@panguard-ai/atr 1.4.3 → 1.5.1

package/dist/hook-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hook-handler.js","sourceRoot":"","sources":["../src/hook-handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAUhD,iDAAiD;AACjD,MAAM,kBAAkB,GAAG,KAAK,CAAC;AASjC;;GAEG;AACH,SAAS,WAAW,CAAC,MAAe;IAClC,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,QAAQ,EAAE,OAAyB;QACnC,MAAM,EAAE,MAAM,IAAI,qBAAqB;KACxC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,KAAgB;IACxC,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC;IAC9C,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,eAAe,CAAC;IAEvD,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,OAAO,SAAS,CAAC,SAAS,CAAC,KAAK,QAAQ;QACtD,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC;QACtB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAE9B,MAAM,MAAM,GAA2B;QACrC,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,EAAE;QAChC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;QACpC,OAAO;KACR,CAAC;IAEF,sDAAsD;IACtD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,UAAU,CAAC,CAAC;QAC5D,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,CAAC,eAAe,CAAC,GAAG,MAAM,CAAC;QACnC,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,IAAI;QACJ,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtD,OAAO;QACP,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;QAC7B,SAAS,EAAE,KAAK,CAAC,UAAU;KAC5B,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAmB,EACnB,EAAU;IAEV,OAAO,IAAI,OAAO,CAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,MAAM,CAAC,IAAI,KAAK,CAAC,8BAA8B,EAAE,IAAI,CAAC,CAAC,CAAC;QAC1D,CAAC,EAAE,EAAE,CAAC,CAAC;QAEP,OAAO,CAAC,IAAI,CACV,CAAC,KAAK,EAAE,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACnD,CAAC,GAAG,EAAE,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAC/C,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,OAAO,WAAW;IACL,MAAM,CAAY;IAClB,QAAQ,CAAiB;IACzB,SAAS,CAAS;IAClB,QAAQ,CAAU;IAEnC,YAAY,MAAyB;QACnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,kBAAkB,CAAC;QACxD,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC;IAC1C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,gBAAgB,CAAC,KAAgB;QACrC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACtC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAgB;QACtC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACtC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,cAAc;QAClB,MAAM,EAAE,GAAG,eAAe,CAAC;YACzB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;QAEH,IAAI,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,OAAO;gBAAE,SAAS;YAEvB,IAAI,MAAkB,CAAC;YAEvB,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAc,CAAC;gBAC/C,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACjC,CAAC;YAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,QAAQ,CAAC,KAAgB;QACrC,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,KAAK,YAAY;gBACf,OAAO,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACtC,KAAK,aAAa;gBAChB,OAAO,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YACvC;gBACE,OAAO,WAAW,CAAC,sBAAsB,MAAM,CAAE,KAA4C,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3G,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,kBAAkB,CAAC,KAAiB;QAChD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,WAAW,CACnC,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,EACrD,IAAI,CAAC,SAAS,CACf,CAAC;QAEF,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAE3D,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,QAAQ,EAAE,OAAO,CAAC,OAAO;YACzB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,OAAO,EAAE,OAAO,CAAC,OAAO,KAAK,MAAM;gBACjC,CAAC,CAAC,YAAY,OAAO,CAAC,MAAM,EAAE;gBAC9B,CAAC,CAAC,SAAS;YACb,aAAa,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC;gBACpC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC;gBAC7B,CAAC,CAAC,SAAS;SACd,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,GAAY;QAC9B,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,OAAO,IAAI,CAAC,CAAC;QAExD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,OAAO,WAAW,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,QAAQ,EAAE,MAAwB;YAClC,MAAM,EAAE,8BAA8B,OAAO,EAAE;SAChD,CAAC,CAAC;IACL,CAAC;CACF"}

package/dist/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * @panguard-ai/atr — Thin wrapper around agent-threat-rules npm package.
+ *
+ * All detection logic, rules, and types come from the upstream ATR project.
+ * This package exists only so monorepo consumers can import from '@panguard-ai/atr'.
+ */
+export * from 'agent-threat-rules';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,cAAc,oBAAoB,CAAC"}

package/{src/index.ts → dist/index.js}

@@ -5,3 +5,4 @@
  * This package exists only so monorepo consumers can import from '@panguard-ai/atr'.
  */
 export * from 'agent-threat-rules';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,cAAc,oBAAoB,CAAC"}

package/dist/layer-integration.d.ts

@@ -0,0 +1,55 @@
+/**
+ * Layer Integration Helpers
+ *
+ * Bridges the ATREngine (Layer 1 regex) with:
+ * - SkillFingerprintStore (Layer 2 behavioral fingerprinting)
+ * - SemanticModule (Layer 3 LLM-as-judge)
+ *
+ * Extracted from engine.ts to keep file sizes manageable.
+ *
+ * @module agent-threat-rules/layer-integration
+ */
+import type { AgentEvent, ATRMatch } from './types.js';
+import type { SkillFingerprintStore } from './skill-fingerprint.js';
+import type { SemanticModule, SemanticModuleConfig } from './modules/semantic.js';
+/** Configuration for Layer 3 semantic analysis */
+export interface SemanticLayerConfig {
+    /** OpenAI-compatible API key */
+    readonly apiKey: string;
+    /** API base URL (default: https://api.openai.com) */
+    readonly baseUrl?: string;
+    /** Model identifier (default: gpt-4o-mini) */
+    readonly model?: string;
+}
+/**
+ * Resolve the skill identifier from an agent event.
+ * Returns undefined if no skill identifier is present.
+ */
+export declare function resolveSkillId(event: AgentEvent): string | undefined;
+/**
+ * Run Layer 2 fingerprint analysis on an event.
+ * Returns additional ATRMatch entries for any detected anomalies.
+ */
+export declare function runFingerprintLayer(store: SkillFingerprintStore, event: AgentEvent, skillId: string): readonly ATRMatch[];
+/**
+ * Determine whether Layer 3 semantic analysis should run.
+ *
+ * Triggers when:
+ * - Any Layer 1/2 match has medium or higher severity
+ * - The event explicitly requests deep analysis via metadata
+ */
+export declare function shouldRunSemanticLayer(layer1Matches: readonly ATRMatch[], event: AgentEvent): boolean;
+/**
+ * Create a SemanticModule instance from simplified config.
+ * Returns undefined if the semantic module cannot be imported.
+ */
+export declare function createSemanticModuleFromConfig(config: SemanticLayerConfig): SemanticModuleConfig;
+/**
+ * Run Layer 3 semantic analysis and return upgraded/new matches.
+ *
+ * The semantic module is called with `analyze_threat` to get a threat score.
+ * If the score is >= 0.7, a synthetic high-severity match is produced.
+ * If the score is 0.4-0.7, existing matches may have confidence boosted.
+ */
+export declare function runSemanticLayer(semanticModule: SemanticModule, event: AgentEvent, existingMatches: readonly ATRMatch[]): Promise<readonly ATRMatch[]>;
+//# sourceMappingURL=layer-integration.d.ts.map

package/dist/layer-integration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"layer-integration.d.ts","sourceRoot":"","sources":["../src/layer-integration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAwB,MAAM,YAAY,CAAC;AAC7E,OAAO,KAAK,EAAE,qBAAqB,EAAmB,MAAM,wBAAwB,CAAC;AACrF,OAAO,KAAK,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAMlF,kDAAkD;AAClD,MAAM,WAAW,mBAAmB;IAClC,gCAAgC;IAChC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,qDAAqD;IACrD,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,8CAA8C;IAC9C,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB;AAcD;;;GAGG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,GAAG,SAAS,CAYpE;AA+BD;;;GAGG;AACH,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,qBAAqB,EAC5B,KAAK,EAAE,UAAU,EACjB,OAAO,EAAE,MAAM,GACd,SAAS,QAAQ,EAAE,CA2BrB;AAaD;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CACpC,aAAa,EAAE,SAAS,QAAQ,EAAE,EAClC,KAAK,EAAE,UAAU,GAChB,OAAO,CAcT;AAED;;;GAGG;AACH,wBAAgB,8BAA8B,CAC5C,MAAM,EAAE,mBAAmB,GAC1B,oBAAoB,CAMtB;AAED;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CACpC,cAAc,EAAE,cAAc,EAC9B,KAAK,EAAE,UAAU,EACjB,eAAe,EAAE,SAAS,QAAQ,EAAE,GACnC,OAAO,CAAC,SAAS,QAAQ,EAAE,CAAC,CAmD9B"}

package/dist/layer-integration.js

@@ -0,0 +1,187 @@
+/**
+ * Layer Integration Helpers
+ *
+ * Bridges the ATREngine (Layer 1 regex) with:
+ * - SkillFingerprintStore (Layer 2 behavioral fingerprinting)
+ * - SemanticModule (Layer 3 LLM-as-judge)
+ *
+ * Extracted from engine.ts to keep file sizes manageable.
+ *
+ * @module agent-threat-rules/layer-integration
+ */
+// ---------------------------------------------------------------------------
+// Layer 2: Skill Fingerprinting
+// ---------------------------------------------------------------------------
+/** Severity mapping for anomaly types */
+const ANOMALY_SEVERITY_MAP = {
+    critical: 'critical',
+    high: 'high',
+    medium: 'medium',
+    low: 'low',
+};
+/**
+ * Resolve the skill identifier from an agent event.
+ * Returns undefined if no skill identifier is present.
+ */
+export function resolveSkillId(event) {
+    const fromMetadata = event.metadata?.['skill_id'];
+    if (typeof fromMetadata === 'string' && fromMetadata.length > 0) {
+        return fromMetadata;
+    }
+    const fromFields = event.fields?.['tool_name'];
+    if (typeof fromFields === 'string' && fromFields.length > 0) {
+        return fromFields;
+    }
+    return undefined;
+}
+/**
+ * Create a synthetic ATRRule for a behavioral anomaly detected by Layer 2.
+ * These rules are not loaded from YAML -- they are generated at runtime.
+ */
+function buildAnomalyRule(anomaly) {
+    return {
+        title: `Skill Behavior Drift: ${anomaly.anomalyType}`,
+        id: `layer2-fingerprint-${anomaly.anomalyType}-${anomaly.skillName}`,
+        status: 'experimental',
+        description: anomaly.description,
+        author: 'atr-engine/layer2',
+        date: new Date(anomaly.timestamp).toISOString().slice(0, 10),
+        severity: ANOMALY_SEVERITY_MAP[anomaly.severity] ?? 'medium',
+        tags: {
+            category: 'skill-compromise',
+            subcategory: 'behavioral-drift',
+            confidence: anomaly.severity === 'critical' ? 'high' : 'medium',
+        },
+        agent_source: { type: 'skill_lifecycle' },
+        detection: {
+            conditions: [],
+            condition: 'layer2-runtime',
+        },
+        response: {
+            actions: anomaly.severity === 'critical' ? ['alert', 'block_tool'] : ['alert'],
+        },
+    };
+}
+/**
+ * Run Layer 2 fingerprint analysis on an event.
+ * Returns additional ATRMatch entries for any detected anomalies.
+ */
+export function runFingerprintLayer(store, event, skillId) {
+    const anomalies = store.recordInvocation(skillId, event);
+    if (anomalies.length === 0) {
+        return [];
+    }
+    const matches = [];
+    for (const anomaly of anomalies) {
+        const rule = buildAnomalyRule(anomaly);
+        const confidence = anomaly.severity === 'critical'
+            ? 0.95
+            : anomaly.severity === 'high'
+                ? 0.85
+                : 0.7;
+        matches.push({
+            rule,
+            matchedConditions: [anomaly.anomalyType],
+            matchedPatterns: [anomaly.newValue],
+            confidence,
+            timestamp: new Date(anomaly.timestamp).toISOString(),
+            scan_context: 'native',
+        });
+    }
+    return matches;
+}
+// ---------------------------------------------------------------------------
+// Layer 3: Semantic Analysis
+// ---------------------------------------------------------------------------
+/** Minimum severity rank that triggers Layer 3 analysis */
+const SEMANTIC_TRIGGER_SEVERITIES = new Set([
+    'medium',
+    'high',
+    'critical',
+]);
+/**
+ * Determine whether Layer 3 semantic analysis should run.
+ *
+ * Triggers when:
+ * - Any Layer 1/2 match has medium or higher severity
+ * - The event explicitly requests deep analysis via metadata
+ */
+export function shouldRunSemanticLayer(layer1Matches, event) {
+    // Explicit opt-in via metadata
+    if (event.metadata?.['force_semantic'] === true) {
+        return true;
+    }
+    // Check if any existing matches have medium+ severity
+    for (const match of layer1Matches) {
+        if (SEMANTIC_TRIGGER_SEVERITIES.has(match.rule.severity)) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Create a SemanticModule instance from simplified config.
+ * Returns undefined if the semantic module cannot be imported.
+ */
+export function createSemanticModuleFromConfig(config) {
+    return {
+        apiUrl: config.baseUrl ?? 'https://api.openai.com',
+        apiKey: config.apiKey,
+        model: config.model ?? 'gpt-4o-mini',
+    };
+}
+/**
+ * Run Layer 3 semantic analysis and return upgraded/new matches.
+ *
+ * The semantic module is called with `analyze_threat` to get a threat score.
+ * If the score is >= 0.7, a synthetic high-severity match is produced.
+ * If the score is 0.4-0.7, existing matches may have confidence boosted.
+ */
+export async function runSemanticLayer(semanticModule, event, existingMatches) {
+    const result = await semanticModule.evaluate(event, {
+        module: 'semantic',
+        function: 'analyze_threat',
+        args: { field: 'content' },
+        operator: 'gte',
+        threshold: 0.4,
+    });
+    if (!result.matched) {
+        return [];
+    }
+    const additionalMatches = [];
+    // High threat score: create a new synthetic match
+    if (result.value >= 0.7) {
+        const syntheticRule = {
+            title: 'Semantic Threat Detected (Layer 3)',
+            id: 'layer3-semantic-threat',
+            status: 'experimental',
+            description: result.description,
+            author: 'atr-engine/layer3',
+            date: new Date().toISOString().slice(0, 10),
+            severity: result.value >= 0.9 ? 'critical' : 'high',
+            tags: {
+                category: 'prompt-injection',
+                subcategory: 'semantic-detection',
+                confidence: 'high',
+            },
+            agent_source: { type: 'llm_io' },
+            detection: {
+                conditions: [],
+                condition: 'layer3-runtime',
+            },
+            response: {
+                actions: result.value >= 0.9 ? ['block_input', 'alert'] : ['alert'],
+            },
+        };
+        additionalMatches.push({
+            rule: syntheticRule,
+            matchedConditions: ['semantic_analysis'],
+            matchedPatterns: [`threat_score=${result.value.toFixed(2)}`],
+            confidence: result.value,
+            timestamp: new Date().toISOString(),
+            scan_context: 'native',
+        });
+    }
+    return additionalMatches;
+}
+//# sourceMappingURL=layer-integration.js.map

package/dist/layer-integration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"layer-integration.js","sourceRoot":"","sources":["../src/layer-integration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAoBH,8EAA8E;AAC9E,gCAAgC;AAChC,8EAA8E;AAE9E,yCAAyC;AACzC,MAAM,oBAAoB,GAA0C;IAClE,QAAQ,EAAE,UAAU;IACpB,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,QAAQ;IAChB,GAAG,EAAE,KAAK;CACX,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,KAAiB;IAC9C,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChE,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC;IAC/C,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,OAAwB;IAChD,OAAO;QACL,KAAK,EAAE,yBAAyB,OAAO,CAAC,WAAW,EAAE;QACrD,EAAE,EAAE,sBAAsB,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,SAAS,EAAE;QACpE,MAAM,EAAE,cAAc;QACtB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,MAAM,EAAE,mBAAmB;QAC3B,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAC5D,QAAQ,EAAE,oBAAoB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ;QAC5D,IAAI,EAAE;YACJ,QAAQ,EAAE,kBAAkB;YAC5B,WAAW,EAAE,kBAAkB;YAC/B,UAAU,EAAE,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;SAChE;QACD,YAAY,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE;QACzC,SAAS,EAAE;YACT,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,gBAAgB;SAC5B;QACD,QAAQ,EAAE;YACR,OAAO,EAAE,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;SAC/E;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,KAA4B,EAC5B,KAAiB,EACjB,OAAe;IAEf,MAAM,SAAS,GAAG,KAAK,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAEzD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,OAAO,GAAe,EAAE,CAAC;IAC/B,KAAK,MAAM,OAAO,IAAI,SAAS,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,KAAK,UAAU;YAChD,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,MAAM;gBAC3B,CAAC,CAAC,IAAI;gBACN,CAAC,CAAC,GAAG,CAAC;QAEV,OAAO,CAAC,IAAI,CAAC;YACX,IAAI;YACJ,iBAAiB,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC;YACxC,eAAe,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC;YACnC,UAAU;YACV,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;YACpD,YAAY,EAAE,QAAiB;SAChC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,8EAA8E;AAC9E,6BAA6B;AAC7B,8EAA8E;AAE9E,2DAA2D;AAC3D,MAAM,2BAA2B,GAA6B,IAAI,GAAG,CAAC;IACpE,QAAQ;IACR,MAAM;IACN,UAAU;CACX,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,aAAkC,EAClC,KAAiB;IAEjB,+BAA+B;IAC/B,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,gBAAgB,CAAC,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sDAAsD;IACtD,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;QAClC,IAAI,2BAA2B,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAC5C,MAA2B;IAE3B,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,OAAO,IAAI,wBAAwB;QAClD,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,aAAa;KACrC,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,cAA8B,EAC9B,KAAiB,EACjB,eAAoC;IAEpC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,QAAQ,CAAC,KAAK,EAAE;QAClD,MAAM,EAAE,UAAU;QAClB,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1B,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,GAAG;KACf,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,iBAAiB,GAAe,EAAE,CAAC;IAEzC,kDAAkD;IAClD,IAAI,MAAM,CAAC,KAAK,IAAI,GAAG,EAAE,CAAC;QACxB,MAAM,aAAa,GAAY;YAC7B,KAAK,EAAE,oCAAoC;YAC3C,EAAE,EAAE,wBAAwB;YAC5B,MAAM,EAAE,cAAc;YACtB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,MAAM,EAAE,mBAAmB;YAC3B,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC3C,QAAQ,EAAE,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;YACnD,IAAI,EAAE;gBACJ,QAAQ,EAAE,kBAAkB;gBAC5B,WAAW,EAAE,oBAAoB;gBACjC,UAAU,EAAE,MAAM;aACnB;YACD,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YAChC,SAAS,EAAE;gBACT,UAAU,EAAE,EAAE;gBACd,SAAS,EAAE,gBAAgB;aAC5B;YACD,QAAQ,EAAE;gBACR,OAAO,EAAE,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;aACpE;SACF,CAAC;QAEF,iBAAiB,CAAC,IAAI,CAAC;YACrB,IAAI,EAAE,aAAa;YACnB,iBAAiB,EAAE,CAAC,mBAAmB,CAAC;YACxC,eAAe,EAAE,CAAC,gBAAgB,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5D,UAAU,EAAE,MAAM,CAAC,KAAK;YACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,YAAY,EAAE,QAAiB;SAChC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,iBAAiB,CAAC;AAC3B,CAAC"}

package/dist/loader.d.ts

@@ -0,0 +1,18 @@
+/**
+ * ATR Rule Loader - Reads and parses ATR YAML rule files
+ * @module agent-threat-rules/loader
+ */
+import type { ATRRule } from './types.js';
+export declare function loadRuleFile(filePath: string): ATRRule;
+/**
+ * Recursively load all ATR YAML rules from a directory.
+ */
+export declare function loadRulesFromDirectory(dirPath: string): ATRRule[];
+/**
+ * Validate that a parsed object conforms to the ATR rule schema (basic checks).
+ */
+export declare function validateRule(rule: unknown): {
+    valid: boolean;
+    errors: string[];
+};
+//# sourceMappingURL=loader.d.ts.map

package/dist/loader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"loader.d.ts","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAO1C,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAatD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,EAAE,CAoBjE;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,OAAO,GAAG;IAAE,KAAK,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAwFhF"}

package/dist/loader.js

@@ -0,0 +1,129 @@
+/**
+ * ATR Rule Loader - Reads and parses ATR YAML rule files
+ * @module agent-threat-rules/loader
+ */
+import { readFileSync, readdirSync, statSync } from 'node:fs';
+import { join, extname } from 'node:path';
+import yaml from 'js-yaml';
+/**
+ * Load a single ATR rule from a YAML file.
+ */
+const MAX_RULE_SIZE = 1_000_000; // 1MB
+export function loadRuleFile(filePath) {
+    const stat = statSync(filePath);
+    if (stat.size > MAX_RULE_SIZE) {
+        throw new Error(`Rule file ${filePath} exceeds 1MB size limit (${stat.size} bytes)`);
+    }
+    const content = readFileSync(filePath, 'utf-8');
+    const parsed = yaml.load(content);
+    if (!parsed.id || !parsed.title || !parsed.detection) {
+        throw new Error(`Invalid ATR rule in ${filePath}: missing required fields (id, title, detection)`);
+    }
+    return parsed;
+}
+/**
+ * Recursively load all ATR YAML rules from a directory.
+ */
+export function loadRulesFromDirectory(dirPath) {
+    const rules = [];
+    const entries = readdirSync(dirPath);
+    for (const entry of entries) {
+        const fullPath = join(dirPath, entry);
+        const stat = statSync(fullPath);
+        if (stat.isDirectory()) {
+            rules.push(...loadRulesFromDirectory(fullPath));
+        }
+        else if (stat.isFile() && (extname(entry) === '.yaml' || extname(entry) === '.yml')) {
+            try {
+                rules.push(loadRuleFile(fullPath));
+            }
+            catch (err) {
+                console.warn(`[ATR] Failed to load rule file ${fullPath}: ${err instanceof Error ? err.message : String(err)}`);
+            }
+        }
+    }
+    return rules;
+}
+/**
+ * Validate that a parsed object conforms to the ATR rule schema (basic checks).
+ */
+export function validateRule(rule) {
+    const errors = [];
+    const r = rule;
+    // Required fields
+    const required = ['title', 'id', 'status', 'description', 'author', 'date', 'severity', 'tags', 'agent_source', 'detection', 'response'];
+    for (const field of required) {
+        if (!r[field]) {
+            errors.push(`Missing required field: ${field}`);
+        }
+    }
+    // ID format
+    if (typeof r['id'] === 'string' && !/^ATR-\d{4}-\d{5}$/.test(r['id'])) {
+        errors.push(`Invalid id format: ${r['id']} (expected ATR-YYYY-NNNNN)`);
+    }
+    // Status enum
+    const validStatuses = ['draft', 'experimental', 'stable', 'deprecated'];
+    if (typeof r['status'] === 'string' && !validStatuses.includes(r['status'])) {
+        errors.push(`Invalid status: ${r['status']}`);
+    }
+    // Severity enum
+    const validSeverities = ['critical', 'high', 'medium', 'low', 'informational'];
+    if (typeof r['severity'] === 'string' && !validSeverities.includes(r['severity'])) {
+        errors.push(`Invalid severity: ${r['severity']}`);
+    }
+    // Tags category
+    const tags = r['tags'];
+    if (tags) {
+        const validCategories = [
+            'prompt-injection', 'tool-poisoning', 'context-exfiltration',
+            'agent-manipulation', 'privilege-escalation', 'excessive-autonomy',
+            'data-poisoning', 'model-abuse', 'skill-compromise',
+        ];
+        if (typeof tags['category'] === 'string' && !validCategories.includes(tags['category'])) {
+            errors.push(`Invalid tags.category: ${tags['category']}`);
+        }
+    }
+    // Agent source type
+    const agentSource = r['agent_source'];
+    if (agentSource) {
+        const validTypes = [
+            'llm_io', 'tool_call', 'mcp_exchange', 'agent_behavior',
+            'multi_agent_comm', 'context_window', 'memory_access',
+            'skill_lifecycle', 'skill_permission', 'skill_chain',
+        ];
+        if (typeof agentSource['type'] === 'string' && !validTypes.includes(agentSource['type'])) {
+            errors.push(`Invalid agent_source.type: ${agentSource['type']}`);
+        }
+    }
+    // Detection must have conditions and condition
+    const detection = r['detection'];
+    if (detection) {
+        if (!detection['conditions']) {
+            errors.push('Missing detection.conditions');
+        }
+        if (!detection['condition']) {
+            errors.push('Missing detection.condition');
+        }
+    }
+    // Response must have actions
+    const response = r['response'];
+    if (response) {
+        if (!Array.isArray(response['actions']) || response['actions'].length === 0) {
+            errors.push('Missing or empty response.actions');
+        }
+    }
+    // Test cases validation
+    const testCases = r['test_cases'];
+    if (testCases) {
+        const tp = testCases['true_positives'];
+        const tn = testCases['true_negatives'];
+        if (!Array.isArray(tp) || tp.length === 0) {
+            errors.push('test_cases.true_positives must have at least one entry');
+        }
+        if (!Array.isArray(tn) || tn.length === 0) {
+            errors.push('test_cases.true_negatives must have at least one entry');
+        }
+    }
+    return { valid: errors.length === 0, errors };
+}
+//# sourceMappingURL=loader.js.map

package/dist/loader.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"loader.js","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,IAAI,MAAM,SAAS,CAAC;AAG3B;;GAEG;AACH,MAAM,aAAa,GAAG,SAAS,CAAC,CAAC,MAAM;AAEvC,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChC,IAAI,IAAI,CAAC,IAAI,GAAG,aAAa,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,aAAa,QAAQ,4BAA4B,IAAI,CAAC,IAAI,SAAS,CAAC,CAAC;IACvF,CAAC;IACD,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAY,CAAC;IAE7C,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,kDAAkD,CAAC,CAAC;IACrG,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAc,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;IAE1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;IACzI,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACzE,CAAC;IAED,cAAc;IACd,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACxE,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;IAC/E,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAwC,CAAC;IAC9D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,eAAe,GAAG;YACtB,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;YAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;YAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;SACpD,CAAC;QACF,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACxF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,CAAC,cAAc,CAAwC,CAAC;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB;YACvD,kBAAkB,EAAE,gBAAgB,EAAE,eAAe;YACrD,iBAAiB,EAAE,kBAAkB,EAAE,aAAa;SACrD,CAAC;QACF,IAAI,OAAO,WAAW,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzF,MAAM,CAAC,IAAI,CAAC,8BAA8B,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAwC,CAAC;IACxE,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAwC,CAAC;IACtE,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,CAAC,CAAC,YAAY,CAAwC,CAAC;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}

package/dist/mcp-server.d.ts

@@ -0,0 +1,13 @@
+#!/usr/bin/env node
+/**
+ * ATR MCP Server - Model Context Protocol server for Agent Threat Rules
+ *
+ * Exposes ATR functionality as MCP tools for AI agents and IDEs.
+ * Start with: atr mcp (stdio transport)
+ *
+ * @module agent-threat-rules/mcp-server
+ */
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+export declare function createMCPServer(): Promise<Server>;
+export declare function startMCPServer(): Promise<void>;
+//# sourceMappingURL=mcp-server.d.ts.map

package/dist/mcp-server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-server.d.ts","sourceRoot":"","sources":["../src/mcp-server.ts"],"names":[],"mappings":";AACA;;;;;;;GAOG;AAIH,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AA+LnE,wBAAsB,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC,CAuDvD;AAED,wBAAsB,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,CAIpD"}