.defineProperty(exports, "buildAuthContextForPrompt", { enumerable: true, get: function () { return semantic_analysis_1.buildAuthContextForPrompt; } });
-var validation_1 = require("./validation");
-Object.defineProperty(exports, "HIGH_CONTEXT_VALIDATION_PROMPT", { enumerable: true, get: function () { return validation_1.HIGH_CONTEXT_VALIDATION_PROMPT; } });
-Object.defineProperty(exports, "assembleValidationPrompt", { enumerable: true, get: function () { return validation_1.assembleValidationPrompt; } });
-Object.defineProperty(exports, "getFullValidationPrompt", { enumerable: true, get: function () { return validation_1.getFullValidationPrompt; } });
-//# sourceMappingURL=index.js.map

package/dist/layer3/anthropic/prompts/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/layer3/anthropic/prompts/index.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAEH,yDAG4B;AAF1B,6HAAA,wBAAwB,OAAA;AACxB,8HAAA,yBAAyB,OAAA;AAG3B,2CAIqB;AAHnB,4HAAA,8BAA8B,OAAA;AAC9B,sHAAA,wBAAwB,OAAA;AACxB,qHAAA,uBAAuB,OAAA"}

package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts

@@ -1,19 +0,0 @@
-/**
- * AI Patterns Module
- *
- * Categories: ai_pattern, ai_prompt_injection, ai_unsafe_execution,
- *             ai_overpermissive_tool, suspicious_package, ai_rag_exfiltration,
- *             ai_endpoint_unprotected, ai_schema_mismatch, ai_package_hallucination,
- *             ai_rag_corpus_poisoning, ai_rag_pii_leakage, ai_mcp_tool_poisoning,
- *             ai_mcp_credential_issue, ai_mcp_confused_deputy,
- *             ai_mcp_description_injection, ai_mcp_server_shadowing,
- *             ai_mcp_config_secrets, ai_mcp_config_permissions,
- *             ai_rag_query_injection, ai_rag_embedding_poisoning,
- *             ai_rag_chunk_injection, ai_package_typosquat, ai_package_malicious,
- *             ai_unsafe_model_load, ai_unverified_model, ai_unsafe_finetuning,
- *             ai_excessive_agency
- *
- * Contains AI/LLM-specific patterns that require semantic AI reasoning.
- */
-export declare const AI_PATTERNS_MODULE = "\n### AI/LLM-Specific Patterns\n\n**Prompt Injection (ai_prompt_injection):**\n- User input in system prompt WITHOUT delimiters (code fences, XML tags, separators) -> **HIGH** (real risk)\n- User input in system prompt WITH clear delimiters -> **INFO** (properly fenced)\n- Static prompts with no user interpolation -> **REJECT** (false positive)\n- Prompt templates using proper parameterization/placeholders -> **REJECT**\n\n**LLM Output Execution (ai_unsafe_execution):**\n- LLM output fed to eval()/Function()/exec() WITHOUT sandbox -> **CRITICAL** (arbitrary code execution)\n- LLM output to execution WITH sandbox (vm2, isolated-vm) -> **MEDIUM** (risk mitigated)\n- LLM output to execution WITH validation AND sandbox -> **LOW** (well-protected)\n- LLM output used for display only (console.log, UI) -> **REJECT** (not execution)\n- Generated SQL from LLM without parameterization -> **CRITICAL** (SQL injection)\n- Generated SQL with parameterized queries -> **MEDIUM** (logic may still be wrong)\n\n**Agent Tool Permissions (ai_overpermissive_tool):**\n- Tool with unrestricted file/network/exec access -> **HIGH** (overpermissive)\n- Tool without user context verification -> **MEDIUM** (missing authorization)\n- Tool with proper scoping, allowlists, and user verification -> **LOW** or **REJECT**\n- Test files with tool definitions -> **INFO** or **REJECT**\n\n**Hallucinated Dependencies (suspicious_package):**\n- Package not found in registry -> **CRITICAL** (likely AI-hallucinated name)\n- Very new package (less than 7 days old) with low downloads and typosquat pattern -> **HIGH**\n- Legitimate looking package with source/repo but low popularity -> **MEDIUM** (needs review)\n- Known legitimate package with unusual name (in allowlist) -> **REJECT**\n\n**CRITICAL AI PATTERN RULES**:\n- AI code generation often produces non-existent package names - flag these prominently\n- Prompt injection is NOT the same as XSS - different threat model and severity\n- Sandboxed code execution (vm2, isolated-vm) significantly reduces risk\n- Agent tools need both access restrictions AND user context verification\n\n### RAG Data Exfiltration (ai_rag_exfiltration)\nRetrieval Augmented Generation systems can leak sensitive data across tenant boundaries.\n\n**Unscoped Retrieval Queries:**\n- Vector store query WITHOUT user/tenant filter -> **HIGH** (cross-tenant data access)\n  - .query(), .search(), .similaritySearch() without filter/where/userId/tenantId parameter\n  - LangChain retriever.invoke() without metadata filter\n  - Pinecone/Chroma/Weaviate query without namespace or metadata filter\n- Query WITH proper scoping (filter by userId/tenantId) -> **REJECT** (properly scoped)\n- Query with RLS-enabled Supabase tables -> **LOW/INFO** (verify RLS policy)\n\n**Raw Context Exposure:**\n- Raw sourceDocuments/chunks returned in API response -> **MEDIUM** (data leak to client)\n- Raw context returned WITHOUT authentication -> **HIGH** (public data leak)\n- Filtered response (only IDs, titles, metadata) -> **REJECT** (properly filtered)\n- Response filtering visible nearby (.map, sanitize, redact) -> **INFO**\n\n**Context Logging:**\n- Logging retrieved documents (debug) -> **INFO** (hygiene, not direct risk)\n- Logging full prompts with context -> **LOW** (audit concern if logs are accessible)\n- Persisting prompts/context to database -> **MEDIUM** (sensitive data retention)\n\n**CRITICAL RAG RULES**:\n- Cross-tenant data access is the PRIMARY risk - always check for user/tenant scoping\n- Authenticated endpoints exposing context are MEDIUM; unauthenticated are HIGH\n- Debug logging is INFO severity - it's not a direct vulnerability\n- If RLS or middleware protection is visible, downgrade significantly\n\n### AI Endpoint Protection (ai_endpoint_unprotected)\nAI/LLM API endpoints can incur significant costs and enable data exfiltration.\n\n**No Authentication + No Rate Limiting -> HIGH:**\n- Endpoint calls OpenAI/Anthropic/etc. without any auth check or rate limit\n- Anyone on the internet can abuse the endpoint and run up API costs\n- Potential for prompt exfiltration or model abuse\n\n**Has Rate Limiting but No Authentication -> MEDIUM:**\n- Rate limit provides some protection against abuse\n- Still allows anonymous access to AI functionality\n- Suggest adding authentication\n\n**Has Authentication but No Rate Limiting -> LOW:**\n- Authenticated users could still abuse the endpoint\n- Suggest adding rate limiting for cost control\n- severity: low (suggest improvement)\n\n**Has Both Auth and Rate Limiting -> INFO/REJECT:**\n- Properly protected endpoint\n- REJECT if both are clearly present\n- INFO if you want to note the good pattern\n\n**BYOK (Bring Your Own Key) Endpoints:**\n- If user provides their own API key, risk is LOWER\n- User pays for their own usage - cost abuse is their problem\n- Downgrade severity by one level for BYOK patterns\n\n**Protected by Middleware:**\n- If project context shows auth middleware protecting the route, downgrade to INFO\n- Internal/admin routes should be INFO or REJECT\n\n**CRITICAL ENDPOINT RULES**:\n- Cost abuse is real - unprotected AI endpoints can bankrupt a startup\n- Rate limiting alone isn't enough - need auth to prevent anonymous abuse\n- BYOK endpoints have lower risk since user bears the cost\n- Check for middleware protection before flagging\n\n### Schema/Tooling Mismatch (ai_schema_mismatch)\nAI-generated structured outputs need validation before use in security-sensitive contexts.\n\n**Unvalidated AI Output Parsing:**\n- JSON.parse(response.content) without schema validation -> **MEDIUM**\n  - AI may return malformed or unexpected structures\n  - Suggest zod/ajv/joi validation\n- AI output to EXECUTION SINK (eval, exec, query) without validation -> **HIGH**\n  - Direct path to code/SQL injection\n- AI output to DISPLAY only (console.log, UI render) -> **REJECT**\n  - Not a security issue for display purposes\n- OpenAI Structured Outputs (json_schema in request) -> **REJECT**\n  - API-level validation provides guarantees\n\n**Weak Schema Patterns:**\n- response: any at API boundary -> **MEDIUM** (no type safety)\n- z.any() or z.unknown() -> **LOW** (defeats purpose of validation)\n- z.passthrough() -> **INFO** (allows extra properties, minor concern)\n- Specific schema defined and used -> **REJECT** (properly validated)\n\n**Tool Parameter Validation:**\n- Tool parameter -> file path without validation -> **HIGH** (path traversal)\n- Tool parameter -> shell command without validation -> **CRITICAL** (command injection)\n- Tool parameter -> URL without validation -> **HIGH** (SSRF)\n- Tool parameter -> DB query without validation -> **HIGH** (SQL injection)\n- Tool parameter with allowlist check visible -> **LOW/REJECT** (mitigated)\n\n**CRITICAL SCHEMA RULES**:\n- The severity depends on WHERE the AI output is used, not just that it's parsed\n- Execution sinks (eval, exec, query, fs) need HIGH severity without validation\n- Display-only usage is NOT a security issue\n- Schema validation (zod, ajv, joi) significantly reduces risk\n- OpenAI Structured Outputs provide API-level guarantees\n";
-//# sourceMappingURL=ai-patterns.d.ts.map

package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ai-patterns.d.ts","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/ai-patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,eAAO,MAAM,kBAAkB,2+NAsI9B,CAAA"}

package/dist/layer3/anthropic/prompts/modules/ai-patterns.js

@@ -1,156 +0,0 @@
-"use strict";
-/**
- * AI Patterns Module
- *
- * Categories: ai_pattern, ai_prompt_injection, ai_unsafe_execution,
- *             ai_overpermissive_tool, suspicious_package, ai_rag_exfiltration,
- *             ai_endpoint_unprotected, ai_schema_mismatch, ai_package_hallucination,
- *             ai_rag_corpus_poisoning, ai_rag_pii_leakage, ai_mcp_tool_poisoning,
- *             ai_mcp_credential_issue, ai_mcp_confused_deputy,
- *             ai_mcp_description_injection, ai_mcp_server_shadowing,
- *             ai_mcp_config_secrets, ai_mcp_config_permissions,
- *             ai_rag_query_injection, ai_rag_embedding_poisoning,
- *             ai_rag_chunk_injection, ai_package_typosquat, ai_package_malicious,
- *             ai_unsafe_model_load, ai_unverified_model, ai_unsafe_finetuning,
- *             ai_excessive_agency
- *
- * Contains AI/LLM-specific patterns that require semantic AI reasoning.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AI_PATTERNS_MODULE = void 0;
-exports.AI_PATTERNS_MODULE = `
-### AI/LLM-Specific Patterns
-
-**Prompt Injection (ai_prompt_injection):**
-- User input in system prompt WITHOUT delimiters (code fences, XML tags, separators) -> **HIGH** (real risk)
-- User input in system prompt WITH clear delimiters -> **INFO** (properly fenced)
-- Static prompts with no user interpolation -> **REJECT** (false positive)
-- Prompt templates using proper parameterization/placeholders -> **REJECT**
-
-**LLM Output Execution (ai_unsafe_execution):**
-- LLM output fed to eval()/Function()/exec() WITHOUT sandbox -> **CRITICAL** (arbitrary code execution)
-- LLM output to execution WITH sandbox (vm2, isolated-vm) -> **MEDIUM** (risk mitigated)
-- LLM output to execution WITH validation AND sandbox -> **LOW** (well-protected)
-- LLM output used for display only (console.log, UI) -> **REJECT** (not execution)
-- Generated SQL from LLM without parameterization -> **CRITICAL** (SQL injection)
-- Generated SQL with parameterized queries -> **MEDIUM** (logic may still be wrong)
-
-**Agent Tool Permissions (ai_overpermissive_tool):**
-- Tool with unrestricted file/network/exec access -> **HIGH** (overpermissive)
-- Tool without user context verification -> **MEDIUM** (missing authorization)
-- Tool with proper scoping, allowlists, and user verification -> **LOW** or **REJECT**
-- Test files with tool definitions -> **INFO** or **REJECT**
-
-**Hallucinated Dependencies (suspicious_package):**
-- Package not found in registry -> **CRITICAL** (likely AI-hallucinated name)
-- Very new package (less than 7 days old) with low downloads and typosquat pattern -> **HIGH**
-- Legitimate looking package with source/repo but low popularity -> **MEDIUM** (needs review)
-- Known legitimate package with unusual name (in allowlist) -> **REJECT**
-
-**CRITICAL AI PATTERN RULES**:
-- AI code generation often produces non-existent package names - flag these prominently
-- Prompt injection is NOT the same as XSS - different threat model and severity
-- Sandboxed code execution (vm2, isolated-vm) significantly reduces risk
-- Agent tools need both access restrictions AND user context verification
-
-### RAG Data Exfiltration (ai_rag_exfiltration)
-Retrieval Augmented Generation systems can leak sensitive data across tenant boundaries.
-
-**Unscoped Retrieval Queries:**
-- Vector store query WITHOUT user/tenant filter -> **HIGH** (cross-tenant data access)
-  - .query(), .search(), .similaritySearch() without filter/where/userId/tenantId parameter
-  - LangChain retriever.invoke() without metadata filter
-  - Pinecone/Chroma/Weaviate query without namespace or metadata filter
-- Query WITH proper scoping (filter by userId/tenantId) -> **REJECT** (properly scoped)
-- Query with RLS-enabled Supabase tables -> **LOW/INFO** (verify RLS policy)
-
-**Raw Context Exposure:**
-- Raw sourceDocuments/chunks returned in API response -> **MEDIUM** (data leak to client)
-- Raw context returned WITHOUT authentication -> **HIGH** (public data leak)
-- Filtered response (only IDs, titles, metadata) -> **REJECT** (properly filtered)
-- Response filtering visible nearby (.map, sanitize, redact) -> **INFO**
-
-**Context Logging:**
-- Logging retrieved documents (debug) -> **INFO** (hygiene, not direct risk)
-- Logging full prompts with context -> **LOW** (audit concern if logs are accessible)
-- Persisting prompts/context to database -> **MEDIUM** (sensitive data retention)
-
-**CRITICAL RAG RULES**:
-- Cross-tenant data access is the PRIMARY risk - always check for user/tenant scoping
-- Authenticated endpoints exposing context are MEDIUM; unauthenticated are HIGH
-- Debug logging is INFO severity - it's not a direct vulnerability
-- If RLS or middleware protection is visible, downgrade significantly
-
-### AI Endpoint Protection (ai_endpoint_unprotected)
-AI/LLM API endpoints can incur significant costs and enable data exfiltration.
-
-**No Authentication + No Rate Limiting -> HIGH:**
-- Endpoint calls OpenAI/Anthropic/etc. without any auth check or rate limit
-- Anyone on the internet can abuse the endpoint and run up API costs
-- Potential for prompt exfiltration or model abuse
-
-**Has Rate Limiting but No Authentication -> MEDIUM:**
-- Rate limit provides some protection against abuse
-- Still allows anonymous access to AI functionality
-- Suggest adding authentication
-
-**Has Authentication but No Rate Limiting -> LOW:**
-- Authenticated users could still abuse the endpoint
-- Suggest adding rate limiting for cost control
-- severity: low (suggest improvement)
-
-**Has Both Auth and Rate Limiting -> INFO/REJECT:**
-- Properly protected endpoint
-- REJECT if both are clearly present
-- INFO if you want to note the good pattern
-
-**BYOK (Bring Your Own Key) Endpoints:**
-- If user provides their own API key, risk is LOWER
-- User pays for their own usage - cost abuse is their problem
-- Downgrade severity by one level for BYOK patterns
-
-**Protected by Middleware:**
-- If project context shows auth middleware protecting the route, downgrade to INFO
-- Internal/admin routes should be INFO or REJECT
-
-**CRITICAL ENDPOINT RULES**:
-- Cost abuse is real - unprotected AI endpoints can bankrupt a startup
-- Rate limiting alone isn't enough - need auth to prevent anonymous abuse
-- BYOK endpoints have lower risk since user bears the cost
-- Check for middleware protection before flagging
-
-### Schema/Tooling Mismatch (ai_schema_mismatch)
-AI-generated structured outputs need validation before use in security-sensitive contexts.
-
-**Unvalidated AI Output Parsing:**
-- JSON.parse(response.content) without schema validation -> **MEDIUM**
-  - AI may return malformed or unexpected structures
-  - Suggest zod/ajv/joi validation
-- AI output to EXECUTION SINK (eval, exec, query) without validation -> **HIGH**
-  - Direct path to code/SQL injection
-- AI output to DISPLAY only (console.log, UI render) -> **REJECT**
-  - Not a security issue for display purposes
-- OpenAI Structured Outputs (json_schema in request) -> **REJECT**
-  - API-level validation provides guarantees
-
-**Weak Schema Patterns:**
-- response: any at API boundary -> **MEDIUM** (no type safety)
-- z.any() or z.unknown() -> **LOW** (defeats purpose of validation)
-- z.passthrough() -> **INFO** (allows extra properties, minor concern)
-- Specific schema defined and used -> **REJECT** (properly validated)
-
-**Tool Parameter Validation:**
-- Tool parameter -> file path without validation -> **HIGH** (path traversal)
-- Tool parameter -> shell command without validation -> **CRITICAL** (command injection)
-- Tool parameter -> URL without validation -> **HIGH** (SSRF)
-- Tool parameter -> DB query without validation -> **HIGH** (SQL injection)
-- Tool parameter with allowlist check visible -> **LOW/REJECT** (mitigated)
-
-**CRITICAL SCHEMA RULES**:
-- The severity depends on WHERE the AI output is used, not just that it's parsed
-- Execution sinks (eval, exec, query, fs) need HIGH severity without validation
-- Display-only usage is NOT a security issue
-- Schema validation (zod, ajv, joi) significantly reduces risk
-- OpenAI Structured Outputs provide API-level guarantees
-`;
-//# sourceMappingURL=ai-patterns.js.map

package/dist/layer3/anthropic/prompts/modules/ai-patterns.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ai-patterns.js","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/ai-patterns.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;GAgBG;;;AAEU,QAAA,kBAAkB,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAsIjC,CAAA"}

package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts

@@ -1,9 +0,0 @@
-/**
- * Auth Access Prompt Module
- *
- * Categories: missing_auth, security_bypass
- * Contains contradiction handling rules that require AI reasoning.
- * Heuristic-handled patterns (middleware awareness, throwing helpers) are NOT included.
- */
-export declare const AUTH_ACCESS_MODULE = "\n### Authentication & Access Control\n\nFlag as REAL vulnerability (keep high severity) ONLY when:\n- Route has no visible auth check AND is NOT covered by middleware AND has no throwing auth helper\n- Sensitive operations without user scoping (cross-tenant access possible)\n- Auth checks that can be bypassed (e.g., checking wrong variable)\n\n**CRITICAL CONTRADICTION HANDLING**:\n- If we detect both \"protected by middleware\" and \"missing auth\" on the same route - REJECT the \"missing auth\" finding\n- If we detect both \"uses throwing auth helper\" and \"missing auth\" - REJECT the \"missing auth\" finding\n- Client components calling these protected API routes should NOT be flagged for \"missing auth\"\n- Adding \"if (!userId)\" after a throwing helper is a FALSE POSITIVE - reject it\n";
-//# sourceMappingURL=auth-access.d.ts.map

package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-access.d.ts","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/auth-access.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,eAAO,MAAM,kBAAkB,wyBAa9B,CAAA"}

package/dist/layer3/anthropic/prompts/modules/auth-access.js

@@ -1,25 +0,0 @@
-"use strict";
-/**
- * Auth Access Prompt Module
- *
- * Categories: missing_auth, security_bypass
- * Contains contradiction handling rules that require AI reasoning.
- * Heuristic-handled patterns (middleware awareness, throwing helpers) are NOT included.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AUTH_ACCESS_MODULE = void 0;
-exports.AUTH_ACCESS_MODULE = `
-### Authentication & Access Control
-
-Flag as REAL vulnerability (keep high severity) ONLY when:
-- Route has no visible auth check AND is NOT covered by middleware AND has no throwing auth helper
-- Sensitive operations without user scoping (cross-tenant access possible)
-- Auth checks that can be bypassed (e.g., checking wrong variable)
-
-**CRITICAL CONTRADICTION HANDLING**:
-- If we detect both "protected by middleware" and "missing auth" on the same route - REJECT the "missing auth" finding
-- If we detect both "uses throwing auth helper" and "missing auth" - REJECT the "missing auth" finding
-- Client components calling these protected API routes should NOT be flagged for "missing auth"
-- Adding "if (!userId)" after a throwing helper is a FALSE POSITIVE - reject it
-`;
-//# sourceMappingURL=auth-access.js.map

package/dist/layer3/anthropic/prompts/modules/auth-access.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auth-access.js","sourceRoot":"","sources":["../../../../../src/layer3/anthropic/prompts/modules/auth-access.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAEU,QAAA,kBAAkB,GAAG;;;;;;;;;;;;;CAajC,CAAA"}