@oculum/scanner 1.0.9 → 1.0.11

package/dist/layer2/model-supply-chain.js

@@ -0,0 +1,376 @@
+"use strict";
+/**
+ * Layer 2: Model Supply Chain Security Detection
+ * Detects unsafe model loading patterns that can lead to arbitrary code execution
+ *
+ * Covers AI Detection Roadmap Phase 2:
+ * - Pickle/joblib deserialization RCE
+ * - torch.load without weights_only=True
+ * - Unverified model sources
+ * - Unsafe fine-tuning on user data
+ *
+ * References:
+ * - OWASP LLM05: Supply Chain Vulnerabilities
+ * - CWE-502: Deserialization of Untrusted Data
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectModelSupplyChain = detectModelSupplyChain;
+const context_helpers_1 = require("../utils/context-helpers");
+// ============================================================================
+// Context Detection
+// ============================================================================
+/**
+ * Check if file is in an ML/model context based on path and content
+ */
+function isMLContextFile(filePath, content) {
+    // File path indicators
+    const mlPathPatterns = [
+        /\/(models?|ml|training|inference|weights|checkpoints)\//i,
+        /\/(transformers|huggingface|pytorch|tensorflow|keras)\//i,
+        /(train|model|inference|fine[-_]?tune).*\.(py|ts|js)$/i,
+    ];
+    if (mlPathPatterns.some(p => p.test(filePath))) {
+        return true;
+    }
+    // Content patterns suggesting ML usage
+    const mlContentPatterns = [
+        /import\s+(?:torch|tensorflow|keras|transformers|joblib|pickle)/i,
+        /from\s+(?:torch|tensorflow|keras|transformers|joblib|pickle)\s+import/i,
+        /\.load_model\s*\(/i,
+        /\.from_pretrained\s*\(/i,
+        /torch\.load\s*\(/i,
+        /pickle\.load/i,
+        /joblib\.load/i,
+        /Trainer|TrainingArguments/i,
+        /model\.save|model\.load/i,
+    ];
+    return mlContentPatterns.some(p => p.test(content));
+}
+// ============================================================================
+// Safe Pattern Detection
+// ============================================================================
+/**
+ * Check if torch.load has weights_only=True (safe mode)
+ */
+function hasTorchWeightsOnly(lineContent, surroundingContext) {
+    const fullContext = lineContent + '\n' + surroundingContext;
+    return /weights_only\s*=\s*True/i.test(fullContext);
+}
+/**
+ * Check if TensorFlow/Keras load has safe_mode=True
+ */
+function hasKerasSafeMode(lineContent, surroundingContext) {
+    const fullContext = lineContent + '\n' + surroundingContext;
+    return /safe_mode\s*=\s*True/i.test(fullContext);
+}
+/**
+ * Check if model source is from a trusted provider
+ */
+function isTrustedModelSource(lineContent) {
+    const trustedPatterns = [
+        // Official Hugging Face repos
+        /huggingface\.co\/(meta-llama|openai|anthropic|google|microsoft|facebook|EleutherAI)/i,
+        // Specific trusted model IDs (no http prefix)
+        /['"`](meta-llama|openai|anthropic|google|microsoft|facebook)\//i,
+        // Local file paths (not URLs)
+        /['"`]\.\/|['"`]\.\.\/|['"`]\//,
+        // Environment variables for paths
+        /os\.environ|process\.env/i,
+    ];
+    return trustedPatterns.some(p => p.test(lineContent));
+}
+/**
+ * Check if integrity verification is present
+ */
+function hasIntegrityCheck(content, lineNumber) {
+    const lines = content.split('\n');
+    const contextStart = Math.max(0, lineNumber - 20);
+    const contextEnd = Math.min(lines.length, lineNumber + 10);
+    const context = lines.slice(contextStart, contextEnd).join('\n');
+    const integrityPatterns = [
+        /checksum|sha256|sha512|md5|verify_hash|hash_check/i,
+        /verify.*integrity|integrity.*verify/i,
+        /revision\s*=\s*['"`][a-f0-9]{40}/i, // Git SHA pinning
+        /safetensors/i, // SafeTensors format (safe by design)
+        /\.ckpt\.sha256|\.bin\.sha256/i, // Hash files
+    ];
+    return integrityPatterns.some(p => p.test(context));
+}
+/**
+ * Check if using SafeTensors format (safe by design)
+ */
+function usesSafeTensors(lineContent, surroundingContext) {
+    const fullContext = lineContent + '\n' + surroundingContext;
+    return /safetensors|\.safetensors|from_safetensors|load_safetensors/i.test(fullContext);
+}
+/**
+ * Check if data validation is present for training
+ */
+function hasDataValidation(content, lineNumber) {
+    const lines = content.split('\n');
+    const contextStart = Math.max(0, lineNumber - 30);
+    const contextEnd = Math.min(lines.length, lineNumber + 10);
+    const context = lines.slice(contextStart, contextEnd).join('\n');
+    const validationPatterns = [
+        /validate|sanitize|clean|filter/i,
+        /schema\.(parse|validate)/i,
+        /content_moderation|moderate_content/i,
+        /review.*data|data.*review/i,
+        /verified.*dataset|trusted.*data/i,
+    ];
+    return validationPatterns.some(p => p.test(context));
+}
+const MODEL_SUPPLY_CHAIN_PATTERNS = [
+    // ========== Pickle Deserialization (RCE) ==========
+    {
+        name: 'Pickle deserialization',
+        pattern: /pickle\.load\s*\(|pickle\.loads\s*\(/gi,
+        category: 'ai_unsafe_model_load',
+        baseSeverity: 'critical',
+        description: 'pickle.load() executes arbitrary Python code embedded in pickle files. Attackers can craft malicious pickle files that execute code when loaded.',
+        suggestedFix: 'Use SafeTensors format for ML models. For other data, use JSON or a safe serialization format. If pickle is unavoidable, only load from trusted, verified sources.',
+    },
+    {
+        name: 'Joblib deserialization',
+        pattern: /joblib\.load\s*\(/gi,
+        category: 'ai_unsafe_model_load',
+        baseSeverity: 'critical',
+        description: 'joblib.load() uses pickle internally and can execute arbitrary code. This is commonly used for sklearn models but is unsafe for untrusted files.',
+        suggestedFix: 'Use ONNX format for sklearn models. Alternatively, use skops.io which provides secure model persistence. Only load from verified sources.',
+    },
+    // ========== PyTorch Loading ==========
+    {
+        name: 'torch.load without weights_only',
+        pattern: /torch\.load\s*\([^)]*\)/gi,
+        category: 'ai_unsafe_model_load',
+        baseSeverity: 'high',
+        description: 'torch.load() without weights_only=True can execute arbitrary code embedded in model files via pickle.',
+        suggestedFix: 'Use torch.load(path, weights_only=True) to load only tensor data safely. Or use SafeTensors format: from safetensors.torch import load_file',
+        checkSafeMode: 'torch',
+    },
+    // ========== TensorFlow/Keras Loading ==========
+    {
+        name: 'Keras load_model without safe_mode',
+        pattern: /(?:keras\.models\.)?load_model\s*\([^)]*\)/gi,
+        category: 'ai_unsafe_model_load',
+        baseSeverity: 'high',
+        description: 'Keras load_model() can execute arbitrary code from Lambda layers or custom objects in model files.',
+        suggestedFix: 'Use tf.keras.models.load_model(path, safe_mode=True) in TensorFlow 2.13+. Alternatively, save/load only weights with model.save_weights()/load_weights().',
+        checkSafeMode: 'keras',
+    },
+    // ========== Unverified Model Sources ==========
+    {
+        name: 'Model from HTTP URL',
+        pattern: /from_pretrained\s*\(\s*['"`]https?:\/\/[^'"`)]+['"`]/gi,
+        category: 'ai_unverified_model',
+        baseSeverity: 'high',
+        description: 'Loading models directly from HTTP URLs bypasses the Hugging Face Hub\'s verification. Attackers could serve malicious models via MITM attacks.',
+        suggestedFix: 'Load from Hugging Face Hub by model ID instead of direct URL. Pin to specific revision: from_pretrained("org/model", revision="abc123")',
+        checkTrustedSource: true,
+    },
+    {
+        name: 'trust_remote_code=True',
+        pattern: /trust_remote_code\s*=\s*True/gi,
+        category: 'ai_unsafe_model_load',
+        baseSeverity: 'high',
+        description: 'trust_remote_code=True allows model repos to execute arbitrary Python code during loading. Malicious repos could compromise your system.',
+        suggestedFix: 'Avoid trust_remote_code=True. Use models that don\'t require custom code. If necessary, audit the model repo code before enabling.',
+    },
+    {
+        name: 'Model download without verification',
+        pattern: /(?:urllib|requests|wget|curl).*(?:\.pth|\.pt|\.bin|\.ckpt|\.h5|\.keras|model)/gi,
+        category: 'ai_unverified_model',
+        baseSeverity: 'medium',
+        description: 'Downloading model files without integrity verification. Attackers could serve modified files via compromised mirrors or MITM.',
+        suggestedFix: 'Verify downloaded files against known checksums: sha256sum file.pth. Use official download APIs (transformers, torch.hub) which include verification.',
+        checkIntegrity: true,
+    },
+    // ========== Unsafe Fine-tuning ==========
+    {
+        name: 'Training on user uploads',
+        pattern: /(?:trainer|model)\.(?:train|fit|fine_tune)\s*\([^)]*(?:user_uploads?|user_data|uploaded|untrusted)/gi,
+        category: 'ai_unsafe_finetuning',
+        baseSeverity: 'high',
+        description: 'Training/fine-tuning directly on user-uploaded data without validation enables data poisoning attacks.',
+        suggestedFix: 'Validate and sanitize all training data. Implement content moderation. Use separate data pipelines for user content with review steps.',
+        checkDataValidation: true,
+    },
+    {
+        name: 'Trainer with user data',
+        pattern: /Trainer\s*\([^)]*(?:train_dataset|eval_dataset)\s*=\s*(?:user_uploads?|user_data|uploaded_data|untrusted_data)/gi,
+        category: 'ai_unsafe_finetuning',
+        baseSeverity: 'high',
+        description: 'Trainer initialized with user-uploaded data without validation. Data poisoning attacks can manipulate model behavior.',
+        suggestedFix: 'Validate and sanitize all training data before passing to Trainer. Implement content moderation and review pipelines.',
+        checkDataValidation: true,
+    },
+    {
+        name: 'Fine-tuning with external dataset',
+        pattern: /(?:load_dataset|datasets\.load)\s*\([^)]*(?:path|url|http)/gi,
+        category: 'ai_unsafe_finetuning',
+        baseSeverity: 'medium',
+        description: 'Loading training datasets from external sources without verification. Data could be poisoned.',
+        suggestedFix: 'Use verified datasets from trusted sources. Implement data validation pipelines. Consider dataset hashing/signing.',
+        checkDataValidation: true,
+    },
+    {
+        name: 'Training config from user input',
+        pattern: /TrainingArguments\s*\([^)]*(?:request|user|input|body)\./gi,
+        category: 'ai_unsafe_finetuning',
+        baseSeverity: 'medium',
+        description: 'Training arguments derived from user input. Attackers could manipulate training hyperparameters to compromise model behavior.',
+        suggestedFix: 'Validate and sanitize all training arguments. Use allowlists for hyperparameter values. Don\'t allow users to specify output paths.',
+    },
+    // ========== TensorFlow Specific ==========
+    {
+        name: 'TensorFlow SavedModel from path',
+        pattern: /tf\.saved_model\.load\s*\([^)]*(?:http|ftp|user|upload)/gi,
+        category: 'ai_unverified_model',
+        baseSeverity: 'high',
+        description: 'Loading TensorFlow SavedModel from untrusted path. SavedModels can contain arbitrary ops that execute code.',
+        suggestedFix: 'Only load SavedModels from trusted, verified sources. Use TF Serving with model verification for production.',
+        checkTrustedSource: true,
+    },
+];
+// ============================================================================
+// Helper Functions
+// ============================================================================
+/**
+ * Get surrounding context for analysis
+ */
+function getSurroundingContext(content, lineIndex, windowSize = 15) {
+    const lines = content.split('\n');
+    const start = Math.max(0, lineIndex - windowSize);
+    const end = Math.min(lines.length, lineIndex + windowSize);
+    return lines.slice(start, end).join('\n');
+}
+/**
+ * Calculate severity based on mitigations
+ */
+function calculateSeverity(baseSeverity, isMitigated, isPartiallyMitigated, isTestFile, isExample, isLibrary) {
+    if (isTestFile || isExample || isLibrary) {
+        return 'info';
+    }
+    if (isMitigated) {
+        return 'info';
+    }
+    if (isPartiallyMitigated) {
+        if (baseSeverity === 'critical')
+            return 'high';
+        if (baseSeverity === 'high')
+            return 'medium';
+        if (baseSeverity === 'medium')
+            return 'low';
+    }
+    return baseSeverity;
+}
+// ============================================================================
+// Main Detection Function
+// ============================================================================
+/**
+ * Main detection function for model supply chain security issues
+ */
+function detectModelSupplyChain(content, filePath) {
+    const vulnerabilities = [];
+    // Skip non-applicable files
+    if ((0, context_helpers_1.isScannerOrFixtureFile)(filePath))
+        return vulnerabilities;
+    // Only scan files that appear to be in ML context
+    if (!isMLContextFile(filePath, content)) {
+        return vulnerabilities;
+    }
+    const lines = content.split('\n');
+    const isTestFile = (0, context_helpers_1.isTestOrMockFile)(filePath);
+    const isExample = (0, context_helpers_1.isExampleDirectory)(filePath);
+    const isLibrary = (0, context_helpers_1.isLibraryCode)(filePath);
+    for (const pattern of MODEL_SUPPLY_CHAIN_PATTERNS) {
+        const regex = new RegExp(pattern.pattern.source, pattern.pattern.flags);
+        let match;
+        while ((match = regex.exec(content)) !== null) {
+            const lineNumber = content.substring(0, match.index).split('\n').length;
+            const lineContent = lines[lineNumber - 1]?.trim() || '';
+            // Skip comments
+            if ((0, context_helpers_1.isComment)(lineContent))
+                continue;
+            const surroundingContext = getSurroundingContext(content, lineNumber - 1);
+            // Check for mitigations
+            let isMitigated = false;
+            let isPartiallyMitigated = false;
+            let description = pattern.description;
+            // Check SafeTensors usage (mitigates most pickle/torch issues)
+            if (usesSafeTensors(lineContent, surroundingContext)) {
+                isMitigated = true;
+                description += ' (SafeTensors format detected - safe.)';
+            }
+            // Check torch weights_only
+            if (pattern.checkSafeMode === 'torch') {
+                if (hasTorchWeightsOnly(lineContent, surroundingContext)) {
+                    isMitigated = true;
+                    description += ' (weights_only=True detected - safe.)';
+                }
+            }
+            // Check keras safe_mode
+            if (pattern.checkSafeMode === 'keras') {
+                if (hasKerasSafeMode(lineContent, surroundingContext)) {
+                    isMitigated = true;
+                    description += ' (safe_mode=True detected - safe.)';
+                }
+            }
+            // Check trusted source
+            if (pattern.checkTrustedSource) {
+                if (isTrustedModelSource(lineContent)) {
+                    isPartiallyMitigated = true;
+                    description += ' (Trusted source detected.)';
+                }
+            }
+            // Check integrity verification
+            if (pattern.checkIntegrity) {
+                if (hasIntegrityCheck(content, lineNumber)) {
+                    isMitigated = true;
+                    description += ' (Integrity verification detected.)';
+                }
+            }
+            // Check data validation for training
+            if (pattern.checkDataValidation) {
+                if (hasDataValidation(content, lineNumber)) {
+                    isPartiallyMitigated = true;
+                    description += ' (Data validation detected nearby.)';
+                }
+            }
+            // Skip if fully mitigated
+            if (isMitigated)
+                continue;
+            // Calculate final severity
+            const severity = calculateSeverity(pattern.baseSeverity, isMitigated, isPartiallyMitigated, isTestFile, isExample, isLibrary);
+            // Add context notes
+            if (isTestFile) {
+                description += ' (In test file.)';
+            }
+            else if (isExample) {
+                description += ' (In example/demo directory.)';
+            }
+            else if (isLibrary) {
+                description += ' (Library code.)';
+            }
+            // Skip info-level in non-ML focused files to reduce noise
+            if (severity === 'info' && !isMLContextFile(filePath, content))
+                continue;
+            vulnerabilities.push({
+                id: `model-supply-${filePath}-${lineNumber}-${pattern.name.replace(/\s+/g, '-')}`,
+                filePath,
+                lineNumber,
+                lineContent,
+                severity,
+                category: pattern.category,
+                title: pattern.name,
+                description,
+                suggestedFix: pattern.suggestedFix,
+                confidence: severity === 'info' ? 'low' : 'high',
+                layer: 2,
+                requiresAIValidation: severity !== 'info' && severity !== 'low',
+            });
+        }
+    }
+    return vulnerabilities;
+}
+//# sourceMappingURL=model-supply-chain.js.map

package/dist/layer2/model-supply-chain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-supply-chain.js","sourceRoot":"","sources":["../../src/layer2/model-supply-chain.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;AA4TH,wDA8HC;AAvbD,8DAMiC;AAEjC,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E;;GAEG;AACH,SAAS,eAAe,CAAC,QAAgB,EAAE,OAAe;IACxD,uBAAuB;IACvB,MAAM,cAAc,GAAG;QACrB,0DAA0D;QAC1D,0DAA0D;QAC1D,uDAAuD;KACxD,CAAA;IAED,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC/C,OAAO,IAAI,CAAA;IACb,CAAC;IAED,uCAAuC;IACvC,MAAM,iBAAiB,GAAG;QACxB,iEAAiE;QACjE,wEAAwE;QACxE,oBAAoB;QACpB,yBAAyB;QACzB,mBAAmB;QACnB,eAAe;QACf,eAAe;QACf,4BAA4B;QAC5B,0BAA0B;KAC3B,CAAA;IAED,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;AACrD,CAAC;AAED,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;GAEG;AACH,SAAS,mBAAmB,CAAC,WAAmB,EAAE,kBAA0B;IAC1E,MAAM,WAAW,GAAG,WAAW,GAAG,IAAI,GAAG,kBAAkB,CAAA;IAC3D,OAAO,0BAA0B,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;AACrD,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,WAAmB,EAAE,kBAA0B;IACvE,MAAM,WAAW,GAAG,WAAW,GAAG,IAAI,GAAG,kBAAkB,CAAA;IAC3D,OAAO,uBAAuB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;AAClD,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,WAAmB;IAC/C,MAAM,eAAe,GAAG;QACtB,8BAA8B;QAC9B,sFAAsF;QACtF,8CAA8C;QAC9C,iEAAiE;QACjE,8BAA8B;QAC9B,+BAA+B;QAC/B,kCAAkC;QAClC,2BAA2B;KAC5B,CAAA;IAED,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAA;AACvD,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAAe,EAAE,UAAkB;IAC5D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IACjD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEhE,MAAM,iBAAiB,GAAG;QACxB,oDAAoD;QACpD,sCAAsC;QACtC,mCAAmC,EAAE,kBAAkB;QACvD,cAAc,EAAE,sCAAsC;QACtD,+BAA+B,EAAE,aAAa;KAC/C,CAAA;IAED,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;AACrD,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,WAAmB,EAAE,kBAA0B;IACtE,MAAM,WAAW,GAAG,WAAW,GAAG,IAAI,GAAG,kBAAkB,CAAA;IAC3D,OAAO,8DAA8D,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;AACzF,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAAe,EAAE,UAAkB;IAC5D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IACjD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEhE,MAAM,kBAAkB,GAAG;QACzB,iCAAiC;QACjC,2BAA2B;QAC3B,sCAAsC;QACtC,4BAA4B;QAC5B,kCAAkC;KACnC,CAAA;IAED,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;AACtD,CAAC;AAmBD,MAAM,2BAA2B,GAA8B;IAC7D,qDAAqD;IACrD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,wCAAwC;QACjD,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,UAAU;QACxB,WAAW,EAAE,kJAAkJ;QAC/J,YAAY,EAAE,oKAAoK;KACnL;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,qBAAqB;QAC9B,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,UAAU;QACxB,WAAW,EAAE,kJAAkJ;QAC/J,YAAY,EAAE,2IAA2I;KAC1J;IAED,wCAAwC;IACxC;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,MAAM;QACpB,WAAW,EAAE,uGAAuG;QACpH,YAAY,EAAE,6IAA6I;QAC3J,aAAa,EAAE,OAAO;KACvB;IAED,iDAAiD;IACjD;QACE,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,8CAA8C;QACvD,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,MAAM;QACpB,WAAW,EAAE,oGAAoG;QACjH,YAAY,EAAE,2JAA2J;QACzK,aAAa,EAAE,OAAO;KACvB;IAED,iDAAiD;IACjD;QACE,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,wDAAwD;QACjE,QAAQ,EAAE,qBAAqB;QAC/B,YAAY,EAAE,MAAM;QACpB,WAAW,EAAE,gJAAgJ;QAC7J,YAAY,EAAE,yIAAyI;QACvJ,kBAAkB,EAAE,IAAI;KACzB;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,gCAAgC;QACzC,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,MAAM;QACpB,WAAW,EAAE,0IAA0I;QACvJ,YAAY,EAAE,oIAAoI;KACnJ;IACD;QACE,IAAI,EAAE,qCAAqC;QAC3C,OAAO,EAAE,iFAAiF;QAC1F,QAAQ,EAAE,qBAAqB;QAC/B,YAAY,EAAE,QAAQ;QACtB,WAAW,EAAE,+HAA+H;QAC5I,YAAY,EAAE,uJAAuJ;QACrK,cAAc,EAAE,IAAI;KACrB;IAED,2CAA2C;IAC3C;QACE,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,sGAAsG;QAC/G,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,MAAM;QACpB,WAAW,EAAE,wGAAwG;QACrH,YAAY,EAAE,wIAAwI;QACtJ,mBAAmB,EAAE,IAAI;KAC1B;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,kHAAkH;QAC3H,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,MAAM;QACpB,WAAW,EAAE,uHAAuH;QACpI,YAAY,EAAE,uHAAuH;QACrI,mBAAmB,EAAE,IAAI;KAC1B;IACD;QACE,IAAI,EAAE,mCAAmC;QACzC,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,QAAQ;QACtB,WAAW,EAAE,+FAA+F;QAC5G,YAAY,EAAE,oHAAoH;QAClI,mBAAmB,EAAE,IAAI;KAC1B;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,4DAA4D;QACrE,QAAQ,EAAE,sBAAsB;QAChC,YAAY,EAAE,QAAQ;QACtB,WAAW,EAAE,+HAA+H;QAC5I,YAAY,EAAE,qIAAqI;KACpJ;IAED,4CAA4C;IAC5C;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,2DAA2D;QACpE,QAAQ,EAAE,qBAAqB;QAC/B,YAAY,EAAE,MAAM;QACpB,WAAW,EAAE,6GAA6G;QAC1H,YAAY,EAAE,8GAA8G;QAC5H,kBAAkB,EAAE,IAAI;KACzB;CACF,CAAA;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,SAAS,qBAAqB,CAAC,OAAe,EAAE,SAAiB,EAAE,aAAqB,EAAE;IACxF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IAC1D,OAAO,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AAC3C,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,YAAmC,EACnC,WAAoB,EACpB,oBAA6B,EAC7B,UAAmB,EACnB,SAAkB,EAClB,SAAkB;IAElB,IAAI,UAAU,IAAI,SAAS,IAAI,SAAS,EAAE,CAAC;QACzC,OAAO,MAAM,CAAA;IACf,CAAC;IAED,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,MAAM,CAAA;IACf,CAAC;IAED,IAAI,oBAAoB,EAAE,CAAC;QACzB,IAAI,YAAY,KAAK,UAAU;YAAE,OAAO,MAAM,CAAA;QAC9C,IAAI,YAAY,KAAK,MAAM;YAAE,OAAO,QAAQ,CAAA;QAC5C,IAAI,YAAY,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAA;IAC7C,CAAC;IAED,OAAO,YAAY,CAAA;AACrB,CAAC;AAED,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,sBAAsB,CACpC,OAAe,EACf,QAAgB;IAEhB,MAAM,eAAe,GAAoB,EAAE,CAAA;IAE3C,4BAA4B;IAC5B,IAAI,IAAA,wCAAsB,EAAC,QAAQ,CAAC;QAAE,OAAO,eAAe,CAAA;IAE5D,kDAAkD;IAClD,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,OAAO,CAAC,EAAE,CAAC;QACxC,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,UAAU,GAAG,IAAA,kCAAgB,EAAC,QAAQ,CAAC,CAAA;IAC7C,MAAM,SAAS,GAAG,IAAA,oCAAkB,EAAC,QAAQ,CAAC,CAAA;IAC9C,MAAM,SAAS,GAAG,IAAA,+BAAa,EAAC,QAAQ,CAAC,CAAA;IAEzC,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;QAClD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QACvE,IAAI,KAAK,CAAA;QAET,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAA;YACvE,MAAM,WAAW,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;YAEvD,gBAAgB;YAChB,IAAI,IAAA,2BAAS,EAAC,WAAW,CAAC;gBAAE,SAAQ;YAEpC,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,OAAO,EAAE,UAAU,GAAG,CAAC,CAAC,CAAA;YAEzE,wBAAwB;YACxB,IAAI,WAAW,GAAG,KAAK,CAAA;YACvB,IAAI,oBAAoB,GAAG,KAAK,CAAA;YAChC,IAAI,WAAW,GAAG,OAAO,CAAC,WAAW,CAAA;YAErC,+DAA+D;YAC/D,IAAI,eAAe,CAAC,WAAW,EAAE,kBAAkB,CAAC,EAAE,CAAC;gBACrD,WAAW,GAAG,IAAI,CAAA;gBAClB,WAAW,IAAI,wCAAwC,CAAA;YACzD,CAAC;YAED,2BAA2B;YAC3B,IAAI,OAAO,CAAC,aAAa,KAAK,OAAO,EAAE,CAAC;gBACtC,IAAI,mBAAmB,CAAC,WAAW,EAAE,kBAAkB,CAAC,EAAE,CAAC;oBACzD,WAAW,GAAG,IAAI,CAAA;oBAClB,WAAW,IAAI,uCAAuC,CAAA;gBACxD,CAAC;YACH,CAAC;YAED,wBAAwB;YACxB,IAAI,OAAO,CAAC,aAAa,KAAK,OAAO,EAAE,CAAC;gBACtC,IAAI,gBAAgB,CAAC,WAAW,EAAE,kBAAkB,CAAC,EAAE,CAAC;oBACtD,WAAW,GAAG,IAAI,CAAA;oBAClB,WAAW,IAAI,oCAAoC,CAAA;gBACrD,CAAC;YACH,CAAC;YAED,uBAAuB;YACvB,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;gBAC/B,IAAI,oBAAoB,CAAC,WAAW,CAAC,EAAE,CAAC;oBACtC,oBAAoB,GAAG,IAAI,CAAA;oBAC3B,WAAW,IAAI,6BAA6B,CAAA;gBAC9C,CAAC;YACH,CAAC;YAED,+BAA+B;YAC/B,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3B,IAAI,iBAAiB,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;oBAC3C,WAAW,GAAG,IAAI,CAAA;oBAClB,WAAW,IAAI,qCAAqC,CAAA;gBACtD,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;gBAChC,IAAI,iBAAiB,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;oBAC3C,oBAAoB,GAAG,IAAI,CAAA;oBAC3B,WAAW,IAAI,qCAAqC,CAAA;gBACtD,CAAC;YACH,CAAC;YAED,0BAA0B;YAC1B,IAAI,WAAW;gBAAE,SAAQ;YAEzB,2BAA2B;YAC3B,MAAM,QAAQ,GAAG,iBAAiB,CAChC,OAAO,CAAC,YAAY,EACpB,WAAW,EACX,oBAAoB,EACpB,UAAU,EACV,SAAS,EACT,SAAS,CACV,CAAA;YAED,oBAAoB;YACpB,IAAI,UAAU,EAAE,CAAC;gBACf,WAAW,IAAI,kBAAkB,CAAA;YACnC,CAAC;iBAAM,IAAI,SAAS,EAAE,CAAC;gBACrB,WAAW,IAAI,+BAA+B,CAAA;YAChD,CAAC;iBAAM,IAAI,SAAS,EAAE,CAAC;gBACrB,WAAW,IAAI,kBAAkB,CAAA;YACnC,CAAC;YAED,0DAA0D;YAC1D,IAAI,QAAQ,KAAK,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,OAAO,CAAC;gBAAE,SAAQ;YAExE,eAAe,CAAC,IAAI,CAAC;gBACnB,EAAE,EAAE,gBAAgB,QAAQ,IAAI,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE;gBACjF,QAAQ;gBACR,UAAU;gBACV,WAAW;gBACX,QAAQ;gBACR,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;gBACnB,WAAW;gBACX,YAAY,EAAE,OAAO,CAAC,YAAY;gBAClC,UAAU,EAAE,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM;gBAChD,KAAK,EAAE,CAAC;gBACR,oBAAoB,EAAE,QAAQ,KAAK,MAAM,IAAI,QAAQ,KAAK,KAAK;aAChE,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC"}

package/dist/layer2/risky-imports.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"risky-imports.d.ts","sourceRoot":"","sources":["../../src/layer2/risky-imports.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAyB,MAAM,UAAU,CAAA;AAkJpE,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,aAAa,EAAE,CA+BjB"}
+{"version":3,"file":"risky-imports.d.ts","sourceRoot":"","sources":["../../src/layer2/risky-imports.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAyB,MAAM,UAAU,CAAA;AAmJpE,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,aAAa,EAAE,CAmCjB"}

package/dist/layer2/risky-imports.js

@@ -5,6 +5,7 @@
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.detectRiskyImports = detectRiskyImports;
+const context_helpers_1 = require("../utils/context-helpers");
 const RISKY_PACKAGES = [
     // Known vulnerable or deprecated packages
     {
@@ -131,6 +132,9 @@ function isComment(line) {
 }
 function detectRiskyImports(content, filePath) {
     const vulnerabilities = [];
+    // Skip scanner/fixture files to avoid self-detection
+    if ((0, context_helpers_1.isScannerOrFixtureFile)(filePath))
+        return vulnerabilities;
     const lines = content.split('\n');
     lines.forEach((line, index) => {
         // Skip comment lines

package/dist/layer2/risky-imports.js.map

@@ -1 +1 @@
-{"version":3,"file":"risky-imports.js","sourceRoot":"","sources":["../../src/layer2/risky-imports.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAoJH,gDAkCC;AA1KD,MAAM,cAAc,GAAmB;IACrC,0CAA0C;IAC1C;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,8DAA8D;QAC3E,YAAY,EAAE,wCAAwC;KACvD;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,kDAAkD;QAC/D,YAAY,EAAE,gCAAgC;KAC/C;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,2FAA2F;QACpG,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,yDAAyD;KACxE;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,4DAA4D;QACrE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,yDAAyD;QACtE,YAAY,EAAE,0CAA0C;KACzD;IAED,yFAAyF;IACzF;QACE,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,sDAAsD;QAC/D,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,gLAAgL;QAC7L,YAAY,EAAE,uHAAuH;KACtI;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,wFAAwF;QACjG,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,yEAAyE;QACtF,YAAY,EAAE,yEAAyE;KACxF;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,4CAA4C;QACzD,YAAY,EAAE,yDAAyD;KACxE;IACD;QACE,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,0EAA0E;QACnF,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,8CAA8C;QAC3D,YAAY,EAAE,gCAAgC;KAC/C;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,0DAA0D;QACnE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,8CAA8C;QAC3D,YAAY,EAAE,2DAA2D;KAC1E;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,0DAA0D;QACvE,YAAY,EAAE,iEAAiE;KAChF;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,sCAAsC;QAC/C,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,+DAA+D;QAC5E,YAAY,EAAE,wDAAwD;KACvE;IACD;QACE,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,8CAA8C;KAC7D;IAED,gDAAgD;IAChD;QACE,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,4HAA4H;QACrI,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,8DAA8D;QAC3E,YAAY,EAAE,uDAAuD;KACtE;IAED,qCAAqC;IACrC;QACE,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,sEAAsE;QAC/E,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,sEAAsE;QACnF,YAAY,EAAE,qEAAqE;KACpF;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,gEAAgE;QAC7E,YAAY,EAAE,iDAAiD;KAChE;CACF,CAAA;AAED,6BAA6B;AAC7B,SAAS,SAAS,CAAC,IAAY;IAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;IAC3B,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CACzB,CAAA;AACH,CAAC;AAED,SAAgB,kBAAkB,CAChC,OAAe,EACf,QAAgB;IAEhB,MAAM,eAAe,GAAoB,EAAE,CAAA;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,qBAAqB;QACrB,IAAI,SAAS,CAAC,IAAI,CAAC;YAAE,OAAM;QAE3B,KAAK,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;YACjC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;YAE/D,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrB,eAAe,CAAC,IAAI,CAAC;oBACnB,EAAE,EAAE,gBAAgB,QAAQ,IAAI,KAAK,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,EAAE;oBACvD,QAAQ;oBACR,UAAU,EAAE,KAAK,GAAG,CAAC;oBACrB,WAAW,EAAE,IAAI,CAAC,IAAI,EAAE;oBACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,QAAQ,EAAE,oBAAoB;oBAC9B,KAAK,EAAE,kBAAkB,GAAG,CAAC,IAAI,EAAE;oBACnC,WAAW,EAAE,GAAG,CAAC,WAAW;oBAC5B,YAAY,EAAE,GAAG,CAAC,YAAY;oBAC9B,UAAU,EAAE,MAAM;oBAClB,KAAK,EAAE,CAAC;iBACT,CAAC,CAAA;gBACF,MAAK,CAAC,4BAA4B;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,eAAe,CAAA;AACxB,CAAC"}
+{"version":3,"file":"risky-imports.js","sourceRoot":"","sources":["../../src/layer2/risky-imports.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAqJH,gDAsCC;AAxLD,8DAAiE;AAUjE,MAAM,cAAc,GAAmB;IACrC,0CAA0C;IAC1C;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,8DAA8D;QAC3E,YAAY,EAAE,wCAAwC;KACvD;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,kDAAkD;QAC/D,YAAY,EAAE,gCAAgC;KAC/C;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,2FAA2F;QACpG,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,yDAAyD;KACxE;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,4DAA4D;QACrE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,yDAAyD;QACtE,YAAY,EAAE,0CAA0C;KACzD;IAED,yFAAyF;IACzF;QACE,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,sDAAsD;QAC/D,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,gLAAgL;QAC7L,YAAY,EAAE,uHAAuH;KACtI;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,wFAAwF;QACjG,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,yEAAyE;QACtF,YAAY,EAAE,yEAAyE;KACxF;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,4CAA4C;QACzD,YAAY,EAAE,yDAAyD;KACxE;IACD;QACE,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,0EAA0E;QACnF,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,8CAA8C;QAC3D,YAAY,EAAE,gCAAgC;KAC/C;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,0DAA0D;QACnE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,8CAA8C;QAC3D,YAAY,EAAE,2DAA2D;KAC1E;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,0DAA0D;QACvE,YAAY,EAAE,iEAAiE;KAChF;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,sCAAsC;QAC/C,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,+DAA+D;QAC5E,YAAY,EAAE,wDAAwD;KACvE;IACD;QACE,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,8CAA8C;KAC7D;IAED,gDAAgD;IAChD;QACE,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,4HAA4H;QACrI,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,8DAA8D;QAC3E,YAAY,EAAE,uDAAuD;KACtE;IAED,qCAAqC;IACrC;QACE,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,sEAAsE;QAC/E,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,sEAAsE;QACnF,YAAY,EAAE,qEAAqE;KACpF;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,gEAAgE;QAC7E,YAAY,EAAE,iDAAiD;KAChE;CACF,CAAA;AAED,6BAA6B;AAC7B,SAAS,SAAS,CAAC,IAAY;IAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;IAC3B,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CACzB,CAAA;AACH,CAAC;AAED,SAAgB,kBAAkB,CAChC,OAAe,EACf,QAAgB;IAEhB,MAAM,eAAe,GAAoB,EAAE,CAAA;IAE3C,qDAAqD;IACrD,IAAI,IAAA,wCAAsB,EAAC,QAAQ,CAAC;QAAE,OAAO,eAAe,CAAA;IAE5D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,qBAAqB;QACrB,IAAI,SAAS,CAAC,IAAI,CAAC;YAAE,OAAM;QAE3B,KAAK,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;YACjC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;YAE/D,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrB,eAAe,CAAC,IAAI,CAAC;oBACnB,EAAE,EAAE,gBAAgB,QAAQ,IAAI,KAAK,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,EAAE;oBACvD,QAAQ;oBACR,UAAU,EAAE,KAAK,GAAG,CAAC;oBACrB,WAAW,EAAE,IAAI,CAAC,IAAI,EAAE;oBACxB,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,QAAQ,EAAE,oBAAoB;oBAC9B,KAAK,EAAE,kBAAkB,GAAG,CAAC,IAAI,EAAE;oBACnC,WAAW,EAAE,GAAG,CAAC,WAAW;oBAC5B,YAAY,EAAE,GAAG,CAAC,YAAY;oBAC9B,UAAU,EAAE,MAAM;oBAClB,KAAK,EAAE,CAAC;iBACT,CAAC,CAAA;gBACF,MAAK,CAAC,4BAA4B;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,eAAe,CAAA;AACxB,CAAC"}

package/dist/layer2/variables.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"variables.d.ts","sourceRoot":"","sources":["../../src/layer2/variables.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAA;AAGvE,eAAO,MAAM,2BAA2B,EAAE,wBAAwB,EA0DjE,CAAA;AAqDD,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,aAAa,EAAE,CA2CjB"}
+{"version":3,"file":"variables.d.ts","sourceRoot":"","sources":["../../src/layer2/variables.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,wBAAwB,EAAE,MAAM,UAAU,CAAA;AAIvE,eAAO,MAAM,2BAA2B,EAAE,wBAAwB,EA0DjE,CAAA;AAqDD,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,aAAa,EAAE,CA+CjB"}

package/dist/layer2/variables.js

@@ -6,6 +6,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SENSITIVE_VARIABLE_PATTERNS = void 0;
 exports.detectSensitiveVariables = detectSensitiveVariables;
+const context_helpers_1 = require("../utils/context-helpers");
 // Patterns for sensitive variable names
 exports.SENSITIVE_VARIABLE_PATTERNS = [
     // Password-related
@@ -111,6 +112,9 @@ function isTypeDefinition(line) {
 }
 function detectSensitiveVariables(content, filePath) {
     const vulnerabilities = [];
+    // Skip scanner/fixture files to avoid self-detection
+    if ((0, context_helpers_1.isScannerOrFixtureFile)(filePath))
+        return vulnerabilities;
     const lines = content.split('\n');
     lines.forEach((line, index) => {
         // Skip comments

package/dist/layer2/variables.js.map

@@ -1 +1 @@
-{"version":3,"file":"variables.js","sourceRoot":"","sources":["../../src/layer2/variables.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAoHH,4DA8CC;AA9JD,wCAAwC;AAC3B,QAAA,2BAA2B,GAA+B;IACrE,mBAAmB;IACnB;QACE,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,yCAAyC;KACvD;IACD;QACE,OAAO,EAAE,6EAA6E;QACtF,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gDAAgD;KAC9D;IACD,gBAAgB;IAChB;QACE,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6CAA6C;KAC3D;IACD;QACE,OAAO,EAAE,yCAAyC;QAClD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,sCAAsC;KACpD;IACD,iBAAiB;IACjB;QACE,OAAO,EAAE,2DAA2D;QACpE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,2CAA2C;KACzD;IACD;QACE,OAAO,EAAE,qDAAqD;QAC9D,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2CAA2C;KACzD;IACD,qBAAqB;IACrB;QACE,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,oCAAoC;KAClD;IACD,qBAAqB;IACrB;QACE,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mDAAmD;KACjE;IACD,kBAAkB;IAClB;QACE,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,uCAAuC;KACrD;IACD,kBAAkB;IAClB;QACE,OAAO,EAAE,uDAAuD;QAChE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,oCAAoC;KAClD;CACF,CAAA;AAED,mEAAmE;AACnE,SAAS,qBAAqB,CAAC,IAAY;IACzC,MAAM,YAAY,GAAG;QACnB,kBAAkB,EAAqB,cAAc;QACrD,kBAAkB,EAAqB,kBAAkB;QACzD,uBAAuB,EAAgB,uBAAuB;QAC9D,qBAAqB,EAAkB,gBAAgB;QACvD,kBAAkB,EAAqB,kBAAkB;QACzD,0BAA0B,EAAa,wBAAwB;QAC/D,mBAAmB,EAAoB,iBAAiB;QACxD,qBAAqB,EAAkB,kBAAkB;QACzD,yBAAyB,EAAc,oBAAoB;QAC3D,mBAAmB,EAAoB,WAAW;QAClD,gBAAgB,EAAuB,aAAa;QACpD,oBAAoB,EAAmB,kBAAkB;QACzD,eAAe,EAAwB,cAAc;QACrD,mBAAmB,EAAoB,mBAAmB;QAC1D,uBAAuB,EAAgB,uBAAuB;QAC9D,sBAAsB,EAAiB,sBAAsB;QAC7D,gBAAgB,EAAuB,4CAA4C;QACnF,MAAM,EAAiC,oCAAoC;QAC3E,MAAM,EAAiC,qBAAqB;QAC5D,iCAAiC,EAAM,kCAAkC;KAC1E,CAAA;IAED,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;AACzD,CAAC;AAED,6BAA6B;AAC7B,SAAS,SAAS,CAAC,IAAY;IAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;IAC3B,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3B,CAAA;AACH,CAAC;AAED,+CAA+C;AAC/C,SAAS,gBAAgB,CAAC,IAAY;IACpC,OAAO,CACL,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC;QACzC,yCAAyC,CAAC,IAAI,CAAC,IAAI,CAAC;QACpD,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAC1B,CAAA;AACH,CAAC;AAED,SAAgB,wBAAwB,CACtC,OAAe,EACf,QAAgB;IAEhB,MAAM,eAAe,GAAoB,EAAE,CAAA;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,gBAAgB;QAChB,IAAI,SAAS,CAAC,IAAI,CAAC;YAAE,OAAM;QAE3B,wBAAwB;QACxB,IAAI,gBAAgB,CAAC,IAAI,CAAC;YAAE,OAAM;QAElC,2CAA2C;QAC3C,IAAI,qBAAqB,CAAC,IAAI,CAAC;YAAE,OAAM;QAEvC,KAAK,MAAM,OAAO,IAAI,mCAA2B,EAAE,CAAC;YAClD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;YAEvE,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrB,sDAAsD;gBACtD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAA;gBAEzD,IAAI,UAAU,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC3C,oCAAoC;oBACpC,eAAe,CAAC,IAAI,CAAC;wBACnB,EAAE,EAAE,OAAO,QAAQ,IAAI,KAAK,GAAG,CAAC,EAAE;wBAClC,QAAQ;wBACR,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,WAAW,EAAE,IAAI,CAAC,IAAI,EAAE;wBACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,QAAQ,EAAE,oBAAoB;wBAC9B,KAAK,EAAE,yCAAyC;wBAChD,WAAW,EAAE,OAAO,CAAC,WAAW,GAAG,0EAA0E;wBAC7G,YAAY,EAAE,iFAAiF;wBAC/F,UAAU,EAAE,QAAQ;wBACpB,KAAK,EAAE,CAAC;qBACT,CAAC,CAAA;gBACJ,CAAC;gBACD,MAAK,CAAC,4BAA4B;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,eAAe,CAAA;AACxB,CAAC"}
+{"version":3,"file":"variables.js","sourceRoot":"","sources":["../../src/layer2/variables.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAqHH,4DAkDC;AApKD,8DAAiE;AAEjE,wCAAwC;AAC3B,QAAA,2BAA2B,GAA+B;IACrE,mBAAmB;IACnB;QACE,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,yCAAyC;KACvD;IACD;QACE,OAAO,EAAE,6EAA6E;QACtF,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gDAAgD;KAC9D;IACD,gBAAgB;IAChB;QACE,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6CAA6C;KAC3D;IACD;QACE,OAAO,EAAE,yCAAyC;QAClD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,sCAAsC;KACpD;IACD,iBAAiB;IACjB;QACE,OAAO,EAAE,2DAA2D;QACpE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,2CAA2C;KACzD;IACD;QACE,OAAO,EAAE,qDAAqD;QAC9D,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2CAA2C;KACzD;IACD,qBAAqB;IACrB;QACE,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,oCAAoC;KAClD;IACD,qBAAqB;IACrB;QACE,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mDAAmD;KACjE;IACD,kBAAkB;IAClB;QACE,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,uCAAuC;KACrD;IACD,kBAAkB;IAClB;QACE,OAAO,EAAE,uDAAuD;QAChE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,oCAAoC;KAClD;CACF,CAAA;AAED,mEAAmE;AACnE,SAAS,qBAAqB,CAAC,IAAY;IACzC,MAAM,YAAY,GAAG;QACnB,kBAAkB,EAAqB,cAAc;QACrD,kBAAkB,EAAqB,kBAAkB;QACzD,uBAAuB,EAAgB,uBAAuB;QAC9D,qBAAqB,EAAkB,gBAAgB;QACvD,kBAAkB,EAAqB,kBAAkB;QACzD,0BAA0B,EAAa,wBAAwB;QAC/D,mBAAmB,EAAoB,iBAAiB;QACxD,qBAAqB,EAAkB,kBAAkB;QACzD,yBAAyB,EAAc,oBAAoB;QAC3D,mBAAmB,EAAoB,WAAW;QAClD,gBAAgB,EAAuB,aAAa;QACpD,oBAAoB,EAAmB,kBAAkB;QACzD,eAAe,EAAwB,cAAc;QACrD,mBAAmB,EAAoB,mBAAmB;QAC1D,uBAAuB,EAAgB,uBAAuB;QAC9D,sBAAsB,EAAiB,sBAAsB;QAC7D,gBAAgB,EAAuB,4CAA4C;QACnF,MAAM,EAAiC,oCAAoC;QAC3E,MAAM,EAAiC,qBAAqB;QAC5D,iCAAiC,EAAM,kCAAkC;KAC1E,CAAA;IAED,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;AACzD,CAAC;AAED,6BAA6B;AAC7B,SAAS,SAAS,CAAC,IAAY;IAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;IAC3B,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3B,CAAA;AACH,CAAC;AAED,+CAA+C;AAC/C,SAAS,gBAAgB,CAAC,IAAY;IACpC,OAAO,CACL,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC;QACzC,yCAAyC,CAAC,IAAI,CAAC,IAAI,CAAC;QACpD,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAC1B,CAAA;AACH,CAAC;AAED,SAAgB,wBAAwB,CACtC,OAAe,EACf,QAAgB;IAEhB,MAAM,eAAe,GAAoB,EAAE,CAAA;IAE3C,qDAAqD;IACrD,IAAI,IAAA,wCAAsB,EAAC,QAAQ,CAAC;QAAE,OAAO,eAAe,CAAA;IAE5D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,gBAAgB;QAChB,IAAI,SAAS,CAAC,IAAI,CAAC;YAAE,OAAM;QAE3B,wBAAwB;QACxB,IAAI,gBAAgB,CAAC,IAAI,CAAC;YAAE,OAAM;QAElC,2CAA2C;QAC3C,IAAI,qBAAqB,CAAC,IAAI,CAAC;YAAE,OAAM;QAEvC,KAAK,MAAM,OAAO,IAAI,mCAA2B,EAAE,CAAC;YAClD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;YAEvE,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrB,sDAAsD;gBACtD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAA;gBAEzD,IAAI,UAAU,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC3C,oCAAoC;oBACpC,eAAe,CAAC,IAAI,CAAC;wBACnB,EAAE,EAAE,OAAO,QAAQ,IAAI,KAAK,GAAG,CAAC,EAAE;wBAClC,QAAQ;wBACR,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,WAAW,EAAE,IAAI,CAAC,IAAI,EAAE;wBACxB,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,QAAQ,EAAE,oBAAoB;wBAC9B,KAAK,EAAE,yCAAyC;wBAChD,WAAW,EAAE,OAAO,CAAC,WAAW,GAAG,0EAA0E;wBAC7G,YAAY,EAAE,iFAAiF;wBAC/F,UAAU,EAAE,QAAQ;wBACpB,KAAK,EAAE,CAAC;qBACT,CAAC,CAAA;gBACJ,CAAC;gBACD,MAAK,CAAC,4BAA4B;YACpC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,eAAe,CAAA;AACxB,CAAC"}

package/dist/layer3/anthropic/auto-dismiss.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Smart Auto-Dismiss Rules
+ *
+ * Instant filtering rules that don't require AI validation.
+ * These rules catch obvious false positives before sending to AI.
+ */
+import type { Vulnerability } from '../../types';
+/**
+ * Apply smart auto-dismiss rules to filter obvious false positives
+ * Returns findings that should be sent to AI validation
+ *
+ * @param findings - Array of vulnerabilities to filter
+ * @param mode - 'validation' applies all rules (for AI validation candidates),
+ *               'surface' excludes cost-saving rules (for direct-surface findings)
+ */
+export declare function applyAutoDismissRules(findings: Vulnerability[], mode?: 'validation' | 'surface'): {
+    toValidate: Vulnerability[];
+    dismissed: Array<{
+        finding: Vulnerability;
+        rule: string;
+        reason: string;
+    }>;
+};
+//# sourceMappingURL=auto-dismiss.d.ts.map

package/dist/layer3/anthropic/auto-dismiss.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auto-dismiss.d.ts","sourceRoot":"","sources":["../../../src/layer3/anthropic/auto-dismiss.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAA;AAgKhD;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,aAAa,EAAE,EACzB,IAAI,GAAE,YAAY,GAAG,SAAwB,GAC5C;IACD,UAAU,EAAE,aAAa,EAAE,CAAA;IAC3B,SAAS,EAAE,KAAK,CAAC;QAAE,OAAO,EAAE,aAAa,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAC3E,CA8BA"}