@panguard-ai/atr 1.5.0 → 1.5.5

package/dist/badge.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"badge.js","sourceRoot":"","sources":["../src/badge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AA+BvC,8EAA8E;AAC9E,eAAe;AACf,8EAA8E;AAE9E,MAAM,YAAY,GAAgC;IAChD,KAAK,EAAE,SAAS,EAAM,eAAe;IACrC,MAAM,EAAE,SAAS,EAAK,iBAAiB;IACvC,QAAQ,EAAE,SAAS,EAAG,YAAY;IAClC,OAAO,EAAE,SAAS,EAAI,OAAO;CAC9B,CAAC;AAEF,8EAA8E;AAC9E,wCAAwC;AACxC,8EAA8E;AAE9E,MAAM,UAAU,oBAAoB,CAAC,OAAoB;IACvD,gCAAgC;IAChC,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,GAAG,CAAC;QAAE,OAAO,UAAU,CAAC;IACrD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC;QAAE,OAAO,UAAU,CAAC;IACjD,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,QAAQ,CAAC;IACjD,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC;QAAE,OAAO,QAAQ,CAAC;IAE9C,gFAAgF;IAChF,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,MAAM;QAAE,OAAO,UAAU,CAAC;IAChE,IAAI,KAAK,KAAK,QAAQ;QAAE,OAAO,QAAQ,CAAC;IACxC,IAAI,KAAK,KAAK,KAAK;QAAE,OAAO,QAAQ,CAAC;IAErC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E,MAAM,UAAU,qBAAqB,CAAC,OAA2B;IAC/D,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;YACL,aAAa,EAAE,CAAC;YAChB,KAAK,EAAE,KAAK;YACZ,OAAO,EAAE,iBAAiB;YAC1B,KAAK,EAAE,YAAY,CAAC,OAAO;SAC5B,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;IAE7C,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;IAEzH,MAAM,QAAQ,GAAgC;QAC5C,KAAK,EAAE,qBAAqB;QAC5B,MAAM,EAAE,aAAa,GAAG,CAAC;YACvB,CAAC,CAAC,aAAa,aAAa,SAAS,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACnE,CAAC,CAAC,aAAa,OAAO,CAAC,SAAS,EAAE;QACpC,QAAQ,EAAE,aAAa,GAAG,CAAC;YACzB,CAAC,CAAC,aAAa,OAAO,CAAC,QAAQ,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,WAAW;YAC3E,CAAC,CAAC,aAAa,OAAO,CAAC,SAAS,EAAE;QACpC,OAAO,EAAE,iBAAiB;KAC3B,CAAC;IAEF,OAAO;QACL,aAAa,EAAE,CAAC;QAChB,KAAK,EAAE,KAAK;QACZ,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC;QACzB,KAAK,EAAE,YAAY,CAAC,MAAM,CAAC;KAC5B,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,gCAAgC;AAChC,8EAA8E;AAE9E,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,GAAG;SACP,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;SACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC;SACvB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,WAAW,CAAC,IAAY;IAC/B,qEAAqE;IACrE,OAAO,IAAI,CAAC,MAAM,GAAG,GAAG,GAAG,EAAE,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,OAA2B;IAC1D,MAAM,IAAI,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;IAC5C,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;IAEzB,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,UAAU,GAAG,YAAY,CAAC;IAE7C,OAAO,6FAA6F,UAAU,wCAAwC,KAAK,KAAK,OAAO;WAC9J,KAAK,KAAK,OAAO;;;;;;mBAMT,UAAU;;;mBAGV,UAAU;eACd,UAAU,YAAY,YAAY,uBAAuB,KAAK;mBAC1D,UAAU;;;kCAGK,UAAU,GAAG,CAAC,oEAAoE,KAAK;eAC1G,UAAU,GAAG,CAAC,+CAA+C,KAAK;kCAC/C,CAAC,UAAU,GAAG,YAAY,GAAG,CAAC,CAAC,GAAG,EAAE,oEAAoE,OAAO;eAClI,CAAC,UAAU,GAAG,YAAY,GAAG,CAAC,CAAC,GAAG,EAAE,+CAA+C,OAAO;;OAElG,CAAC;AACR,CAAC;AAED,8EAA8E;AAC9E,wCAAwC;AACxC,8EAA8E;AAE9E,MAAM,UAAU,iBAAiB,CAC/B,aAAqB,EACrB,WAAmB;IAEnB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAC;QAE9D,MAAM,OAAO,GAAc,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,WAAW,CAAQ,CAAC;QAEzE,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAExB,MAAM,UAAU,GAAU,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;QACjD,MAAM,QAAQ,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC7D,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;YAC3B,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,IAAI,EAAE,QAAQ,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;YACpE,IAAI,GAAG,IAAI,QAAQ,EAAE,CAAC;gBACpB,QAAQ,CAAC,GAA4B,CAAC,EAAE,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,OAAO;YACL,WAAW,EAAE,KAAK,CAAC,OAAO;YAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS;YAC5C,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,SAAS;YACvC,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,CAAC;YAC/B,QAAQ;SACT,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,kCAAkC;AAClC,8EAA8E;AAE9E,MAAM,UAAU,qBAAqB,CACnC,WAAmB,EACnB,UAAkB,yDAAyD;IAE3E,oCAAoC;IACpC,MAAM,WAAW,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;IACpD,OAAO,uFAAuF,OAAO,GAAG,CAAC;AAC3G,CAAC"}

package/dist/capability-extractor.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Shared capability extraction from text content.
+ *
+ * Used by both SkillFingerprintStore (behavioral drift detection)
+ * and InvariantChecker (manifest enforcement).
+ *
+ * Regex-based, no LLM needed. Analyzes first 10KB to prevent ReDoS.
+ *
+ * @module agent-threat-rules/capability-extractor
+ */
+export declare const FS_WRITE_PATTERN: RegExp;
+export declare const FS_READ_PATTERN: RegExp;
+export declare const FS_DELETE_PATTERN: RegExp;
+export declare const NETWORK_PATTERN: RegExp;
+export declare const ENV_PATTERN: RegExp;
+export declare const ENV_INLINE_PATTERN: RegExp;
+export declare const EXEC_PATTERN: RegExp;
+export declare const EXFIL_PATTERN: RegExp;
+export declare const REDIRECT_PATTERN: RegExp;
+/** Path extraction: find filesystem paths referenced in text (min 2 segments to reduce noise) */
+export declare const PATH_PATTERN: RegExp;
+/** Config file modification patterns */
+export declare const CONFIG_MOD_PATTERN: RegExp;
+export interface ExtractedCapabilities {
+    readonly filesystemOps: readonly string[];
+    readonly filesystemPaths: readonly string[];
+    readonly networkTargets: readonly string[];
+    readonly envAccesses: readonly string[];
+    readonly processExecs: readonly string[];
+    readonly outputPatterns: readonly string[];
+    readonly configModifications: boolean;
+}
+/** Classify text content into behavioral capabilities */
+export declare function extractCapabilities(text: string): ExtractedCapabilities;
+//# sourceMappingURL=capability-extractor.d.ts.map

package/dist/capability-extractor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"capability-extractor.d.ts","sourceRoot":"","sources":["../src/capability-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAMH,eAAO,MAAM,gBAAgB,QACkD,CAAC;AAChF,eAAO,MAAM,eAAe,QACiC,CAAC;AAC9D,eAAO,MAAM,iBAAiB,QAC0B,CAAC;AAEzD,eAAO,MAAM,eAAe,QAC0F,CAAC;AAEvH,eAAO,MAAM,WAAW,QAC0D,CAAC;AACnF,eAAO,MAAM,kBAAkB,QAAmC,CAAC;AAEnE,eAAO,MAAM,YAAY,QACiG,CAAC;AAE3H,eAAO,MAAM,aAAa,QAC6D,CAAC;AACxF,eAAO,MAAM,gBAAgB,QACqC,CAAC;AAEnE,iGAAiG;AACjG,eAAO,MAAM,YAAY,QACuB,CAAC;AASjD,wCAAwC;AACxC,eAAO,MAAM,kBAAkB,QACqD,CAAC;AAMrF,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,aAAa,EAAE,SAAS,MAAM,EAAE,CAAC;IAC1C,QAAQ,CAAC,eAAe,EAAE,SAAS,MAAM,EAAE,CAAC;IAC5C,QAAQ,CAAC,cAAc,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3C,QAAQ,CAAC,WAAW,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,QAAQ,CAAC,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;IACzC,QAAQ,CAAC,cAAc,EAAE,SAAS,MAAM,EAAE,CAAC;IAC3C,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;CACvC;AAED,yDAAyD;AACzD,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,qBAAqB,CAwDvE"}

package/dist/capability-extractor.js

@@ -0,0 +1,91 @@
+/**
+ * Shared capability extraction from text content.
+ *
+ * Used by both SkillFingerprintStore (behavioral drift detection)
+ * and InvariantChecker (manifest enforcement).
+ *
+ * Regex-based, no LLM needed. Analyzes first 10KB to prevent ReDoS.
+ *
+ * @module agent-threat-rules/capability-extractor
+ */
+// ---------------------------------------------------------------------------
+// Pattern detectors
+// ---------------------------------------------------------------------------
+export const FS_WRITE_PATTERN = /(?:write(?:File)?|appendFile|fs\.write|truncate|mkdir|rmdir|unlink|rm\s+-)/i;
+export const FS_READ_PATTERN = /(?:read(?:File)?|readdir|stat|access|exists|glob|find\s)/i;
+export const FS_DELETE_PATTERN = /(?:unlink|rm\s+-rf|delete(?:File)?|removeDir|rmdir)/i;
+export const NETWORK_PATTERN = /(?:https?:\/\/|fetch|curl|wget|axios|http\.request|net\.connect|socket)[\s('"]*([a-zA-Z0-9.-]+(?:\.[a-zA-Z]{2,}))/i;
+export const ENV_PATTERN = /(?:process\.env|os\.environ|getenv|System\.getenv)\[?['"(]?([A-Z_][A-Z0-9_]*)/i;
+export const ENV_INLINE_PATTERN = /\$\{?([A-Z_][A-Z0-9_]{2,})\}?/g;
+export const EXEC_PATTERN = /(?:child_process|spawn|exec(?:File)?|system\(|popen|subprocess|shell_exec|os\.system)\s*\(\s*['"(]?([^\s'")\]]{1,80})/i;
+export const EXFIL_PATTERN = /(?:base64|btoa|encode|compress|deflate|gzip).*(?:http|fetch|curl|send|post|upload)/i;
+export const REDIRECT_PATTERN = /(?:redirect|forward|proxy|tunnel)\s+(?:to\s+)?(?:https?:\/\/)/i;
+/** Path extraction: find filesystem paths referenced in text (min 2 segments to reduce noise) */
+export const PATH_PATTERN = /(?:["'`]|^|\s)(\/(?:[\w.-]+\/){1,}[\w.-]+)/gm;
+/** Common benign paths that appear in docs/version strings -- skip these */
+const BENIGN_PATH_PREFIXES = [
+    '/usr/bin/', '/usr/lib/', '/usr/local/',
+    '/node_modules/', '/dist/', '/build/',
+    '/v1/', '/v2/', '/api/',
+];
+/** Config file modification patterns */
+export const CONFIG_MOD_PATTERN = /(?:\.mcp\.json|\.claude\/|\.cursor\/|mcp-config|settings\.json|\.env(?:\.\w+)?)/i;
+/** Classify text content into behavioral capabilities */
+export function extractCapabilities(text) {
+    const result = {
+        filesystemOps: [],
+        filesystemPaths: [],
+        networkTargets: [],
+        envAccesses: [],
+        processExecs: [],
+        outputPatterns: [],
+        configModifications: false,
+    };
+    if (!text || text.length === 0)
+        return result;
+    // Limit analysis to first 10KB to prevent ReDoS
+    const safeText = text.slice(0, 10_240);
+    // Filesystem operations
+    if (FS_WRITE_PATTERN.test(safeText))
+        result.filesystemOps.push('write');
+    if (FS_READ_PATTERN.test(safeText))
+        result.filesystemOps.push('read');
+    if (FS_DELETE_PATTERN.test(safeText))
+        result.filesystemOps.push('delete');
+    // Filesystem paths (filter out benign paths from docs/version strings)
+    for (const m of safeText.matchAll(PATH_PATTERN)) {
+        const path = m[1];
+        if (!path || result.filesystemPaths.includes(path))
+            continue;
+        const isBenign = BENIGN_PATH_PREFIXES.some((p) => path.startsWith(p));
+        if (!isBenign) {
+            result.filesystemPaths.push(path);
+        }
+    }
+    // Network targets
+    const netMatch = safeText.match(NETWORK_PATTERN);
+    if (netMatch?.[1])
+        result.networkTargets.push(netMatch[1]);
+    // Environment variable accesses
+    const envMatch = safeText.match(ENV_PATTERN);
+    if (envMatch?.[1])
+        result.envAccesses.push(envMatch[1]);
+    for (const m of safeText.matchAll(ENV_INLINE_PATTERN)) {
+        if (m[1] && !result.envAccesses.includes(m[1])) {
+            result.envAccesses.push(m[1]);
+        }
+    }
+    // Process executions
+    const execMatch = safeText.match(EXEC_PATTERN);
+    if (execMatch?.[1])
+        result.processExecs.push(execMatch[1]);
+    // Output patterns
+    if (EXFIL_PATTERN.test(safeText))
+        result.outputPatterns.push('exfiltration');
+    if (REDIRECT_PATTERN.test(safeText))
+        result.outputPatterns.push('redirect');
+    // Config modifications
+    result.configModifications = CONFIG_MOD_PATTERN.test(safeText);
+    return result;
+}
+//# sourceMappingURL=capability-extractor.js.map

package/dist/capability-extractor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"capability-extractor.js","sourceRoot":"","sources":["../src/capability-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,8EAA8E;AAC9E,oBAAoB;AACpB,8EAA8E;AAE9E,MAAM,CAAC,MAAM,gBAAgB,GAC3B,6EAA6E,CAAC;AAChF,MAAM,CAAC,MAAM,eAAe,GAC1B,2DAA2D,CAAC;AAC9D,MAAM,CAAC,MAAM,iBAAiB,GAC5B,sDAAsD,CAAC;AAEzD,MAAM,CAAC,MAAM,eAAe,GAC1B,oHAAoH,CAAC;AAEvH,MAAM,CAAC,MAAM,WAAW,GACtB,gFAAgF,CAAC;AACnF,MAAM,CAAC,MAAM,kBAAkB,GAAG,gCAAgC,CAAC;AAEnE,MAAM,CAAC,MAAM,YAAY,GACvB,wHAAwH,CAAC;AAE3H,MAAM,CAAC,MAAM,aAAa,GACxB,qFAAqF,CAAC;AACxF,MAAM,CAAC,MAAM,gBAAgB,GAC3B,gEAAgE,CAAC;AAEnE,iGAAiG;AACjG,MAAM,CAAC,MAAM,YAAY,GACvB,8CAA8C,CAAC;AAEjD,4EAA4E;AAC5E,MAAM,oBAAoB,GAAG;IAC3B,WAAW,EAAE,WAAW,EAAE,aAAa;IACvC,gBAAgB,EAAE,QAAQ,EAAE,SAAS;IACrC,MAAM,EAAE,MAAM,EAAE,OAAO;CACf,CAAC;AAEX,wCAAwC;AACxC,MAAM,CAAC,MAAM,kBAAkB,GAC7B,kFAAkF,CAAC;AAgBrF,yDAAyD;AACzD,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,MAAM,MAAM,GAAG;QACb,aAAa,EAAE,EAAc;QAC7B,eAAe,EAAE,EAAc;QAC/B,cAAc,EAAE,EAAc;QAC9B,WAAW,EAAE,EAAc;QAC3B,YAAY,EAAE,EAAc;QAC5B,cAAc,EAAE,EAAc;QAC9B,mBAAmB,EAAE,KAAK;KAC3B,CAAC;IAEF,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IAE9C,gDAAgD;IAChD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAEvC,wBAAwB;IACxB,IAAI,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACxE,IAAI,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACtE,IAAI,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAE1E,uEAAuE;IACvE,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,SAAS;QAC7D,MAAM,QAAQ,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QACtE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACjD,IAAI,QAAQ,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAE3D,gCAAgC;IAChC,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAC7C,IAAI,QAAQ,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACtD,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,qBAAqB;IACrB,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAC/C,IAAI,SAAS,EAAE,CAAC,CAAC,CAAC;QAAE,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAE3D,kBAAkB;IAClB,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC7E,IAAI,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC;QAAE,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAE5E,uBAAuB;IACvB,MAAM,CAAC,mBAAmB,GAAG,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAE/D,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/cli/scan-handler.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Unified scan handler for ATR CLI.
+ * Auto-detects input type: JSON → MCP scan, .md → SKILL.md scan.
+ *
+ * @module agent-threat-rules/cli/scan-handler
+ */
+import type { ScanType } from '../types.js';
+export interface ScanOptions {
+    readonly rules?: string;
+    readonly json?: boolean;
+    readonly sarif?: boolean;
+    readonly severity?: string;
+    readonly forceType?: ScanType;
+    readonly reportToCloud?: boolean;
+    readonly tcUrl?: string;
+}
+/** Detect whether the target is an MCP event JSON or SKILL.md file/directory. */
+export declare function detectInputType(targetPath: string): ScanType;
+/** Unified scan command: auto-detects MCP vs SKILL.md and runs the appropriate scan path. */
+export declare function cmdScanUnified(target: string, rulesDir: string, options: ScanOptions): Promise<void>;
+//# sourceMappingURL=scan-handler.d.ts.map

package/dist/cli/scan-handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-handler.d.ts","sourceRoot":"","sources":["../../src/cli/scan-handler.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAKH,OAAO,KAAK,EAAoC,QAAQ,EAAE,MAAM,aAAa,CAAC;AAqB9E,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC;IACzB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC;IAC9B,QAAQ,CAAC,aAAa,CAAC,EAAE,OAAO,CAAC;IACjC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,iFAAiF;AACjF,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,QAAQ,CA0B5D;AAED,6FAA6F;AAC7F,wBAAsB,cAAc,CAClC,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,WAAW,GACnB,OAAO,CAAC,IAAI,CAAC,CAqCf"}

package/dist/cli/scan-handler.js

@@ -0,0 +1,276 @@
+/**
+ * Unified scan handler for ATR CLI.
+ * Auto-detects input type: JSON → MCP scan, .md → SKILL.md scan.
+ *
+ * @module agent-threat-rules/cli/scan-handler
+ */
+import { readFileSync, existsSync, statSync, readdirSync } from 'node:fs';
+import { resolve } from 'node:path';
+import { ATREngine } from '../engine.js';
+import { scanResultToSARIF } from '../converters/sarif.js';
+import { createTCReporter } from '../tc-reporter.js';
+const SEVERITY_ORDER = ['informational', 'low', 'medium', 'high', 'critical'];
+// ANSI colors
+const RED = '\x1b[31m';
+const GREEN = '\x1b[32m';
+const DIM = '\x1b[2m';
+const BOLD = '\x1b[1m';
+const RESET = '\x1b[0m';
+const SEVERITY_COLORS = {
+    critical: '\x1b[91m',
+    high: '\x1b[31m',
+    medium: '\x1b[33m',
+    low: '\x1b[36m',
+    informational: '\x1b[37m',
+};
+/** Detect whether the target is an MCP event JSON or SKILL.md file/directory. */
+export function detectInputType(targetPath) {
+    if (targetPath.endsWith('.md'))
+        return 'skill';
+    if (targetPath.endsWith('.json'))
+        return 'mcp';
+    // Directory: inspect contents to decide
+    if (existsSync(targetPath) && statSync(targetPath).isDirectory()) {
+        const entries = readdirSync(targetPath);
+        const hasJson = entries.some((e) => e.endsWith('.json'));
+        const hasMd = entries.some((e) => e.endsWith('.md') || e.toLowerCase() === 'skill.md');
+        if (hasMd)
+            return 'skill';
+        if (hasJson)
+            return 'mcp';
+        return 'skill'; // default for empty or non-matching directories
+    }
+    // Attempt to detect by reading first bytes
+    if (existsSync(targetPath)) {
+        const head = readFileSync(targetPath, 'utf-8').slice(0, 100).trimStart();
+        if (head.startsWith('{') || head.startsWith('['))
+            return 'mcp';
+        if (head.startsWith('#') || head.startsWith('---'))
+            return 'skill';
+    }
+    throw new Error(`Cannot determine scan type for "${targetPath}". Use .json for MCP events or .md for SKILL.md files.`);
+}
+/** Unified scan command: auto-detects MCP vs SKILL.md and runs the appropriate scan path. */
+export async function cmdScanUnified(target, rulesDir, options) {
+    if (!target) {
+        console.error(`${RED}Error: Missing target. Usage: atr scan <file|directory>${RESET}`);
+        process.exit(1);
+    }
+    const targetPath = resolve(target);
+    if (!existsSync(targetPath)) {
+        console.error(`${RED}Error: Path not found: ${targetPath}${RESET}`);
+        process.exit(1);
+    }
+    // Create TC reporter if --report-to-cloud is set
+    const reporter = options.reportToCloud
+        ? createTCReporter({
+            tcUrl: options.tcUrl,
+            onError: (err) => console.error(`${DIM}TC upload: ${err.message}${RESET}`),
+        })
+        : undefined;
+    const scanType = options.forceType ?? detectInputType(targetPath);
+    try {
+        if (scanType === 'skill') {
+            await scanSkillFiles(targetPath, rulesDir, options, reporter);
+        }
+        else {
+            await scanMcpEvents(targetPath, rulesDir, options, reporter);
+        }
+    }
+    finally {
+        // Flush remaining events before exit
+        if (reporter) {
+            await reporter.destroy();
+            if (!options.json && !options.sarif) {
+                console.log(`${DIM}  Threat Cloud: detections reported to ${options.tcUrl ?? 'https://tc.panguard.ai'}${RESET}`);
+            }
+        }
+    }
+}
+// ── MCP Event Scan ─────────────────────────────────────────────
+async function scanMcpEvents(eventsPath, rulesDir, options, reporter) {
+    const fileStat = statSync(eventsPath);
+    if (fileStat.size > 50 * 1024 * 1024) {
+        console.error(`${RED}Error: Events file exceeds 50MB limit${RESET}`);
+        process.exit(1);
+    }
+    const raw = readFileSync(eventsPath, 'utf-8');
+    let events;
+    try {
+        const parsed = JSON.parse(raw);
+        events = Array.isArray(parsed) ? parsed : [parsed];
+    }
+    catch {
+        console.error(`${RED}Error: Invalid JSON in ${eventsPath}${RESET}`);
+        process.exit(1);
+    }
+    const engine = new ATREngine({ rulesDir, reporter });
+    await engine.loadRules();
+    const minIdx = SEVERITY_ORDER.indexOf((options.severity ?? 'informational'));
+    const allResults = [];
+    let totalThreats = 0;
+    for (const event of events) {
+        if (!event.content)
+            continue; // skip malformed events
+        const result = engine.evaluateFull(event, eventsPath);
+        const filtered = result.matches.filter((m) => SEVERITY_ORDER.indexOf(m.rule.severity) >= minIdx);
+        if (filtered.length > 0) {
+            allResults.push({ event, result, filtered });
+            totalThreats += filtered.length;
+        }
+    }
+    if (options.sarif) {
+        const sarifResults = allResults.map(({ result, filtered }) => ({
+            ...result,
+            matches: filtered,
+            threat_count: filtered.length,
+        }));
+        const version = process.env['npm_package_version'] ?? '1.0.0';
+        console.log(JSON.stringify(scanResultToSARIF(sarifResults, version), null, 2));
+        return;
+    }
+    if (options.json) {
+        console.log(JSON.stringify({
+            scan_type: 'mcp',
+            events_scanned: events.length,
+            threats_detected: totalThreats,
+            rules_loaded: engine.getRuleCount(),
+            results: allResults.map(({ event, result, filtered }) => ({
+                content_hash: result.content_hash,
+                event: {
+                    type: event.type,
+                    timestamp: event.timestamp,
+                    content_preview: event.content.slice(0, 100),
+                },
+                matches: filtered.map(formatMatchJson),
+            })),
+        }, null, 2));
+        return;
+    }
+    printScanHeader('MCP', events.length, engine.getRuleCount(), totalThreats);
+    if (totalThreats === 0) {
+        console.log(`${GREEN}No threats detected.${RESET}\n`);
+        return;
+    }
+    for (const { event, filtered } of allResults) {
+        const preview = event.content.slice(0, 80).replace(/\n/g, ' ');
+        console.log(`  ${DIM}Event: [${event.type}] "${preview}..."${RESET}`);
+        for (const m of filtered) {
+            printMatch(m);
+        }
+        console.log('');
+    }
+}
+// ── SKILL.md Scan ──────────────────────────────────────────────
+async function scanSkillFiles(targetPath, rulesDir, options, reporter) {
+    const skillFiles = collectSkillFiles(targetPath);
+    if (skillFiles.length === 0) {
+        console.error(`${RED}Error: No SKILL.md files found in ${targetPath}${RESET}`);
+        process.exit(1);
+    }
+    const engine = new ATREngine({ rulesDir, reporter });
+    await engine.loadRules();
+    const minIdx = SEVERITY_ORDER.indexOf((options.severity ?? 'informational'));
+    const allResults = [];
+    let totalThreats = 0;
+    for (const file of skillFiles) {
+        const fileSize = statSync(file).size;
+        if (fileSize > 1 * 1024 * 1024) {
+            console.error(`${RED}Warning: Skipping ${file} (${Math.round(fileSize / 1024)}KB exceeds 1MB limit)${RESET}`);
+            continue;
+        }
+        const content = readFileSync(file, 'utf-8');
+        const result = engine.scanSkillFull(content, file);
+        const filtered = result.matches.filter((m) => SEVERITY_ORDER.indexOf(m.rule.severity) >= minIdx);
+        if (filtered.length > 0) {
+            allResults.push({ file, result, filtered });
+            totalThreats += filtered.length;
+        }
+    }
+    if (options.sarif) {
+        const sarifResults = allResults.map(({ result, filtered }) => ({
+            ...result,
+            matches: filtered,
+            threat_count: filtered.length,
+        }));
+        const version = process.env['npm_package_version'] ?? '1.0.0';
+        console.log(JSON.stringify(scanResultToSARIF(sarifResults, version), null, 2));
+        return;
+    }
+    if (options.json) {
+        console.log(JSON.stringify({
+            scan_type: 'skill',
+            skills_scanned: skillFiles.length,
+            threats_detected: totalThreats,
+            rules_loaded: engine.getRuleCount(),
+            results: allResults.map(({ file, result, filtered }) => ({
+                file,
+                content_hash: result.content_hash,
+                matches: filtered.map(formatMatchJson),
+            })),
+        }, null, 2));
+        return;
+    }
+    printScanHeader('SKILL', skillFiles.length, engine.getRuleCount(), totalThreats);
+    if (totalThreats === 0) {
+        console.log(`  ${GREEN}No threats detected.${RESET}\n`);
+        return;
+    }
+    for (const { file, filtered } of allResults) {
+        const relPath = file.replace(process.cwd() + '/', '');
+        console.log(`  ${BOLD}${relPath}${RESET}`);
+        for (const m of filtered) {
+            printMatch(m);
+        }
+        console.log('');
+    }
+}
+// ── Shared Helpers ─────────────────────────────────────────────
+function collectSkillFiles(targetPath) {
+    const files = [];
+    const stat = statSync(targetPath);
+    if (stat.isDirectory()) {
+        walkForSkills(targetPath, files);
+    }
+    else {
+        files.push(targetPath);
+    }
+    return files;
+}
+function walkForSkills(dir, out) {
+    for (const entry of readdirSync(dir, { withFileTypes: true })) {
+        const full = resolve(dir, entry.name);
+        if (entry.isDirectory()) {
+            walkForSkills(full, out);
+        }
+        else if (entry.name === 'SKILL.md' || entry.name === 'skill.md') {
+            out.push(full);
+        }
+    }
+}
+function formatMatchJson(m) {
+    return {
+        rule_id: m.rule.id,
+        title: m.rule.title,
+        severity: m.rule.severity,
+        confidence: m.confidence,
+        matched_conditions: m.matchedConditions,
+    };
+}
+function printScanHeader(type, scanned, rulesLoaded, threats) {
+    const label = type === 'MCP' ? 'Events' : 'Skills';
+    console.log(`\n${BOLD}ATR ${type} Scan Results${RESET}`);
+    console.log(`${DIM}${'─'.repeat(60)}${RESET}`);
+    console.log(`  ${label} scanned:  ${scanned}`);
+    console.log(`  Rules loaded:    ${rulesLoaded}`);
+    console.log(`  Threats found:   ${threats > 0 ? RED + threats + RESET : GREEN + '0' + RESET}`);
+    console.log(`${DIM}${'─'.repeat(60)}${RESET}`);
+    console.log(`${DIM}  Open source (MIT). Star: https://github.com/Agent-Threat-Rule/agent-threat-rules${RESET}`);
+    console.log('');
+}
+function printMatch(m) {
+    const color = SEVERITY_COLORS[m.rule.severity] ?? '';
+    console.log(`    ${color}${m.rule.severity.toUpperCase().padEnd(13)}${RESET} ${m.rule.id} - ${m.rule.title}`);
+    console.log(`    ${DIM}Confidence: ${(m.confidence * 100).toFixed(0)}% | Conditions: ${m.matchedConditions.join(', ')}${RESET}`);
+}
+//# sourceMappingURL=scan-handler.js.map

package/dist/cli/scan-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-handler.js","sourceRoot":"","sources":["../../src/cli/scan-handler.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAC1E,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAErD,MAAM,cAAc,GAAG,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAU,CAAC;AAEvF,cAAc;AACd,MAAM,GAAG,GAAG,UAAU,CAAC;AACvB,MAAM,KAAK,GAAG,UAAU,CAAC;AACzB,MAAM,GAAG,GAAG,SAAS,CAAC;AACtB,MAAM,IAAI,GAAG,SAAS,CAAC;AACvB,MAAM,KAAK,GAAG,SAAS,CAAC;AAExB,MAAM,eAAe,GAA2B;IAC9C,QAAQ,EAAE,UAAU;IACpB,IAAI,EAAE,UAAU;IAChB,MAAM,EAAE,UAAU;IAClB,GAAG,EAAE,UAAU;IACf,aAAa,EAAE,UAAU;CAC1B,CAAC;AAYF,iFAAiF;AACjF,MAAM,UAAU,eAAe,CAAC,UAAkB;IAChD,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC;IAC/C,IAAI,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAE/C,wCAAwC;IACxC,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QACjE,MAAM,OAAO,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;QACxC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;QACzD,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CACxB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,UAAU,CAC3D,CAAC;QACF,IAAI,KAAK;YAAE,OAAO,OAAO,CAAC;QAC1B,IAAI,OAAO;YAAE,OAAO,KAAK,CAAC;QAC1B,OAAO,OAAO,CAAC,CAAC,gDAAgD;IAClE,CAAC;IAED,2CAA2C;IAC3C,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC;QACzE,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAC/D,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,OAAO,OAAO,CAAC;IACrE,CAAC;IAED,MAAM,IAAI,KAAK,CACb,mCAAmC,UAAU,wDAAwD,CACtG,CAAC;AACJ,CAAC;AAED,6FAA6F;AAC7F,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,MAAc,EACd,QAAgB,EAChB,OAAoB;IAEpB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,0DAA0D,KAAK,EAAE,CAAC,CAAC;QACvF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,0BAA0B,UAAU,GAAG,KAAK,EAAE,CAAC,CAAC;QACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,iDAAiD;IACjD,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa;QACpC,CAAC,CAAC,gBAAgB,CAAC;YACf,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,cAAc,GAAG,CAAC,OAAO,GAAG,KAAK,EAAE,CAAC;SAC3E,CAAC;QACJ,CAAC,CAAC,SAAS,CAAC;IAEd,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,IAAI,eAAe,CAAC,UAAU,CAAC,CAAC;IAElE,IAAI,CAAC;QACH,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,MAAM,cAAc,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;QAChE,CAAC;aAAM,CAAC;YACN,MAAM,aAAa,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;YAAS,CAAC;QACT,qCAAqC;QACrC,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;YACzB,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,0CAA0C,OAAO,CAAC,KAAK,IAAI,wBAAwB,GAAG,KAAK,EAAE,CAAC,CAAC;YACnH,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,kEAAkE;AAElE,KAAK,UAAU,aAAa,CAC1B,UAAkB,EAClB,QAAgB,EAChB,OAAoB,EACpB,QAA8C;IAE9C,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IACtC,IAAI,QAAQ,CAAC,IAAI,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;QACrC,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,wCAAwC,KAAK,EAAE,CAAC,CAAC;QACrE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,GAAG,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAC9C,IAAI,MAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,0BAA0B,UAAU,GAAG,KAAK,EAAE,CAAC,CAAC;QACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IACrD,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;IAEzB,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CACnC,CAAC,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAkC,CACvE,CAAC;IAEF,MAAM,UAAU,GAA2E,EAAE,CAAC;IAC9F,IAAI,YAAY,GAAG,CAAC,CAAC;IAErB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC,KAAK,CAAC,OAAO;YAAE,SAAS,CAAC,wBAAwB;QACtD,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,MAAM,CACzD,CAAC;QACF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,UAAU,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;YAC7C,YAAY,IAAI,QAAQ,CAAC,MAAM,CAAC;QAClC,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,YAAY,GAAiB,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;YAC3E,GAAG,MAAM;YACT,OAAO,EAAE,QAAQ;YACjB,YAAY,EAAE,QAAQ,CAAC,MAAM;SAC9B,CAAC,CAAC,CAAC;QACJ,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,OAAO,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,YAAY,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/E,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;YACzB,SAAS,EAAE,KAAK;YAChB,cAAc,EAAE,MAAM,CAAC,MAAM;YAC7B,gBAAgB,EAAE,YAAY;YAC9B,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE;YACnC,OAAO,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;gBACxD,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,KAAK,EAAE;oBACL,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,eAAe,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;iBAC7C;gBACD,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,eAAe,CAAC;aACvC,CAAC,CAAC;SACJ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACb,OAAO;IACT,CAAC;IAED,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC;IAE3E,IAAI,YAAY,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,uBAAuB,KAAK,IAAI,CAAC,CAAC;QACtD,OAAO;IACT,CAAC;IAED,KAAK,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,UAAU,EAAE,CAAC;QAC7C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC/D,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,WAAW,KAAK,CAAC,IAAI,MAAM,OAAO,OAAO,KAAK,EAAE,CAAC,CAAC;QACtE,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,UAAU,CAAC,CAAC,CAAC,CAAC;QAChB,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,kEAAkE;AAElE,KAAK,UAAU,cAAc,CAC3B,UAAkB,EAClB,QAAgB,EAChB,OAAoB,EACpB,QAA8C;IAE9C,MAAM,UAAU,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAEjD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,qCAAqC,UAAU,GAAG,KAAK,EAAE,CAAC,CAAC;QAC/E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IACrD,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;IAEzB,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CACnC,CAAC,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAkC,CACvE,CAAC;IAEF,MAAM,UAAU,GAAsE,EAAE,CAAC;IACzF,IAAI,YAAY,GAAG,CAAC,CAAC;IAErB,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;QACrC,IAAI,QAAQ,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;YAC/B,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,qBAAqB,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,GAAG,IAAI,CAAC,wBAAwB,KAAK,EAAE,CAAC,CAAC;YAC9G,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACnD,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,MAAM,CACzD,CAAC;QACF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;YAC5C,YAAY,IAAI,QAAQ,CAAC,MAAM,CAAC;QAClC,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,YAAY,GAAiB,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;YAC3E,GAAG,MAAM;YACT,OAAO,EAAE,QAAQ;YACjB,YAAY,EAAE,QAAQ,CAAC,MAAM;SAC9B,CAAC,CAAC,CAAC;QACJ,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,OAAO,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,CAAC,YAAY,EAAE,OAAO,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/E,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC;YACzB,SAAS,EAAE,OAAO;YAClB,cAAc,EAAE,UAAU,CAAC,MAAM;YACjC,gBAAgB,EAAE,YAAY;YAC9B,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE;YACnC,OAAO,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;gBACvD,IAAI;gBACJ,YAAY,EAAE,MAAM,CAAC,YAAY;gBACjC,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,eAAe,CAAC;aACvC,CAAC,CAAC;SACJ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACb,OAAO;IACT,CAAC;IAED,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,YAAY,EAAE,EAAE,YAAY,CAAC,CAAC;IAEjF,IAAI,YAAY,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,uBAAuB,KAAK,IAAI,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,UAAU,EAAE,CAAC;QAC5C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,GAAG,OAAO,GAAG,KAAK,EAAE,CAAC,CAAC;QAC3C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,UAAU,CAAC,CAAC,CAAC,CAAC;QAChB,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,kEAAkE;AAElE,SAAS,iBAAiB,CAAC,UAAkB;IAC3C,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IAClC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACvB,aAAa,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;IACnC,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,aAAa,CAAC,GAAW,EAAE,GAAa;IAC/C,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QAC9D,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,aAAa,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAC3B,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;YAClE,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,CAAW;IAClC,OAAO;QACL,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE;QAClB,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK;QACnB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;QACzB,UAAU,EAAE,CAAC,CAAC,UAAU;QACxB,kBAAkB,EAAE,CAAC,CAAC,iBAAiB;KACxC,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CACtB,IAAY,EACZ,OAAe,EACf,WAAmB,EACnB,OAAe;IAEf,MAAM,KAAK,GAAG,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;IACnD,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,OAAO,IAAI,gBAAgB,KAAK,EAAE,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,cAAc,OAAO,EAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,sBAAsB,WAAW,EAAE,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,sBAAsB,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,GAAG,KAAK,EAAE,CAAC,CAAC;IAC/F,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,KAAK,EAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,qFAAqF,KAAK,EAAE,CAAC,CAAC;IAChH,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,UAAU,CAAC,CAAW;IAC7B,MAAM,KAAK,GAAG,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;IACrD,OAAO,CAAC,GAAG,CACT,OAAO,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,CACjG,CAAC;IACF,OAAO,CAAC,GAAG,CACT,OAAO,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,EAAE,CACpH,CAAC;AACJ,CAAC"}

package/dist/cli/tc-pipeline.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Standardized Threat Cloud pipeline commands.
+ *
+ *   atr tc sync        Push repo rules → TC (updates metrics + website)
+ *   atr tc pull        Pull confirmed TC rules → repo (validate + write)
+ *   atr tc crystallize Send missed attacks → TC LLM → new proposals
+ *   atr tc status      Show TC state (rules, proposals, threats)
+ *
+ * All commands are idempotent and safe to run repeatedly.
+ * CI workflows call these same commands — no ad-hoc scripts.
+ *
+ * @module agent-threat-rules/cli/tc-pipeline
+ */
+export declare function cmdTCSync(options: Record<string, string | undefined>): Promise<void>;
+export declare function cmdTCPull(options: Record<string, string | undefined>): Promise<void>;
+export declare function cmdTCCrystallize(options: Record<string, string | undefined>): Promise<void>;
+export declare function cmdTCStatus(options: Record<string, string | undefined>): Promise<void>;
+//# sourceMappingURL=tc-pipeline.d.ts.map

package/dist/cli/tc-pipeline.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tc-pipeline.d.ts","sourceRoot":"","sources":["../../src/cli/tc-pipeline.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAoCH,wBAAsB,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAgD1F;AAID,wBAAsB,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAoG1F;AAID,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAqFjG;AAID,wBAAsB,WAAW,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAiD5F"}