@panguard-ai/atr 1.4.3 → 1.5.1

package/dist/mcp-server.js

@@ -0,0 +1,246 @@
+#!/usr/bin/env node
+/**
+ * ATR MCP Server - Model Context Protocol server for Agent Threat Rules
+ *
+ * Exposes ATR functionality as MCP tools for AI agents and IDEs.
+ * Start with: atr mcp (stdio transport)
+ *
+ * @module agent-threat-rules/mcp-server
+ */
+import { resolve, dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { ListToolsRequestSchema, CallToolRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
+import { ATREngine } from './engine.js';
+import { handleScan } from './mcp-tools/scan.js';
+import { handleScanSkill } from './mcp-tools/scan-skill.js';
+import { handleListRules } from './mcp-tools/list-rules.js';
+import { handleValidate } from './mcp-tools/validate.js';
+import { handleSubmitProposal } from './mcp-tools/submit-proposal.js';
+import { handleCoverageGaps } from './mcp-tools/coverage-gaps.js';
+import { handleThreatSummary } from './mcp-tools/threat-summary.js';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const RULES_DIR = resolve(__dirname, '..', 'rules');
+const TOOLS = [
+    {
+        name: 'atr_scan',
+        description: 'Scan text content for AI agent security threats using ATR detection rules. Returns matched rules with severity, confidence, and recommended actions.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                content: {
+                    type: 'string',
+                    description: 'The text content to scan for threats (prompt, tool response, agent output, etc.)',
+                },
+                event_type: {
+                    type: 'string',
+                    enum: ['llm_input', 'llm_output', 'tool_call', 'tool_response', 'agent_behavior', 'multi_agent_message'],
+                    description: 'Type of agent event being scanned. Defaults to "llm_input".',
+                },
+                min_severity: {
+                    type: 'string',
+                    enum: ['informational', 'low', 'medium', 'high', 'critical'],
+                    description: 'Minimum severity level to include in results. Defaults to "informational".',
+                },
+            },
+            required: ['content'],
+        },
+    },
+    {
+        name: 'atr_scan_skill',
+        description: 'Scan SKILL.md file content for AI agent security threats. Uses skill-specific ATR rules to avoid false positives from MCP-oriented rules. Returns matches with severity, content_hash for deduplication, and recommended actions.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                content: {
+                    type: 'string',
+                    description: 'The SKILL.md file content to scan for threats.',
+                },
+                file_name: {
+                    type: 'string',
+                    description: 'Optional file name for the SKILL.md being scanned.',
+                },
+                min_severity: {
+                    type: 'string',
+                    enum: ['informational', 'low', 'medium', 'high', 'critical'],
+                    description: 'Minimum severity level to include in results. Defaults to "medium".',
+                },
+            },
+            required: ['content'],
+        },
+    },
+    {
+        name: 'atr_list_rules',
+        description: 'List and filter available ATR detection rules. Search by category, severity, or keyword.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                category: {
+                    type: 'string',
+                    enum: [
+                        'prompt-injection', 'tool-poisoning', 'context-exfiltration',
+                        'agent-manipulation', 'privilege-escalation', 'excessive-autonomy',
+                        'data-poisoning', 'model-abuse', 'skill-compromise',
+                    ],
+                    description: 'Filter rules by threat category.',
+                },
+                severity: {
+                    type: 'string',
+                    enum: ['informational', 'low', 'medium', 'high', 'critical'],
+                    description: 'Filter rules by severity level.',
+                },
+                search: {
+                    type: 'string',
+                    description: 'Search rules by keyword in title, description, or ID.',
+                },
+            },
+        },
+    },
+    {
+        name: 'atr_validate_rule',
+        description: 'Validate an ATR rule written in YAML format. Checks required fields, enum values, and structural correctness.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                yaml_content: {
+                    type: 'string',
+                    description: 'The ATR rule YAML content to validate.',
+                },
+            },
+            required: ['yaml_content'],
+        },
+    },
+    {
+        name: 'atr_submit_proposal',
+        description: 'Generate a draft ATR rule from a threat description. Produces YAML with detection patterns derived from example payloads.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                title: {
+                    type: 'string',
+                    description: 'Title for the new rule (e.g., "Multi-turn Context Hijacking").',
+                },
+                category: {
+                    type: 'string',
+                    enum: [
+                        'prompt-injection', 'tool-poisoning', 'context-exfiltration',
+                        'agent-manipulation', 'privilege-escalation', 'excessive-autonomy',
+                        'data-poisoning', 'model-abuse', 'skill-compromise',
+                    ],
+                    description: 'Threat category for the rule.',
+                },
+                attack_description: {
+                    type: 'string',
+                    description: 'Detailed description of the attack this rule detects.',
+                },
+                example_payloads: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'Example attack payloads to generate detection patterns from.',
+                },
+                severity: {
+                    type: 'string',
+                    enum: ['informational', 'low', 'medium', 'high', 'critical'],
+                    description: 'Severity level. Defaults to "medium".',
+                },
+                mitre_refs: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'Optional MITRE ATLAS reference IDs (e.g., "AML.T0051").',
+                },
+            },
+            required: ['title', 'category', 'attack_description', 'example_payloads'],
+        },
+    },
+    {
+        name: 'atr_coverage_gaps',
+        description: 'Analyze ATR rule coverage against security frameworks (OWASP Agentic AI, MITRE ATLAS). Identifies uncovered threat categories.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                framework: {
+                    type: 'string',
+                    enum: ['owasp_agentic', 'mitre_atlas', 'all'],
+                    description: 'Security framework to analyze against. Defaults to "all".',
+                },
+            },
+        },
+    },
+    {
+        name: 'atr_threat_summary',
+        description: 'Get aggregated statistics about loaded ATR rules. Shows distribution by category, severity, status, and test coverage.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                category: {
+                    type: 'string',
+                    enum: [
+                        'prompt-injection', 'tool-poisoning', 'context-exfiltration',
+                        'agent-manipulation', 'privilege-escalation', 'excessive-autonomy',
+                        'data-poisoning', 'model-abuse', 'skill-compromise',
+                    ],
+                    description: 'Optional: filter statistics to a single threat category.',
+                },
+            },
+        },
+    },
+];
+export async function createMCPServer() {
+    const engine = new ATREngine({ rulesDir: RULES_DIR });
+    const ruleCount = await engine.loadRules();
+    const server = new Server({
+        name: 'atr-mcp-server',
+        version: '0.2.1',
+    }, {
+        capabilities: {
+            tools: {},
+        },
+    });
+    server.setRequestHandler(ListToolsRequestSchema, async () => ({
+        tools: TOOLS,
+    }));
+    server.setRequestHandler(CallToolRequestSchema, async (request) => {
+        const { name, arguments: args } = request.params;
+        const toolArgs = (args ?? {});
+        switch (name) {
+            case 'atr_scan':
+                return await handleScan(engine, toolArgs);
+            case 'atr_scan_skill':
+                return await handleScanSkill(engine, toolArgs);
+            case 'atr_list_rules':
+                return handleListRules(engine, toolArgs);
+            case 'atr_validate_rule':
+                return handleValidate(toolArgs);
+            case 'atr_submit_proposal':
+                return handleSubmitProposal(toolArgs);
+            case 'atr_coverage_gaps':
+                return handleCoverageGaps(engine, toolArgs);
+            case 'atr_threat_summary':
+                return handleThreatSummary(engine, toolArgs);
+            default:
+                return {
+                    content: [{ type: 'text', text: `Error: Unknown tool "${name}".` }],
+                    isError: true,
+                };
+        }
+    });
+    return server;
+}
+export async function startMCPServer() {
+    const server = await createMCPServer();
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+}
+// Auto-start when run directly
+const isDirectExecution = process.argv[1] &&
+    (process.argv[1].endsWith('mcp-server.js') ||
+        process.argv[1].endsWith('mcp-server.ts'));
+if (isDirectExecution) {
+    startMCPServer().catch((err) => {
+        process.stderr.write(`ATR MCP Server error: ${err instanceof Error ? err.message : String(err)}\n`);
+        process.exit(1);
+    });
+}
+//# sourceMappingURL=mcp-server.js.map

package/dist/mcp-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-server.js","sourceRoot":"","sources":["../src/mcp-server.ts"],"names":[],"mappings":";AACA;;;;;;;GAOG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;AAEpD,MAAM,KAAK,GAAG;IACZ;QACE,IAAI,EAAE,UAAU;QAChB,WAAW,EACT,sJAAsJ;QACxJ,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,kFAAkF;iBAChG;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,CAAC;oBACxG,WAAW,EAAE,6DAA6D;iBAC3E;gBACD,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,4EAA4E;iBAC1F;aACF;YACD,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EACT,mOAAmO;QACrO,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,gDAAgD;iBAC9D;gBACD,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,oDAAoD;iBAClE;gBACD,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,qEAAqE;iBACnF;aACF;YACD,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EACT,0FAA0F;QAC5F,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,kCAAkC;iBAChD;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,iCAAiC;iBAC/C;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,+GAA+G;QACjH,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,wCAAwC;iBACtD;aACF;YACD,QAAQ,EAAE,CAAC,cAAc,CAAC;SAC3B;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EACT,2HAA2H;QAC7H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,gEAAgE;iBAC9E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,+BAA+B;iBAC7C;gBACD,kBAAkB,EAAE;oBAClB,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;gBACD,gBAAgB,EAAE;oBAChB,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,8DAA8D;iBAC5E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,uCAAuC;iBACrD;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,yDAAyD;iBACvE;aACF;YACD,QAAQ,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,kBAAkB,CAAC;SAC1E;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,gIAAgI;QAClI,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,CAAC;oBAC7C,WAAW,EAAE,2DAA2D;iBACzE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EACT,wHAAwH;QAC1H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,0DAA0D;iBACxE;aACF;SACF;KACF;CACF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;IAE3C,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;KACjB,EACD;QACE,YAAY,EAAE;YACZ,KAAK,EAAE,EAAE;SACV;KACF,CACF,CAAC;IAEF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QAC5D,KAAK,EAAE,KAAK;KACb,CAAC,CAAC,CAAC;IAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QACjD,MAAM,QAAQ,GAAG,CAAC,IAAI,IAAI,EAAE,CAA4B,CAAC;QAEzD,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,UAAU;gBACb,OAAO,MAAM,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE5C,KAAK,gBAAgB;gBACnB,OAAO,MAAM,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAEjD,KAAK,gBAAgB;gBACnB,OAAO,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE3C,KAAK,mBAAmB;gBACtB,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC;YAElC,KAAK,qBAAqB;gBACxB,OAAO,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YAExC,KAAK,mBAAmB;gBACtB,OAAO,kBAAkB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE9C,KAAK,oBAAoB;gBACvB,OAAO,mBAAmB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE/C;gBACE,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,IAAI,IAAI,EAAE,CAAC;oBACnE,OAAO,EAAE,IAAI;iBACd,CAAC;QACN,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,+BAA+B;AAC/B,MAAM,iBAAiB,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IACf,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;QACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;AAE9C,IAAI,iBAAiB,EAAE,CAAC;IACtB,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/mcp-tools/coverage-gaps.d.ts

@@ -0,0 +1,13 @@
+/**
+ * atr_coverage_gaps MCP tool - Analyze coverage gaps against security frameworks
+ * @module agent-threat-rules/mcp-tools/coverage-gaps
+ */
+import type { ATREngine } from '../engine.js';
+export declare function handleCoverageGaps(engine: ATREngine, args: Record<string, unknown>): {
+    content: Array<{
+        type: string;
+        text: string;
+    }>;
+    isError?: boolean;
+};
+//# sourceMappingURL=coverage-gaps.d.ts.map

package/dist/mcp-tools/coverage-gaps.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"coverage-gaps.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/coverage-gaps.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG;IACpF,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAkDA"}

package/dist/mcp-tools/coverage-gaps.js

@@ -0,0 +1,55 @@
+/**
+ * atr_coverage_gaps MCP tool - Analyze coverage gaps against security frameworks
+ * @module agent-threat-rules/mcp-tools/coverage-gaps
+ */
+import { CoverageAnalyzer } from '../coverage-analyzer.js';
+export function handleCoverageGaps(engine, args) {
+    const framework = (args['framework'] ?? 'all').toLowerCase();
+    const validFrameworks = ['owasp_agentic', 'mitre_atlas', 'all'];
+    if (!validFrameworks.includes(framework)) {
+        return {
+            content: [{ type: 'text', text: `Error: "framework" must be one of: ${validFrameworks.join(', ')}` }],
+            isError: true,
+        };
+    }
+    const analyzer = new CoverageAnalyzer(engine.getRules());
+    const report = analyzer.analyze();
+    // Filter gaps by requested framework
+    const filteredGaps = framework === 'all'
+        ? report.gaps
+        : report.gaps.filter((g) => {
+            if (framework === 'owasp_agentic')
+                return g.framework === 'OWASP Agentic Top 10';
+            if (framework === 'mitre_atlas')
+                return g.framework === 'MITRE ATLAS';
+            return true;
+        });
+    const filteredSuggestions = framework === 'all'
+        ? report.suggestions
+        : report.suggestions.filter((s) => {
+            if (framework === 'owasp_agentic')
+                return s.includes('OWASP') || s.includes('ASI');
+            if (framework === 'mitre_atlas')
+                return s.includes('MITRE') || s.includes('AML');
+            return true;
+        });
+    const result = {
+        analysis_timestamp: new Date().toISOString(),
+        total_rules_loaded: engine.getRuleCount(),
+        total_active_rules: report.totalRules,
+        framework_filter: framework,
+        gaps: filteredGaps.map((g) => ({
+            framework: g.framework,
+            risk_id: g.riskId,
+            risk_name: g.riskName,
+            current_rule_count: g.currentRuleCount,
+            recommended_min: g.recommendedMin,
+        })),
+        category_distribution: report.categoryDistribution,
+        suggestions: filteredSuggestions,
+    };
+    return {
+        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+    };
+}
+//# sourceMappingURL=coverage-gaps.js.map

package/dist/mcp-tools/coverage-gaps.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"coverage-gaps.js","sourceRoot":"","sources":["../../src/mcp-tools/coverage-gaps.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAI3D,MAAM,UAAU,kBAAkB,CAAC,MAAiB,EAAE,IAA6B;IAIjF,MAAM,SAAS,GAAG,CAAE,IAAI,CAAC,WAAW,CAAY,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IAEzE,MAAM,eAAe,GAAG,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;IAChE,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACzC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,sCAAsC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACrG,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IACzD,MAAM,MAAM,GAAmB,QAAQ,CAAC,OAAO,EAAE,CAAC;IAElD,qCAAqC;IACrC,MAAM,YAAY,GAAG,SAAS,KAAK,KAAK;QACtC,CAAC,CAAC,MAAM,CAAC,IAAI;QACb,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACvB,IAAI,SAAS,KAAK,eAAe;gBAAE,OAAO,CAAC,CAAC,SAAS,KAAK,sBAAsB,CAAC;YACjF,IAAI,SAAS,KAAK,aAAa;gBAAE,OAAO,CAAC,CAAC,SAAS,KAAK,aAAa,CAAC;YACtE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IAEP,MAAM,mBAAmB,GAAG,SAAS,KAAK,KAAK;QAC7C,CAAC,CAAC,MAAM,CAAC,WAAW;QACpB,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YAC9B,IAAI,SAAS,KAAK,eAAe;gBAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACnF,IAAI,SAAS,KAAK,aAAa;gBAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IAEP,MAAM,MAAM,GAAG;QACb,kBAAkB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5C,kBAAkB,EAAE,MAAM,CAAC,YAAY,EAAE;QACzC,kBAAkB,EAAE,MAAM,CAAC,UAAU;QACrC,gBAAgB,EAAE,SAAS;QAC3B,IAAI,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7B,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,OAAO,EAAE,CAAC,CAAC,MAAM;YACjB,SAAS,EAAE,CAAC,CAAC,QAAQ;YACrB,kBAAkB,EAAE,CAAC,CAAC,gBAAgB;YACtC,eAAe,EAAE,CAAC,CAAC,cAAc;SAClC,CAAC,CAAC;QACH,qBAAqB,EAAE,MAAM,CAAC,oBAAoB;QAClD,WAAW,EAAE,mBAAmB;KACjC,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC"}

package/dist/mcp-tools/list-rules.d.ts

@@ -0,0 +1,17 @@
+/**
+ * atr_list_rules MCP tool - List and filter ATR rules
+ * @module agent-threat-rules/mcp-tools/list-rules
+ */
+import type { ATREngine } from '../engine.js';
+export interface ListRulesInput {
+    category?: string;
+    severity?: string;
+    search?: string;
+}
+export declare function handleListRules(engine: ATREngine, args: Record<string, unknown>): {
+    content: Array<{
+        type: string;
+        text: string;
+    }>;
+};
+//# sourceMappingURL=list-rules.d.ts.map

package/dist/mcp-tools/list-rules.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-rules.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/list-rules.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG;IACjF,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAChD,CAgDA"}

package/dist/mcp-tools/list-rules.js

@@ -0,0 +1,45 @@
+/**
+ * atr_list_rules MCP tool - List and filter ATR rules
+ * @module agent-threat-rules/mcp-tools/list-rules
+ */
+export function handleListRules(engine, args) {
+    const category = args['category'];
+    const severity = args['severity'];
+    const search = args['search'];
+    let rules = [...engine.getRules()];
+    if (category) {
+        rules = rules.filter((r) => r.tags.category === category);
+    }
+    if (severity) {
+        rules = rules.filter((r) => r.severity === severity.toLowerCase());
+    }
+    if (search) {
+        const term = search.toLowerCase();
+        rules = rules.filter((r) => r.title.toLowerCase().includes(term) ||
+            r.description.toLowerCase().includes(term) ||
+            r.id.toLowerCase().includes(term) ||
+            r.tags.category.toLowerCase().includes(term));
+    }
+    const result = {
+        total: rules.length,
+        filters_applied: {
+            ...(category ? { category } : {}),
+            ...(severity ? { severity } : {}),
+            ...(search ? { search } : {}),
+        },
+        rules: rules.map((r) => ({
+            id: r.id,
+            title: r.title,
+            severity: r.severity,
+            status: r.status,
+            category: r.tags.category,
+            source_type: r.agent_source.type,
+            description: r.description,
+            actions: r.response.actions,
+        })),
+    };
+    return {
+        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+    };
+}
+//# sourceMappingURL=list-rules.js.map

package/dist/mcp-tools/list-rules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-rules.js","sourceRoot":"","sources":["../../src/mcp-tools/list-rules.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAUH,MAAM,UAAU,eAAe,CAAC,MAAiB,EAAE,IAA6B;IAG9E,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAuB,CAAC;IACxD,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAuB,CAAC;IACxD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAuB,CAAC;IAEpD,IAAI,KAAK,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEnC,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QAClC,KAAK,GAAG,KAAK,CAAC,MAAM,CAClB,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC;YACpC,CAAC,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC1C,CAAC,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC;YACjC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAC/C,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG;QACb,KAAK,EAAE,KAAK,CAAC,MAAM;QACnB,eAAe,EAAE;YACf,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9B;QACD,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvB,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;YACzB,WAAW,EAAE,CAAC,CAAC,YAAY,CAAC,IAAI;YAChC,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,OAAO;SAC5B,CAAC,CAAC;KACJ,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC"}

package/dist/mcp-tools/scan-skill.d.ts

@@ -0,0 +1,17 @@
+/**
+ * atr_scan_skill MCP tool - Scan SKILL.md content for threats
+ *
+ * Uses scanSkillFull() which only runs skill-targeted rules (scan_target: skill)
+ * to avoid false positives from MCP-oriented rules.
+ *
+ * @module agent-threat-rules/mcp-tools/scan-skill
+ */
+import type { ATREngine } from '../engine.js';
+export declare function handleScanSkill(engine: ATREngine, args: Record<string, unknown>): Promise<{
+    content: Array<{
+        type: string;
+        text: string;
+    }>;
+    isError?: boolean;
+}>;
+//# sourceMappingURL=scan-skill.d.ts.map

package/dist/mcp-tools/scan-skill.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-skill.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/scan-skill.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAU9C,wBAAsB,eAAe,CACnC,MAAM,EAAE,SAAS,EACjB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,OAAO,CAAC;IACT,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC,CAyDD"}

package/dist/mcp-tools/scan-skill.js

@@ -0,0 +1,65 @@
+/**
+ * atr_scan_skill MCP tool - Scan SKILL.md content for threats
+ *
+ * Uses scanSkillFull() which only runs skill-targeted rules (scan_target: skill)
+ * to avoid false positives from MCP-oriented rules.
+ *
+ * @module agent-threat-rules/mcp-tools/scan-skill
+ */
+const SEVERITY_ORDER = {
+    informational: 0,
+    low: 1,
+    medium: 2,
+    high: 3,
+    critical: 4,
+};
+export async function handleScanSkill(engine, args) {
+    const MAX_CONTENT_LENGTH = 1_000_000; // 1MB for SKILL.md files
+    const content = args['content'];
+    if (typeof content !== 'string' || content.trim().length === 0) {
+        return {
+            content: [{ type: 'text', text: 'Error: "content" is required and must be a non-empty string.' }],
+            isError: true,
+        };
+    }
+    if (content.length > MAX_CONTENT_LENGTH) {
+        return {
+            content: [{ type: 'text', text: `Error: content exceeds maximum size of ${MAX_CONTENT_LENGTH} characters.` }],
+            isError: true,
+        };
+    }
+    const minSeverity = (args['min_severity'] ?? 'medium').toLowerCase();
+    if (!(minSeverity in SEVERITY_ORDER)) {
+        return {
+            content: [{ type: 'text', text: `Error: Invalid min_severity "${minSeverity}". Valid: informational, low, medium, high, critical` }],
+            isError: true,
+        };
+    }
+    const fileName = typeof args['file_name'] === 'string' ? args['file_name'] : undefined;
+    const minIdx = SEVERITY_ORDER[minSeverity] ?? 0;
+    const scanResult = engine.scanSkillFull(content, fileName);
+    const filtered = scanResult.matches.filter((m) => (SEVERITY_ORDER[m.rule.severity] ?? 0) >= minIdx);
+    const result = {
+        scan_type: scanResult.scan_type,
+        content_hash: scanResult.content_hash,
+        file_name: fileName,
+        threats_found: filtered.length,
+        scan_timestamp: scanResult.timestamp,
+        rules_loaded: scanResult.rules_loaded,
+        matches: filtered.map((m) => ({
+            rule_id: m.rule.id,
+            rule_version: m.rule.rule_version,
+            title: m.rule.title,
+            severity: m.rule.severity,
+            category: m.rule.tags.category,
+            confidence: Math.round(m.confidence * 100),
+            description: m.rule.description,
+            matched_patterns: m.matchedPatterns,
+            recommended_actions: m.rule.response.actions,
+        })),
+    };
+    return {
+        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+    };
+}
+//# sourceMappingURL=scan-skill.js.map

package/dist/mcp-tools/scan-skill.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-skill.js","sourceRoot":"","sources":["../../src/mcp-tools/scan-skill.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,MAAM,cAAc,GAA2B;IAC7C,aAAa,EAAE,CAAC;IAChB,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,MAAiB,EACjB,IAA6B;IAK7B,MAAM,kBAAkB,GAAG,SAAS,CAAC,CAAC,yBAAyB;IAE/D,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAChC,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/D,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,8DAA8D,EAAE,CAAC;YACjG,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,GAAG,kBAAkB,EAAE,CAAC;QACxC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,0CAA0C,kBAAkB,cAAc,EAAE,CAAC;YAC7G,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,CAAE,IAAI,CAAC,cAAc,CAAY,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IACjF,IAAI,CAAC,CAAC,WAAW,IAAI,cAAc,CAAC,EAAE,CAAC;QACrC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,gCAAgC,WAAW,sDAAsD,EAAE,CAAC;YACpI,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACvF,MAAM,MAAM,GAAG,cAAc,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAEhD,MAAM,UAAU,GAAG,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAE3D,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CACxC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,MAAM,CACxD,CAAC;IAEF,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,UAAU,CAAC,SAAS;QAC/B,YAAY,EAAE,UAAU,CAAC,YAAY;QACrC,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,cAAc,EAAE,UAAU,CAAC,SAAS;QACpC,YAAY,EAAE,UAAU,CAAC,YAAY;QACrC,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5B,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE;YAClB,YAAY,EAAE,CAAC,CAAC,IAAI,CAAC,YAAY;YACjC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK;YACnB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;YACzB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ;YAC9B,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC;YAC1C,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW;YAC/B,gBAAgB,EAAE,CAAC,CAAC,eAAe;YACnC,mBAAmB,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO;SAC7C,CAAC,CAAC;KACJ,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC"}

package/dist/mcp-tools/scan.d.ts

@@ -0,0 +1,24 @@
+/**
+ * atr_scan MCP tool - Scan content for agent threats
+ *
+ * Runs all configured detection layers:
+ * - Layer 1: Regex pattern matching (always)
+ * - Layer 2: Skill behavioral fingerprinting (if configured)
+ * - Layer 3: Semantic LLM-as-judge (if configured and triggered)
+ *
+ * @module agent-threat-rules/mcp-tools/scan
+ */
+import type { ATREngine } from '../engine.js';
+export interface ScanInput {
+    content: string;
+    event_type?: string;
+    min_severity?: string;
+}
+export declare function handleScan(engine: ATREngine, args: Record<string, unknown>): Promise<{
+    content: Array<{
+        type: string;
+        text: string;
+    }>;
+    isError?: boolean;
+}>;
+//# sourceMappingURL=scan.d.ts.map

package/dist/mcp-tools/scan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/scan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAG9C,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAmBD,wBAAsB,UAAU,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC;IAC1F,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC,CA6ED"}

package/dist/mcp-tools/scan.js

@@ -0,0 +1,94 @@
+/**
+ * atr_scan MCP tool - Scan content for agent threats
+ *
+ * Runs all configured detection layers:
+ * - Layer 1: Regex pattern matching (always)
+ * - Layer 2: Skill behavioral fingerprinting (if configured)
+ * - Layer 3: Semantic LLM-as-judge (if configured and triggered)
+ *
+ * @module agent-threat-rules/mcp-tools/scan
+ */
+const SEVERITY_ORDER = {
+    informational: 0,
+    low: 1,
+    medium: 2,
+    high: 3,
+    critical: 4,
+};
+const VALID_EVENT_TYPES = new Set([
+    'llm_input',
+    'llm_output',
+    'tool_call',
+    'tool_response',
+    'agent_behavior',
+    'multi_agent_message',
+]);
+export async function handleScan(engine, args) {
+    const MAX_CONTENT_LENGTH = 500_000;
+    const content = args['content'];
+    if (typeof content !== 'string' || content.trim().length === 0) {
+        return {
+            content: [{ type: 'text', text: 'Error: "content" is required and must be a non-empty string.' }],
+            isError: true,
+        };
+    }
+    if (content.length > MAX_CONTENT_LENGTH) {
+        return {
+            content: [{ type: 'text', text: `Error: content exceeds maximum size of ${MAX_CONTENT_LENGTH} characters.` }],
+            isError: true,
+        };
+    }
+    const eventTypeRaw = args['event_type'] ?? 'llm_input';
+    if (!VALID_EVENT_TYPES.has(eventTypeRaw)) {
+        return {
+            content: [{ type: 'text', text: `Error: Invalid event_type "${eventTypeRaw}". Valid types: ${[...VALID_EVENT_TYPES].join(', ')}` }],
+            isError: true,
+        };
+    }
+    const minSeverity = (args['min_severity'] ?? 'informational').toLowerCase();
+    if (!(minSeverity in SEVERITY_ORDER)) {
+        return {
+            content: [{ type: 'text', text: `Error: Invalid min_severity "${minSeverity}". Valid: informational, low, medium, high, critical` }],
+            isError: true,
+        };
+    }
+    const minIdx = SEVERITY_ORDER[minSeverity] ?? 0;
+    const event = {
+        type: eventTypeRaw,
+        timestamp: new Date().toISOString(),
+        content: content,
+        fields: {
+            user_input: content,
+            agent_output: content,
+            tool_response: content,
+            content: content,
+        },
+    };
+    // Use evaluateWithVerdict() to run all configured layers
+    const { verdict, layersUsed } = await engine.evaluateWithVerdict(event);
+    const filtered = verdict.matches.filter((m) => (SEVERITY_ORDER[m.rule.severity] ?? 0) >= minIdx);
+    const result = {
+        threats_found: filtered.length,
+        scan_timestamp: event.timestamp,
+        event_type: eventTypeRaw,
+        layers_used: layersUsed,
+        verdict: {
+            outcome: verdict.outcome,
+            reason: verdict.reason,
+        },
+        matches: filtered.map((m) => ({
+            rule_id: m.rule.id,
+            title: m.rule.title,
+            severity: m.rule.severity,
+            category: m.rule.tags.category,
+            confidence: Math.round(m.confidence * 100),
+            description: m.rule.description,
+            matched_patterns: m.matchedPatterns,
+            recommended_actions: m.rule.response.actions,
+        })),
+    };
+    return {
+        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+    };
+}
+//# sourceMappingURL=scan.js.map

package/dist/mcp-tools/scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../src/mcp-tools/scan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAWH,MAAM,cAAc,GAA2B;IAC7C,aAAa,EAAE,CAAC;IAChB,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF,MAAM,iBAAiB,GAAwB,IAAI,GAAG,CAAC;IACrD,WAAW;IACX,YAAY;IACZ,WAAW;IACX,eAAe;IACf,gBAAgB;IAChB,qBAAqB;CACtB,CAAC,CAAC;AAEH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,MAAiB,EAAE,IAA6B;IAI/E,MAAM,kBAAkB,GAAG,OAAO,CAAC;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;IAChC,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/D,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,8DAA8D,EAAE,CAAC;YACjG,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,GAAG,kBAAkB,EAAE,CAAC;QACxC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,0CAA0C,kBAAkB,cAAc,EAAE,CAAC;YAC7G,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAI,IAAI,CAAC,YAAY,CAAY,IAAI,WAAW,CAAC;IACnE,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;QACzC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,8BAA8B,YAAY,mBAAmB,CAAC,GAAG,iBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACnI,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,CAAE,IAAI,CAAC,cAAc,CAAY,IAAI,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;IACxF,IAAI,CAAC,CAAC,WAAW,IAAI,cAAc,CAAC,EAAE,CAAC;QACrC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,gCAAgC,WAAW,sDAAsD,EAAE,CAAC;YACpI,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,cAAc,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IAEhD,MAAM,KAAK,GAAe;QACxB,IAAI,EAAE,YAA8B;QACpC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,OAAO;QAChB,MAAM,EAAE;YACN,UAAU,EAAE,OAAO;YACnB,YAAY,EAAE,OAAO;YACrB,aAAa,EAAE,OAAO;YACtB,OAAO,EAAE,OAAO;SACjB;KACF,CAAC;IAEF,yDAAyD;IACzD,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;IAExE,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CACrC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,MAAM,CACxD,CAAC;IAEF,MAAM,MAAM,GAAG;QACb,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,cAAc,EAAE,KAAK,CAAC,SAAS;QAC/B,UAAU,EAAE,YAAY;QACxB,WAAW,EAAE,UAAU;QACvB,OAAO,EAAE;YACP,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;SACvB;QACD,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5B,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE;YAClB,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK;YACnB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;YACzB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ;YAC9B,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC;YAC1C,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW;YAC/B,gBAAgB,EAAE,CAAC,CAAC,eAAe;YACnC,mBAAmB,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO;SAC7C,CAAC,CAAC;KACJ,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC"}

package/dist/mcp-tools/submit-proposal.d.ts

@@ -0,0 +1,12 @@
+/**
+ * atr_submit_proposal MCP tool - Generate ATR rule draft from threat description
+ * @module agent-threat-rules/mcp-tools/submit-proposal
+ */
+export declare function handleSubmitProposal(args: Record<string, unknown>): {
+    content: Array<{
+        type: string;
+        text: string;
+    }>;
+    isError?: boolean;
+};
+//# sourceMappingURL=submit-proposal.d.ts.map

package/dist/mcp-tools/submit-proposal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"submit-proposal.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/submit-proposal.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAyBH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG;IACnE,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAwFA"}