@panguard-ai/atr 1.4.3 → 1.5.1

package/dist/modules/session.js

@@ -0,0 +1,128 @@
+/**
+ * ATR Session Module - Built-in behavioral detection module
+ *
+ * Provides cross-event analysis using SessionTracker.
+ * This is the reference implementation for ATR modules.
+ *
+ * Functions:
+ * - call_frequency: Count tool calls within a time window
+ * - pattern_frequency: Count pattern occurrences within a window
+ * - event_count: Total events in a session within a window
+ * - session_age: Time since first event in session (seconds)
+ *
+ * @module agent-threat-rules/modules/session
+ */
+import { SessionTracker } from '../session-tracker.js';
+export class SessionModule {
+    name = 'session';
+    description = 'Cross-event behavioral analysis using session state tracking';
+    version = '0.1.0';
+    functions = [
+        {
+            name: 'call_frequency',
+            description: 'Count how many times a specific tool was called within a time window',
+            args: [
+                { name: 'tool_name', type: 'string', required: true, description: 'Tool name to count' },
+                { name: 'window', type: 'string', required: false, description: 'Time window (e.g., "5m", "1h"). Default: 5m' },
+            ],
+        },
+        {
+            name: 'pattern_frequency',
+            description: 'Count how many times a pattern was matched within a time window',
+            args: [
+                { name: 'pattern', type: 'string', required: true, description: 'Pattern string to count' },
+                { name: 'window', type: 'string', required: false, description: 'Time window. Default: 5m' },
+            ],
+        },
+        {
+            name: 'event_count',
+            description: 'Total number of events in the current session within a time window',
+            args: [
+                { name: 'window', type: 'string', required: false, description: 'Time window. Default: 5m' },
+            ],
+        },
+        {
+            name: 'session_age',
+            description: 'Time in seconds since the first event in this session',
+            args: [],
+        },
+    ];
+    tracker;
+    constructor(tracker) {
+        this.tracker = tracker ?? new SessionTracker();
+    }
+    async initialize() {
+        // SessionTracker is ready immediately, no async setup needed
+    }
+    async evaluate(event, condition) {
+        const sessionId = event.sessionId ?? 'default';
+        const fn = condition.function;
+        const args = condition.args;
+        let value = 0;
+        let description = '';
+        switch (fn) {
+            case 'call_frequency': {
+                const toolName = String(args['tool_name'] ?? '');
+                const window = String(args['window'] ?? '5m');
+                const windowMs = parseWindow(window);
+                value = this.tracker.getCallFrequency(sessionId, toolName, windowMs);
+                description = `Tool "${toolName}" called ${value} times in ${window}`;
+                break;
+            }
+            case 'pattern_frequency': {
+                const pattern = String(args['pattern'] ?? '');
+                const window = String(args['window'] ?? '5m');
+                const windowMs = parseWindow(window);
+                value = this.tracker.getPatternFrequency(sessionId, pattern, windowMs);
+                description = `Pattern "${pattern}" seen ${value} times in ${window}`;
+                break;
+            }
+            case 'event_count': {
+                const window = String(args['window'] ?? '5m');
+                const windowMs = parseWindow(window);
+                value = this.tracker.getEventCount(sessionId, windowMs);
+                description = `${value} events in session within ${window}`;
+                break;
+            }
+            case 'session_age': {
+                const snapshot = this.tracker.getSessionSnapshot(sessionId);
+                if (snapshot && snapshot.oldestEventTimestamp) {
+                    value = Math.floor((Date.now() - snapshot.oldestEventTimestamp) / 1000);
+                }
+                description = `Session age: ${value} seconds`;
+                break;
+            }
+            default:
+                return { matched: false, value: 0, description: `Unknown function: ${fn}` };
+        }
+        const matched = compare(value, condition.operator, condition.threshold);
+        return { matched, value, description };
+    }
+    async destroy() {
+        // No cleanup needed
+    }
+}
+function compare(value, operator, threshold) {
+    switch (operator) {
+        case 'gt': return value > threshold;
+        case 'lt': return value < threshold;
+        case 'eq': return value === threshold;
+        case 'gte': return value >= threshold;
+        case 'lte': return value <= threshold;
+        default: return false;
+    }
+}
+function parseWindow(window) {
+    const match = window.match(/^(\d+)(s|m|h)$/);
+    if (!match)
+        return 300_000; // default 5m
+    const [, num, unit] = match;
+    const n = parseInt(num, 10);
+    switch (unit) {
+        case 's': return n * 1000;
+        case 'm': return n * 60_000;
+        case 'h': return n * 3_600_000;
+        default: return 300_000;
+    }
+}
+//# sourceMappingURL=session.js.map

package/dist/modules/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/modules/session.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAGH,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAGvD,MAAM,OAAO,aAAa;IACf,IAAI,GAAG,SAAS,CAAC;IACjB,WAAW,GAAG,8DAA8D,CAAC;IAC7E,OAAO,GAAG,OAAO,CAAC;IAElB,SAAS,GAAG;QACnB;YACE,IAAI,EAAE,gBAAgB;YACtB,WAAW,EAAE,sEAAsE;YACnF,IAAI,EAAE;gBACJ,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,QAAiB,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,oBAAoB,EAAE;gBACjG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAiB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,6CAA6C,EAAE;aACzH;SACF;QACD;YACE,IAAI,EAAE,mBAAmB;YACzB,WAAW,EAAE,iEAAiE;YAC9E,IAAI,EAAE;gBACJ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,QAAiB,EAAE,QAAQ,EAAE,IAAI,EAAE,WAAW,EAAE,yBAAyB,EAAE;gBACpG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAiB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,0BAA0B,EAAE;aACtG;SACF;QACD;YACE,IAAI,EAAE,aAAa;YACnB,WAAW,EAAE,oEAAoE;YACjF,IAAI,EAAE;gBACJ,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAiB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,0BAA0B,EAAE;aACtG;SACF;QACD;YACE,IAAI,EAAE,aAAa;YACnB,WAAW,EAAE,uDAAuD;YACpE,IAAI,EAAE,EAAE;SACT;KACO,CAAC;IAEH,OAAO,CAAiB;IAEhC,YAAY,OAAwB;QAClC,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,IAAI,cAAc,EAAE,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,UAAU;QACd,6DAA6D;IAC/D,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,KAAiB,EAAE,SAA0B;QAC1D,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,SAAS,CAAC;QAC/C,MAAM,EAAE,GAAG,SAAS,CAAC,QAAQ,CAAC;QAC9B,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,CAAC;QAE5B,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,WAAW,GAAG,EAAE,CAAC;QAErB,QAAQ,EAAE,EAAE,CAAC;YACX,KAAK,gBAAgB,CAAC,CAAC,CAAC;gBACtB,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC;gBACjD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC;gBAC9C,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;gBACrC,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,SAAS,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;gBACrE,WAAW,GAAG,SAAS,QAAQ,YAAY,KAAK,aAAa,MAAM,EAAE,CAAC;gBACtE,MAAM;YACR,CAAC;YAED,KAAK,mBAAmB,CAAC,CAAC,CAAC;gBACzB,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9C,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC;gBAC9C,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;gBACrC,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,mBAAmB,CAAC,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;gBACvE,WAAW,GAAG,YAAY,OAAO,UAAU,KAAK,aAAa,MAAM,EAAE,CAAC;gBACtE,MAAM;YACR,CAAC;YAED,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC;gBAC9C,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;gBACrC,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBACxD,WAAW,GAAG,GAAG,KAAK,6BAA6B,MAAM,EAAE,CAAC;gBAC5D,MAAM;YACR,CAAC;YAED,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;gBAC5D,IAAI,QAAQ,IAAI,QAAQ,CAAC,oBAAoB,EAAE,CAAC;oBAC9C,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC1E,CAAC;gBACD,WAAW,GAAG,gBAAgB,KAAK,UAAU,CAAC;gBAC9C,MAAM;YACR,CAAC;YAED;gBACE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,EAAE,EAAE,CAAC;QAChF,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,EAAE,SAAS,CAAC,QAAQ,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;QAExE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,OAAO;QACX,oBAAoB;IACtB,CAAC;CACF;AAED,SAAS,OAAO,CAAC,KAAa,EAAE,QAAgB,EAAE,SAAiB;IACjE,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,IAAI,CAAC,CAAC,OAAO,KAAK,GAAG,SAAS,CAAC;QACpC,KAAK,IAAI,CAAC,CAAC,OAAO,KAAK,GAAG,SAAS,CAAC;QACpC,KAAK,IAAI,CAAC,CAAC,OAAO,KAAK,KAAK,SAAS,CAAC;QACtC,KAAK,KAAK,CAAC,CAAC,OAAO,KAAK,IAAI,SAAS,CAAC;QACtC,KAAK,KAAK,CAAC,CAAC,OAAO,KAAK,IAAI,SAAS,CAAC;QACtC,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC;IACxB,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,MAAc;IACjC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC7C,IAAI,CAAC,KAAK;QAAE,OAAO,OAAO,CAAC,CAAC,aAAa;IACzC,MAAM,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC;IAC5B,MAAM,CAAC,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC5B,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC;QAC1B,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC;QAC5B,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,SAAS,CAAC;QAC/B,OAAO,CAAC,CAAC,OAAO,OAAO,CAAC;IAC1B,CAAC;AACH,CAAC"}

package/dist/quality/adapters/atr.d.ts

@@ -0,0 +1,65 @@
+/**
+ * ATR Quality Standard — ATR YAML Adapter
+ *
+ * Parses an ATR YAML rule (either as raw string or pre-parsed object) and
+ * produces RuleMetadata that the quality gate and scoring functions
+ * understand.
+ *
+ * @module agent-threat-rules/quality/adapters/atr
+ */
+import type { RuleMetadata } from "../types.js";
+/**
+ * Loose shape of an ATR rule file — matches what actually appears in
+ * rules/**\/*.yaml, not the strict type. This lets us adapt rules even if
+ * they're missing optional fields.
+ */
+interface RawATRRule {
+    id?: string;
+    title?: string;
+    status?: string;
+    maturity?: string;
+    detection?: {
+        conditions?: unknown;
+        false_positives?: unknown[];
+    };
+    test_cases?: {
+        true_positives?: unknown[];
+        true_negatives?: unknown[];
+    };
+    evasion_tests?: unknown[];
+    references?: {
+        owasp_llm?: unknown[];
+        owasp_agentic?: unknown[];
+        mitre_atlas?: unknown[];
+        mitre_attack?: unknown[];
+    };
+    author?: string;
+    wild_samples?: number;
+    wild_fp_rate?: number;
+    wild_validated?: string;
+    metadata_provenance?: {
+        mitre_atlas?: string;
+        mitre_attack?: string;
+        owasp_llm?: string;
+        owasp_agentic?: string;
+        test_cases?: string;
+        evasion_tests?: string;
+        false_positives?: string;
+    };
+}
+/**
+ * Parse an ATR YAML rule string into RuleMetadata.
+ *
+ * @param yamlContent - Raw YAML content
+ * @returns RuleMetadata (throws if YAML is invalid or missing required fields)
+ */
+export declare function parseATRRule(yamlContent: string): RuleMetadata;
+/**
+ * Convert a parsed ATR rule object into RuleMetadata.
+ *
+ * Accepts the loose shape returned by yaml.load() so callers that already
+ * have a parsed object don't need to re-serialize.
+ */
+export declare function atrRuleToMetadata(rule: RawATRRule): RuleMetadata;
+export {};
+//# sourceMappingURL=atr.d.ts.map

package/dist/quality/adapters/atr.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atr.d.ts","sourceRoot":"","sources":["../../../src/quality/adapters/atr.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAIV,YAAY,EACb,MAAM,aAAa,CAAC;AAErB;;;;GAIG;AACH,UAAU,UAAU;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE;QACV,UAAU,CAAC,EAAE,OAAO,CAAC;QACrB,eAAe,CAAC,EAAE,OAAO,EAAE,CAAC;KAC7B,CAAC;IACF,UAAU,CAAC,EAAE;QACX,cAAc,CAAC,EAAE,OAAO,EAAE,CAAC;QAC3B,cAAc,CAAC,EAAE,OAAO,EAAE,CAAC;KAC5B,CAAC;IACF,aAAa,CAAC,EAAE,OAAO,EAAE,CAAC;IAC1B,UAAU,CAAC,EAAE;QACX,SAAS,CAAC,EAAE,OAAO,EAAE,CAAC;QACtB,aAAa,CAAC,EAAE,OAAO,EAAE,CAAC;QAC1B,WAAW,CAAC,EAAE,OAAO,EAAE,CAAC;QACxB,YAAY,CAAC,EAAE,OAAO,EAAE,CAAC;KAC1B,CAAC;IACF,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,mBAAmB,CAAC,EAAE;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,aAAa,CAAC,EAAE,MAAM,CAAC;QACvB,eAAe,CAAC,EAAE,MAAM,CAAC;KAC1B,CAAC;CACH;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,YAAY,CAM9D;AAED;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,UAAU,GAAG,YAAY,CA2DhE"}

package/dist/quality/adapters/atr.js

@@ -0,0 +1,154 @@
+/**
+ * ATR Quality Standard — ATR YAML Adapter
+ *
+ * Parses an ATR YAML rule (either as raw string or pre-parsed object) and
+ * produces RuleMetadata that the quality gate and scoring functions
+ * understand.
+ *
+ * @module agent-threat-rules/quality/adapters/atr
+ */
+import { load as parseYaml } from "js-yaml";
+/**
+ * Parse an ATR YAML rule string into RuleMetadata.
+ *
+ * @param yamlContent - Raw YAML content
+ * @returns RuleMetadata (throws if YAML is invalid or missing required fields)
+ */
+export function parseATRRule(yamlContent) {
+    const parsed = parseYaml(yamlContent);
+    if (!parsed || typeof parsed !== "object") {
+        throw new Error("Invalid YAML: not an object");
+    }
+    return atrRuleToMetadata(parsed);
+}
+/**
+ * Convert a parsed ATR rule object into RuleMetadata.
+ *
+ * Accepts the loose shape returned by yaml.load() so callers that already
+ * have a parsed object don't need to re-serialize.
+ */
+export function atrRuleToMetadata(rule) {
+    const id = rule.id ?? "<unknown>";
+    const title = rule.title ?? "<untitled>";
+    // Prefer `maturity` field; fall back to `status` if maturity is absent.
+    // Normalize common aliases: `test` -> `experimental`, anything unknown -> `draft`.
+    const rawMaturity = (rule.maturity ?? rule.status ?? "draft").toLowerCase();
+    const maturity = normalizeMaturity(rawMaturity);
+    const conditions = countConditions(rule.detection?.conditions);
+    const truePositives = Array.isArray(rule.test_cases?.true_positives)
+        ? rule.test_cases.true_positives.length
+        : 0;
+    const trueNegatives = Array.isArray(rule.test_cases?.true_negatives)
+        ? rule.test_cases.true_negatives.length
+        : 0;
+    const evasionTests = Array.isArray(rule.evasion_tests)
+        ? rule.evasion_tests.length
+        : 0;
+    const hasOwaspRef = hasAnyArrayItem(rule.references?.owasp_llm) ||
+        hasAnyArrayItem(rule.references?.owasp_agentic);
+    const hasMitreRef = hasAnyArrayItem(rule.references?.mitre_atlas) ||
+        hasAnyArrayItem(rule.references?.mitre_attack);
+    const hasFalsePositiveDocs = Array.isArray(rule.detection?.false_positives) &&
+        rule.detection.false_positives.length > 0;
+    // LLM-generated detection: author contains "Crystallization" or "LLM"
+    const author = (rule.author ?? "").toLowerCase();
+    const llmGenerated = author.includes("crystallization") ||
+        author.includes("llm") ||
+        author.includes("mirofish");
+    const provenance = extractProvenance(rule.metadata_provenance);
+    return {
+        id,
+        title,
+        maturity,
+        conditions,
+        truePositives,
+        trueNegatives,
+        evasionTests,
+        hasOwaspRef,
+        hasMitreRef,
+        hasFalsePositiveDocs,
+        ...(rule.wild_samples !== undefined
+            ? { wildSamples: rule.wild_samples }
+            : {}),
+        ...(rule.wild_fp_rate !== undefined
+            ? { wildFpRate: rule.wild_fp_rate }
+            : {}),
+        ...(rule.wild_validated ? { wildValidatedAt: rule.wild_validated } : {}),
+        ...(llmGenerated ? { llmGenerated: true } : {}),
+        ...(provenance ? { provenance } : {}),
+    };
+}
+/** Parse metadata_provenance field and normalize values to Provenance enum */
+function extractProvenance(raw) {
+    if (!raw || typeof raw !== "object")
+        return undefined;
+    const result = {
+        ...(raw.mitre_atlas
+            ? { mitre_atlas: normalizeProvenance(raw.mitre_atlas) }
+            : {}),
+        ...(raw.mitre_attack
+            ? { mitre_attack: normalizeProvenance(raw.mitre_attack) }
+            : {}),
+        ...(raw.owasp_llm ? { owasp_llm: normalizeProvenance(raw.owasp_llm) } : {}),
+        ...(raw.owasp_agentic
+            ? { owasp_agentic: normalizeProvenance(raw.owasp_agentic) }
+            : {}),
+        ...(raw.test_cases
+            ? { test_cases: normalizeProvenance(raw.test_cases) }
+            : {}),
+        ...(raw.evasion_tests
+            ? { evasion_tests: normalizeProvenance(raw.evasion_tests) }
+            : {}),
+        ...(raw.false_positives
+            ? { false_positives: normalizeProvenance(raw.false_positives) }
+            : {}),
+    };
+    return Object.keys(result).length > 0 ? result : undefined;
+}
+function normalizeProvenance(raw) {
+    const v = raw.toLowerCase().trim();
+    if (v === "human-reviewed" || v === "human")
+        return "human-reviewed";
+    if (v === "community-contributed" || v === "community")
+        return "community-contributed";
+    if (v === "auto-generated" || v === "auto")
+        return "auto-generated";
+    if (v === "llm-generated" || v === "llm")
+        return "llm-generated";
+    // Unknown value — treat as auto-generated (conservative)
+    return "auto-generated";
+}
+/**
+ * ATR rules use two different condition formats:
+ *  - Array: `conditions: [{ field, operator, value }, ...]`
+ *  - Named map: `conditions: { name1: {...}, name2: {...} }`
+ *
+ * Count layers in either format.
+ */
+function countConditions(conditions) {
+    if (Array.isArray(conditions))
+        return conditions.length;
+    if (conditions !== null && typeof conditions === "object") {
+        return Object.keys(conditions).length;
+    }
+    return 0;
+}
+function hasAnyArrayItem(value) {
+    return Array.isArray(value) && value.length > 0;
+}
+function normalizeMaturity(raw) {
+    switch (raw) {
+        case "draft":
+            return "draft";
+        case "experimental":
+        case "test": // ATR legacy alias
+            return "experimental";
+        case "stable":
+            return "stable";
+        case "deprecated":
+            return "deprecated";
+        default:
+            return "draft";
+    }
+}
+//# sourceMappingURL=atr.js.map

package/dist/quality/adapters/atr.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atr.js","sourceRoot":"","sources":["../../../src/quality/adapters/atr.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,IAAI,IAAI,SAAS,EAAE,MAAM,SAAS,CAAC;AAgD5C;;;;;GAKG;AACH,MAAM,UAAU,YAAY,CAAC,WAAmB;IAC9C,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,CAAkC,CAAC;IACvE,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACjD,CAAC;IACD,OAAO,iBAAiB,CAAC,MAAM,CAAC,CAAC;AACnC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAgB;IAChD,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,WAAW,CAAC;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,YAAY,CAAC;IACzC,wEAAwE;IACxE,mFAAmF;IACnF,MAAM,WAAW,GAAG,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;IAC5E,MAAM,QAAQ,GAAa,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAE1D,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAC/D,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC;QAClE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,MAAM;QACvC,CAAC,CAAC,CAAC,CAAC;IACN,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC;QAClE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,MAAM;QACvC,CAAC,CAAC,CAAC,CAAC;IACN,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC;QACpD,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM;QAC3B,CAAC,CAAC,CAAC,CAAC;IAEN,MAAM,WAAW,GACf,eAAe,CAAC,IAAI,CAAC,UAAU,EAAE,SAAS,CAAC;QAC3C,eAAe,CAAC,IAAI,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;IAClD,MAAM,WAAW,GACf,eAAe,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC;QAC7C,eAAe,CAAC,IAAI,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;IACjD,MAAM,oBAAoB,GACxB,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC;QAC9C,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC;IAE5C,sEAAsE;IACtE,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACjD,MAAM,YAAY,GAChB,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC;QAClC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;QACtB,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAE9B,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAE/D,OAAO;QACL,EAAE;QACF,KAAK;QACL,QAAQ;QACR,UAAU;QACV,aAAa;QACb,aAAa;QACb,YAAY;QACZ,WAAW;QACX,WAAW;QACX,oBAAoB;QACpB,GAAG,CAAC,IAAI,CAAC,YAAY,KAAK,SAAS;YACjC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE;YACpC,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,IAAI,CAAC,YAAY,KAAK,SAAS;YACjC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,YAAY,EAAE;YACnC,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACxE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/C,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACtC,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,SAAS,iBAAiB,CACxB,GAAsC;IAEtC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAC;IACtD,MAAM,MAAM,GAAuB;QACjC,GAAG,CAAC,GAAG,CAAC,WAAW;YACjB,CAAC,CAAC,EAAE,WAAW,EAAE,mBAAmB,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;YACvD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,GAAG,CAAC,YAAY;YAClB,CAAC,CAAC,EAAE,YAAY,EAAE,mBAAmB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE;YACzD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,mBAAmB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3E,GAAG,CAAC,GAAG,CAAC,aAAa;YACnB,CAAC,CAAC,EAAE,aAAa,EAAE,mBAAmB,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE;YAC3D,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,GAAG,CAAC,UAAU;YAChB,CAAC,CAAC,EAAE,UAAU,EAAE,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE;YACrD,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,GAAG,CAAC,aAAa;YACnB,CAAC,CAAC,EAAE,aAAa,EAAE,mBAAmB,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE;YAC3D,CAAC,CAAC,EAAE,CAAC;QACP,GAAG,CAAC,GAAG,CAAC,eAAe;YACrB,CAAC,CAAC,EAAE,eAAe,EAAE,mBAAmB,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE;YAC/D,CAAC,CAAC,EAAE,CAAC;KACR,CAAC;IACF,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;AAC7D,CAAC;AAED,SAAS,mBAAmB,CAAC,GAAW;IACtC,MAAM,CAAC,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IACnC,IAAI,CAAC,KAAK,gBAAgB,IAAI,CAAC,KAAK,OAAO;QAAE,OAAO,gBAAgB,CAAC;IACrE,IAAI,CAAC,KAAK,uBAAuB,IAAI,CAAC,KAAK,WAAW;QACpD,OAAO,uBAAuB,CAAC;IACjC,IAAI,CAAC,KAAK,gBAAgB,IAAI,CAAC,KAAK,MAAM;QAAE,OAAO,gBAAgB,CAAC;IACpE,IAAI,CAAC,KAAK,eAAe,IAAI,CAAC,KAAK,KAAK;QAAE,OAAO,eAAe,CAAC;IACjE,yDAAyD;IACzD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED;;;;;;GAMG;AACH,SAAS,eAAe,CAAC,UAAmB;IAC1C,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;QAAE,OAAO,UAAU,CAAC,MAAM,CAAC;IACxD,IAAI,UAAU,KAAK,IAAI,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QAC1D,OAAO,MAAM,CAAC,IAAI,CAAC,UAAqC,CAAC,CAAC,MAAM,CAAC;IACnE,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,eAAe,CAAC,KAAc;IACrC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;AAClD,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,OAAO;YACV,OAAO,OAAO,CAAC;QACjB,KAAK,cAAc,CAAC;QACpB,KAAK,MAAM,EAAE,mBAAmB;YAC9B,OAAO,cAAc,CAAC;QACxB,KAAK,QAAQ;YACX,OAAO,QAAQ,CAAC;QAClB,KAAK,YAAY;YACf,OAAO,YAAY,CAAC;QACtB;YACE,OAAO,OAAO,CAAC;IACnB,CAAC;AACH,CAAC"}

package/dist/quality/adapters/index.d.ts

@@ -0,0 +1,10 @@
+/**
+ * ATR Quality Standard — Rule Format Adapters
+ *
+ * Adapters convert vendor-specific rule formats into the canonical
+ * RuleMetadata interface that the scoring and validation functions consume.
+ *
+ * @module agent-threat-rules/quality/adapters
+ */
+export { parseATRRule, atrRuleToMetadata } from "./atr.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/quality/adapters/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/quality/adapters/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC"}

package/dist/quality/adapters/index.js

@@ -0,0 +1,10 @@
+/**
+ * ATR Quality Standard — Rule Format Adapters
+ *
+ * Adapters convert vendor-specific rule formats into the canonical
+ * RuleMetadata interface that the scoring and validation functions consume.
+ *
+ * @module agent-threat-rules/quality/adapters
+ */
+export { parseATRRule, atrRuleToMetadata } from "./atr.js";
+//# sourceMappingURL=index.js.map

package/dist/quality/adapters/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/quality/adapters/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC"}

package/dist/quality/compute-confidence.d.ts

@@ -0,0 +1,45 @@
+/**
+ * ATR Quality Standard — Confidence Scoring
+ *
+ * Pure function implementing the RFC-001 §2 confidence formula:
+ *
+ *   confidence = round(
+ *       precision_score    * 0.40
+ *     + wild_validation    * 0.30
+ *     + coverage_score     * 0.20
+ *     + evasion_docs       * 0.10
+ *   )
+ *
+ * @module agent-threat-rules/quality/compute-confidence
+ */
+import type { ConfidenceScore, DeploymentRecommendation, RuleMetadata } from "./types.js";
+/**
+ * Compute the confidence score for a rule.
+ *
+ * Score is in [0, 100]. Higher is more trustworthy.
+ *
+ * @param rule - Rule metadata (vendor-agnostic)
+ * @returns Score breakdown and total
+ */
+export declare function computeConfidence(rule: RuleMetadata): ConfidenceScore;
+/**
+ * Map a confidence score to a deployment recommendation.
+ *
+ * This is the consumer-facing signal: "should I deploy this rule in
+ * blocking mode, alert mode, or not at all?"
+ */
+export declare function deploymentFor(score: number): DeploymentRecommendation;
+/**
+ * Apply the cross-context penalty to a match's contribution.
+ *
+ * When a rule designed for one scan context (e.g. MCP runtime) fires in
+ * a different context (e.g. SKILL.md static scan), the match's contribution
+ * is downweighted by 0.7. This prevents cross-context noise from inflating
+ * overall detection confidence.
+ *
+ * @param score - The base confidence score of the rule
+ * @param isCrossContext - True if the match is outside the rule's native context
+ * @returns Adjusted score
+ */
+export declare function applyCrossContextPenalty(score: number, isCrossContext: boolean): number;
+//# sourceMappingURL=compute-confidence.d.ts.map

package/dist/quality/compute-confidence.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"compute-confidence.d.ts","sourceRoot":"","sources":["../../src/quality/compute-confidence.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,wBAAwB,EACxB,YAAY,EACb,MAAM,YAAY,CAAC;AAKpB;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,YAAY,GAAG,eAAe,CAiCrE;AAuDD;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,wBAAwB,CAMrE;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,wBAAwB,CACtC,KAAK,EAAE,MAAM,EACb,cAAc,EAAE,OAAO,GACtB,MAAM,CAER"}

package/dist/quality/compute-confidence.js

@@ -0,0 +1,133 @@
+/**
+ * ATR Quality Standard — Confidence Scoring
+ *
+ * Pure function implementing the RFC-001 §2 confidence formula:
+ *
+ *   confidence = round(
+ *       precision_score    * 0.40
+ *     + wild_validation    * 0.30
+ *     + coverage_score     * 0.20
+ *     + evasion_docs       * 0.10
+ *   )
+ *
+ * @module agent-threat-rules/quality/compute-confidence
+ */
+/** Max confidence an LLM-generated rule can reach without human review */
+const LLM_CAP_WITHOUT_REVIEW = 70;
+/**
+ * Compute the confidence score for a rule.
+ *
+ * Score is in [0, 100]. Higher is more trustworthy.
+ *
+ * @param rule - Rule metadata (vendor-agnostic)
+ * @returns Score breakdown and total
+ */
+export function computeConfidence(rule) {
+    const precisionScore = computePrecisionScore(rule);
+    const wildValidationScore = computeWildValidationScore(rule);
+    const coverageScore = computeCoverageScore(rule);
+    const evasionScore = computeEvasionScore(rule);
+    const rawTotal = precisionScore * 0.4 +
+        wildValidationScore * 0.3 +
+        coverageScore * 0.2 +
+        evasionScore * 0.1;
+    let total = Math.round(rawTotal);
+    let capped = false;
+    // LLM-generated rules are capped at LLM_CAP_WITHOUT_REVIEW until a human reviews them.
+    // Rationale: LLMs can produce subtly wrong rules that pass static validation
+    // but fail in the wild. Human review is the only reliable backstop.
+    if (rule.llmGenerated === true && rule.humanReviewed !== true) {
+        if (total > LLM_CAP_WITHOUT_REVIEW) {
+            total = LLM_CAP_WITHOUT_REVIEW;
+            capped = true;
+        }
+    }
+    return {
+        total,
+        precisionScore: Math.round(precisionScore),
+        wildValidationScore: Math.round(wildValidationScore),
+        coverageScore: Math.round(coverageScore),
+        evasionScore: Math.round(evasionScore),
+        capped,
+    };
+}
+/**
+ * Precision component (weight 0.40).
+ *
+ * If wild FP rate is measured, use it directly: (1 - fpRate/100) * 100.
+ * Otherwise, estimate from test case coverage: more test cases = higher
+ * confidence in precision (max at 10 total).
+ */
+function computePrecisionScore(rule) {
+    if (rule.wildFpRate !== undefined &&
+        rule.wildSamples !== undefined &&
+        rule.wildSamples > 0) {
+        const fpRate = Math.max(0, Math.min(100, rule.wildFpRate));
+        return 100 - fpRate;
+    }
+    // Fallback: estimate from test case depth
+    const testCaseCount = rule.truePositives + rule.trueNegatives;
+    return Math.min(testCaseCount / 10, 1) * 100;
+}
+/**
+ * Wild validation component (weight 0.30).
+ *
+ * Scales with sample size up to 10,000 samples. More real-world data
+ * = higher score. A rule tested on 0 samples gets 0. A rule tested on
+ * 10,000+ samples gets 100.
+ */
+function computeWildValidationScore(rule) {
+    const samples = rule.wildSamples ?? 0;
+    return Math.min(samples / 10000, 1) * 100;
+}
+/**
+ * Coverage component (weight 0.20).
+ *
+ * Scales with number of detection conditions (layers). A single-condition
+ * rule gets 20. A 5+ condition rule gets 100. Defense in depth matters.
+ */
+function computeCoverageScore(rule) {
+    return Math.min(rule.conditions / 5, 1) * 100;
+}
+/**
+ * Evasion documentation component (weight 0.10).
+ *
+ * Rewards honest acknowledgment of known bypasses. A rule with 0 evasion
+ * tests gets 0. A rule with 5+ evasion tests gets 100.
+ */
+function computeEvasionScore(rule) {
+    return Math.min(rule.evasionTests / 5, 1) * 100;
+}
+/**
+ * Map a confidence score to a deployment recommendation.
+ *
+ * This is the consumer-facing signal: "should I deploy this rule in
+ * blocking mode, alert mode, or not at all?"
+ */
+export function deploymentFor(score) {
+    if (score >= 90)
+        return "block-in-production";
+    if (score >= 80)
+        return "block-with-monitoring";
+    if (score >= 60)
+        return "alert-only";
+    if (score >= 40)
+        return "evaluation-only";
+    return "do-not-deploy";
+}
+/**
+ * Apply the cross-context penalty to a match's contribution.
+ *
+ * When a rule designed for one scan context (e.g. MCP runtime) fires in
+ * a different context (e.g. SKILL.md static scan), the match's contribution
+ * is downweighted by 0.7. This prevents cross-context noise from inflating
+ * overall detection confidence.
+ *
+ * @param score - The base confidence score of the rule
+ * @param isCrossContext - True if the match is outside the rule's native context
+ * @returns Adjusted score
+ */
+export function applyCrossContextPenalty(score, isCrossContext) {
+    return isCrossContext ? Math.round(score * 0.7) : score;
+}
+//# sourceMappingURL=compute-confidence.js.map

package/dist/quality/compute-confidence.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compute-confidence.js","sourceRoot":"","sources":["../../src/quality/compute-confidence.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAQH,0EAA0E;AAC1E,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAElC;;;;;;;GAOG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAkB;IAClD,MAAM,cAAc,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;IACnD,MAAM,mBAAmB,GAAG,0BAA0B,CAAC,IAAI,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAE/C,MAAM,QAAQ,GACZ,cAAc,GAAG,GAAG;QACpB,mBAAmB,GAAG,GAAG;QACzB,aAAa,GAAG,GAAG;QACnB,YAAY,GAAG,GAAG,CAAC;IAErB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACjC,IAAI,MAAM,GAAG,KAAK,CAAC;IAEnB,uFAAuF;IACvF,6EAA6E;IAC7E,oEAAoE;IACpE,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;QAC9D,IAAI,KAAK,GAAG,sBAAsB,EAAE,CAAC;YACnC,KAAK,GAAG,sBAAsB,CAAC;YAC/B,MAAM,GAAG,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC;QAC1C,mBAAmB,EAAE,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC;QACpD,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC;QACxC,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC;QACtC,MAAM;KACP,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,qBAAqB,CAAC,IAAkB;IAC/C,IACE,IAAI,CAAC,UAAU,KAAK,SAAS;QAC7B,IAAI,CAAC,WAAW,KAAK,SAAS;QAC9B,IAAI,CAAC,WAAW,GAAG,CAAC,EACpB,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3D,OAAO,GAAG,GAAG,MAAM,CAAC;IACtB,CAAC;IACD,0CAA0C;IAC1C,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;IAC9D,OAAO,IAAI,CAAC,GAAG,CAAC,aAAa,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAC/C,CAAC;AAED;;;;;;GAMG;AACH,SAAS,0BAA0B,CAAC,IAAkB;IACpD,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,IAAI,CAAC,CAAC;IACtC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,GAAG,KAAK,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAC5C,CAAC;AAED;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,IAAkB;IAC9C,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,IAAkB;IAC7C,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAClD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,qBAAqB,CAAC;IAC9C,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,uBAAuB,CAAC;IAChD,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,YAAY,CAAC;IACrC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,iBAAiB,CAAC;IAC1C,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,wBAAwB,CACtC,KAAa,EACb,cAAuB;IAEvB,OAAO,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AAC1D,CAAC"}

package/dist/quality/index.d.ts

@@ -0,0 +1,36 @@
+/**
+ * ATR Quality Standard — Public API
+ *
+ * Vendor-neutral library for scoring and validating AI agent threat detection
+ * rules. See docs/proposals/001-atr-quality-standard-rfc.md for the RFC.
+ *
+ * @example Compute a confidence score for an ATR rule
+ * ```typescript
+ * import { parseATRRule, computeConfidence } from 'agent-threat-rules/quality';
+ * import { readFileSync } from 'node:fs';
+ *
+ * const yaml = readFileSync('rules/prompt-injection/ATR-2026-00001.yaml', 'utf-8');
+ * const rule = parseATRRule(yaml);
+ * const score = computeConfidence(rule);
+ * console.log(`Confidence: ${score.total}/100`);
+ * ```
+ *
+ * @example Run a rule through the quality gate
+ * ```typescript
+ * import { parseATRRule, validateRuleMeetsStandard } from 'agent-threat-rules/quality';
+ *
+ * const rule = parseATRRule(yamlContent);
+ * const gate = validateRuleMeetsStandard(rule, 'experimental');
+ * if (!gate.passed) {
+ *   console.error('Rule rejected:', gate.issues);
+ * }
+ * ```
+ *
+ * @module agent-threat-rules/quality
+ */
+export type { Maturity, RuleMetadata, ConfidenceScore, QualityGateResult, PromotionDecision, DemotionDecision, FpReport, DeploymentRecommendation, } from "./types.js";
+export { computeConfidence, deploymentFor, applyCrossContextPenalty, } from "./compute-confidence.js";
+export { validateRuleMeetsStandard, getRequirements } from "./quality-gate.js";
+export { canPromote, shouldDemote, getMaturityThresholds, } from "./validate-maturity.js";
+export { parseATRRule, atrRuleToMetadata } from "./adapters/atr.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/quality/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/quality/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAGH,YAAY,EACV,QAAQ,EACR,YAAY,EACZ,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,gBAAgB,EAChB,QAAQ,EACR,wBAAwB,GACzB,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,iBAAiB,EACjB,aAAa,EACb,wBAAwB,GACzB,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EAAE,yBAAyB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAG/E,OAAO,EACL,UAAU,EACV,YAAY,EACZ,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC"}