npm - @panguard-ai/panguard-guard - Versions diffs - 0.2.6 → 0.3.0 - Mend

@panguard-ai/panguard-guard 0.2.6 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4143) hide show

package/dist/agent/atr-action-handlers.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"atr-action-handlers.d.ts","sourceRoot":"","sources":["../../src/agent/atr-action-handlers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAO3E;;;;GAIG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,gBAAgB,CAAsC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,OAAO,EAAE,MAAM;IAI3B;;;OAGG;IACH,mBAAmB,CAAC,OAAO,EAAE,qBAAqB,GAAG,IAAI;IAKzD;;;;OAIG;IACG,SAAS,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IAiBhE;;;;OAIG;IACG,SAAS,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IAqFhE;;;;OAIG;IACG,iBAAiB,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;~~IA2CxE~~;;;;OAIG;IACG,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IA4ClE;;;;OAIG;IACG,iBAAiB,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;~~IAgDxE~~,OAAO,CAAC,eAAe;IAUvB,OAAO,CAAC,cAAc;IAStB,OAAO,CAAC,eAAe;IASvB,OAAO,CAAC,gBAAgB;IASxB;;OAEG;YACW,WAAW;CAY1B"}
1	+ {"version":3,"file":"atr-action-handlers.d.ts","sourceRoot":"","sources":["../../src/agent/atr-action-handlers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAO3E;;;;GAIG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,gBAAgB,CAAsC;IAC9D,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,OAAO,EAAE,MAAM;IAI3B;;;OAGG;IACH,mBAAmB,CAAC,OAAO,EAAE,qBAAqB,GAAG,IAAI;IAKzD;;;;OAIG;IACG,SAAS,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IAiBhE;;;;OAIG;IACG,SAAS,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IAqFhE;;;;OAIG;IACG,iBAAiB,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IA4CxE;;;;OAIG;IACG,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IA4ClE;;;;OAIG;IACG,iBAAiB,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;IAiDxE,OAAO,CAAC,eAAe;IAUvB,OAAO,CAAC,cAAc;IAStB,OAAO,CAAC,eAAe;IASvB,OAAO,CAAC,gBAAgB;IASxB;;OAEG;YACW,WAAW;CAY1B"}

package/dist/agent/atr-action-handlers.js CHANGED Viewed

@@ -7,7 +7,7 @@
  *
  * @module @panguard-ai/panguard-guard/agent/atr-action-handlers
  */
-import { createLogger } from '@panguard-ai/core';
+import { createLogger, sanitizeFilename } from '@panguard-ai/core';
 const logger = createLogger('panguard-guard:atr-actions');
 /** Safety: agents that must not be killed */
 const PROTECTED_AGENTS = new Set(['panguard-guard', 'panguard-manager', 'system-agent']);
@@ -150,7 +150,8 @@ export class ATRActionHandlers {
                 verdict: { conclusion: verdict.conclusion, confidence: verdict.confidence },
                 reasoning: verdict.reasoning,
             };
-            const markerPath = join(quarantineDir, `${label}.json`);
+            const safeLabel = sanitizeFilename(label);
+            const markerPath = join(quarantineDir, `${safeLabel}.json`);
             writeFileSync(markerPath, JSON.stringify(marker, null, 2), 'utf-8');
             logger.info(`ATR action: session "${label}" quarantined`);
             return {
@@ -235,7 +236,8 @@ export class ATRActionHandlers {
                 verdict: { conclusion: verdict.conclusion, confidence: verdict.confidence },
                 restrictions: ['deny_write', 'deny_exec', 'deny_network'],
             };
-            const overridePath = join(configDir, `${label}.json`);
+            const safeLabel = sanitizeFilename(label);
+            const overridePath = join(configDir, `${safeLabel}.json`);
             writeFileSync(overridePath, JSON.stringify(override, null, 2), 'utf-8');
             logger.info(`ATR action: permissions reduced for "${label}"`);
             return {

package/dist/agent/atr-action-handlers.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"atr-action-handlers.js","sourceRoot":"","sources":["../../src/agent/atr-action-handlers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;~~AAIjD~~,MAAM,MAAM,GAAG,YAAY,CAAC,4BAA4B,CAAC,CAAC;AAE1D,6CAA6C;AAC7C,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,cAAc,CAAC,CAAC,CAAC;AAEzF;;;;GAIG;AACH,MAAM,OAAO,iBAAiB;IACpB,gBAAgB,GAAiC,IAAI,CAAC;IAC7C,OAAO,CAAS;IAEjC,YAAY,OAAe;QACzB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,mBAAmB,CAAC,OAA8B;QAChD,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC;QAChC,MAAM,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAClE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,OAAsB;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,QAAQ,IAAI,SAAS,CAAC;QAEpC,MAAM,CAAC,IAAI,CAAC,oCAAoC,KAAK,GAAG,CAAC,CAAC;QAE1D,OAAO;YACL,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,IAAI;YACb,OAAO,EACL,SAAS,KAAK,yBAAyB;gBACvC,eAAe,OAAO,CAAC,UAAU,iBAAiB,OAAO,CAAC,UAAU,GAAG;YACzE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,KAAK;SACd,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,OAAsB;QACpC,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1C,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO;gBACL,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,mDAAmD;gBAC5D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,IAAI,OAAO,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,CAAC,IAAI,CAAC,qCAAqC,OAAO,EAAE,CAAC,CAAC;YAC5D,OAAO;gBACL,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,UAAU,OAAO,qCAAqC;gBAC/D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,OAAO;aAChB,CAAC;QACJ,CAAC;QAED,IAAI,GAAG,EAAE,CAAC;YACR,iCAAiC;YACjC,IAAI,GAAG,KAAK,OAAO,CAAC,GAAG,EAAE,CAAC;gBACxB,OAAO;oBACL,MAAM,EAAE,YAAY;oBACpB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,yBAAyB;oBAClC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC;iBACpB,CAAC;YACJ,CAAC;YAED,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;gBAC7B,MAAM,CAAC,IAAI,CAAC,yCAAyC,GAAG,cAAc,OAAO,IAAI,KAAK,GAAG,CAAC,CAAC;gBAE3F,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAClD,IAAI,OAAO,EAAE,CAAC;oBACZ,IAAI,CAAC;wBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;wBAC7B,MAAM,CAAC,IAAI,CAAC,6CAA6C,GAAG,EAAE,CAAC,CAAC;oBAClE,CAAC;oBAAC,MAAM,CAAC;wBACP,iDAAiD;oBACnD,CAAC;gBACH,CAAC;gBAED,OAAO;oBACL,MAAM,EAAE,YAAY;oBACpB,OAAO,EAAE,IAAI;oBACb,OAAO,EACL,aAAa,GAAG,cAAc,OAAO,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,EAAE,EAAE;wBACpE,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc,OAAO,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC;iBACpB,CAAC;YACJ,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAC7D,MAAM,CAAC,KAAK,CAAC,4BAA4B,GAAG,KAAK,GAAG,EAAE,CAAC,CAAC;gBACxD,OAAO;oBACL,MAAM,EAAE,YAAY;oBACpB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,4BAA4B,GAAG,KAAK,GAAG,EAAE;oBAClD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC;iBACpB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,MAAM,CAAC,IAAI,CAAC,iDAAiD,OAAO,sBAAsB,CAAC,CAAC;QAC5F,OAAO;YACL,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,6BAA6B,OAAO,0CAA0C;YACvF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,OAAO;SAChB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,OAAsB;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACjD,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;QAErC,IAAI,CAAC;YACH,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;YAC7D,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;YAE3C,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;YACjE,SAAS,CAAC,aAAa,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAE9C,MAAM,MAAM,GAAG;gBACb,SAAS,EAAE,KAAK;gBAChB,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACvC,OAAO,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE;gBAC3E,SAAS,EAAE,OAAO,CAAC,SAAS;aAC7B,CAAC;YAEF,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,~~KAAK~~,OAAO,CAAC,CAAC;~~YACxD~~,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAEpE,MAAM,CAAC,IAAI,CAAC,wBAAwB,KAAK,eAAe,CAAC,CAAC;YAE1D,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,YAAY,KAAK,oCAAoC,UAAU,EAAE;gBAC1E,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,MAAM,CAAC,KAAK,CAAC,iCAAiC,KAAK,MAAM,GAAG,EAAE,CAAC,CAAC;YAChE,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,iCAAiC,KAAK,MAAM,GAAG,EAAE;gBAC1D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,WAAW,CAAC,OAAsB;QACtC,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAChD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO;gBACL,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,8CAA8C;gBACvD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,MAAM,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;YACxE,OAAO;gBACL,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,wBAAwB,SAAS,oCAAoC;gBAC9E,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,SAAS;aAClB,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAC1C,SAAS,EACT,uBAAuB,OAAO,CAAC,UAAU,iBAAiB,OAAO,CAAC,UAAU,IAAI,CACjF,CAAC;QAEF,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CAAC,sBAAsB,SAAS,0BAA0B,CAAC,CAAC;QACzE,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,sBAAsB,SAAS,gCAAgC,CAAC,CAAC;QAC/E,CAAC;QAED,OAAO;YACL,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,OAAO;gBACd,CAAC,CAAC,UAAU,SAAS,0BAA0B;gBAC/C,CAAC,CAAC,UAAU,SAAS,mCAAmC;YAC1D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,SAAS;SAClB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,OAAsB;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,OAAO,IAAI,SAAS,CAAC;QAEhD,IAAI,CAAC;YACH,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;YAC7D,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;YAE3C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;YAC7D,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAE1C,MAAM,QAAQ,GAAG;gBACf,QAAQ,EAAE,KAAK;gBACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE;gBAC3E,YAAY,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,cAAc,CAAC;aAC1D,CAAC;YAEF,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,EAAE,GAAG,~~KAAK~~,OAAO,CAAC,CAAC;~~YACtD~~,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAExE,MAAM,CAAC,IAAI,CAAC,wCAAwC,KAAK,GAAG,CAAC,CAAC;YAE9D,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,4BAA4B,KAAK,0BAA0B,YAAY,EAAE;gBAClF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,MAAM,CAAC,KAAK,CAAC,qCAAqC,KAAK,MAAM,GAAG,EAAE,CAAC,CAAC;YACpE,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,qCAAqC,KAAK,MAAM,GAAG,EAAE;gBAC9D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,8BAA8B;IAC9B,8EAA8E;IAEtE,eAAe,CAAC,OAAsB;QAC5C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC;gBAAE,OAAO,IAAI,CAAC,WAAW,CAAW,CAAC;YAC5D,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;gBAAE,OAAO,IAAI,CAAC,UAAU,CAAW,CAAC;YAC1D,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC;gBAAE,OAAO,IAAI,CAAC,WAAW,CAAW,CAAC;QAC9D,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,cAAc,CAAC,OAAsB;QAC3C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,SAAS,CAAC;gBAAE,OAAO,IAAI,CAAC,SAAS,CAAW,CAAC;YACxD,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;gBAAE,OAAO,IAAI,CAAC,UAAU,CAAW,CAAC;QAC5D,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,eAAe,CAAC,OAAsB;QAC5C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;gBAAE,OAAO,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YACxD,IAAI,IAAI,EAAE,CAAC,KAAK,CAAC;gBAAE,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,gBAAgB,CAAC,OAAsB;QAC7C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC;gBAAE,OAAO,IAAI,CAAC,WAAW,CAAW,CAAC;YAC5D,IAAI,IAAI,EAAE,CAAC,YAAY,CAAC;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAW,CAAC;QAChE,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CAAC,GAAW,EAAE,SAAiB;QACtD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,SAAS,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;gBACrB,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;YAC3D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
1	+ {"version":3,"file":"atr-action-handlers.js","sourceRoot":"","sources":["../../src/agent/atr-action-handlers.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAInE,MAAM,MAAM,GAAG,YAAY,CAAC,4BAA4B,CAAC,CAAC;AAE1D,6CAA6C;AAC7C,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,cAAc,CAAC,CAAC,CAAC;AAEzF;;;;GAIG;AACH,MAAM,OAAO,iBAAiB;IACpB,gBAAgB,GAAiC,IAAI,CAAC;IAC7C,OAAO,CAAS;IAEjC,YAAY,OAAe;QACzB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,mBAAmB,CAAC,OAA8B;QAChD,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC;QAChC,MAAM,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAClE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,OAAsB;QACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,QAAQ,IAAI,SAAS,CAAC;QAEpC,MAAM,CAAC,IAAI,CAAC,oCAAoC,KAAK,GAAG,CAAC,CAAC;QAE1D,OAAO;YACL,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,IAAI;YACb,OAAO,EACL,SAAS,KAAK,yBAAyB;gBACvC,eAAe,OAAO,CAAC,UAAU,iBAAiB,OAAO,CAAC,UAAU,GAAG;YACzE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,KAAK;SACd,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,OAAsB;QACpC,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAE1C,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO;gBACL,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,mDAAmD;gBAC5D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC;QACJ,CAAC;QAED,iCAAiC;QACjC,IAAI,OAAO,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7C,MAAM,CAAC,IAAI,CAAC,qCAAqC,OAAO,EAAE,CAAC,CAAC;YAC5D,OAAO;gBACL,MAAM,EAAE,YAAY;gBACpB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,UAAU,OAAO,qCAAqC;gBAC/D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,OAAO;aAChB,CAAC;QACJ,CAAC;QAED,IAAI,GAAG,EAAE,CAAC;YACR,iCAAiC;YACjC,IAAI,GAAG,KAAK,OAAO,CAAC,GAAG,EAAE,CAAC;gBACxB,OAAO;oBACL,MAAM,EAAE,YAAY;oBACpB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,yBAAyB;oBAClC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC;iBACpB,CAAC;YACJ,CAAC;YAED,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;gBAC7B,MAAM,CAAC,IAAI,CAAC,yCAAyC,GAAG,cAAc,OAAO,IAAI,KAAK,GAAG,CAAC,CAAC;gBAE3F,+CAA+C;gBAC/C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAClD,IAAI,OAAO,EAAE,CAAC;oBACZ,IAAI,CAAC;wBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;wBAC7B,MAAM,CAAC,IAAI,CAAC,6CAA6C,GAAG,EAAE,CAAC,CAAC;oBAClE,CAAC;oBAAC,MAAM,CAAC;wBACP,iDAAiD;oBACnD,CAAC;gBACH,CAAC;gBAED,OAAO;oBACL,MAAM,EAAE,YAAY;oBACpB,OAAO,EAAE,IAAI;oBACb,OAAO,EACL,aAAa,GAAG,cAAc,OAAO,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,EAAE,EAAE;wBACpE,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc,OAAO,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC;iBACpB,CAAC;YACJ,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAC7D,MAAM,CAAC,KAAK,CAAC,4BAA4B,GAAG,KAAK,GAAG,EAAE,CAAC,CAAC;gBACxD,OAAO;oBACL,MAAM,EAAE,YAAY;oBACpB,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,4BAA4B,GAAG,KAAK,GAAG,EAAE;oBAClD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,MAAM,EAAE,MAAM,CAAC,GAAG,CAAC;iBACpB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,MAAM,CAAC,IAAI,CAAC,iDAAiD,OAAO,sBAAsB,CAAC,CAAC;QAC5F,OAAO;YACL,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,6BAA6B,OAAO,0CAA0C;YACvF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,OAAO;SAChB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,OAAsB;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACjD,MAAM,KAAK,GAAG,SAAS,IAAI,SAAS,CAAC;QAErC,IAAI,CAAC;YACH,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;YAC7D,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;YAE3C,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;YACjE,SAAS,CAAC,aAAa,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAE9C,MAAM,MAAM,GAAG;gBACb,SAAS,EAAE,KAAK;gBAChB,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACvC,OAAO,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE;gBAC3E,SAAS,EAAE,OAAO,CAAC,SAAS;aAC7B,CAAC;YAEF,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,GAAG,SAAS,OAAO,CAAC,CAAC;YAC5D,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAEpE,MAAM,CAAC,IAAI,CAAC,wBAAwB,KAAK,eAAe,CAAC,CAAC;YAE1D,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,YAAY,KAAK,oCAAoC,UAAU,EAAE;gBAC1E,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,MAAM,CAAC,KAAK,CAAC,iCAAiC,KAAK,MAAM,GAAG,EAAE,CAAC,CAAC;YAChE,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,iCAAiC,KAAK,MAAM,GAAG,EAAE;gBAC1D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,WAAW,CAAC,OAAsB;QACtC,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QAChD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO;gBACL,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,8CAA8C;gBACvD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,MAAM,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;YACxE,OAAO;gBACL,MAAM,EAAE,cAAc;gBACtB,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,wBAAwB,SAAS,oCAAoC;gBAC9E,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,SAAS;aAClB,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAC1C,SAAS,EACT,uBAAuB,OAAO,CAAC,UAAU,iBAAiB,OAAO,CAAC,UAAU,IAAI,CACjF,CAAC;QAEF,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CAAC,sBAAsB,SAAS,0BAA0B,CAAC,CAAC;QACzE,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,sBAAsB,SAAS,gCAAgC,CAAC,CAAC;QAC/E,CAAC;QAED,OAAO;YACL,MAAM,EAAE,cAAc;YACtB,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,OAAO;gBACd,CAAC,CAAC,UAAU,SAAS,0BAA0B;gBAC/C,CAAC,CAAC,UAAU,SAAS,mCAAmC;YAC1D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,SAAS;SAClB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,OAAsB;QAC5C,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,SAAS,IAAI,OAAO,IAAI,SAAS,CAAC;QAEhD,IAAI,CAAC;YACH,MAAM,EAAE,aAAa,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;YAC7D,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;YAE3C,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;YAC7D,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAE1C,MAAM,QAAQ,GAAG;gBACf,QAAQ,EAAE,KAAK;gBACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,OAAO,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE;gBAC3E,YAAY,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,cAAc,CAAC;aAC1D,CAAC;YAEF,MAAM,SAAS,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAC1C,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,EAAE,GAAG,SAAS,OAAO,CAAC,CAAC;YAC1D,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAExE,MAAM,CAAC,IAAI,CAAC,wCAAwC,KAAK,GAAG,CAAC,CAAC;YAE9D,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,4BAA4B,KAAK,0BAA0B,YAAY,EAAE;gBAClF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,MAAM,CAAC,KAAK,CAAC,qCAAqC,KAAK,MAAM,GAAG,EAAE,CAAC,CAAC;YACpE,OAAO;gBACL,MAAM,EAAE,oBAAoB;gBAC5B,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,qCAAqC,KAAK,MAAM,GAAG,EAAE;gBAC9D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,MAAM,EAAE,KAAK;aACd,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,8BAA8B;IAC9B,8EAA8E;IAEtE,eAAe,CAAC,OAAsB;QAC5C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC;gBAAE,OAAO,IAAI,CAAC,WAAW,CAAW,CAAC;YAC5D,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;gBAAE,OAAO,IAAI,CAAC,UAAU,CAAW,CAAC;YAC1D,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC;gBAAE,OAAO,IAAI,CAAC,WAAW,CAAW,CAAC;QAC9D,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,cAAc,CAAC,OAAsB;QAC3C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,SAAS,CAAC;gBAAE,OAAO,IAAI,CAAC,SAAS,CAAW,CAAC;YACxD,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;gBAAE,OAAO,IAAI,CAAC,UAAU,CAAW,CAAC;QAC5D,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,eAAe,CAAC,OAAsB;QAC5C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;gBAAE,OAAO,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YACxD,IAAI,IAAI,EAAE,CAAC,KAAK,CAAC;gBAAE,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,gBAAgB,CAAC,OAAsB;QAC7C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;YAC3D,IAAI,IAAI,EAAE,CAAC,WAAW,CAAC;gBAAE,OAAO,IAAI,CAAC,WAAW,CAAW,CAAC;YAC5D,IAAI,IAAI,EAAE,CAAC,YAAY,CAAC;gBAAE,OAAO,IAAI,CAAC,YAAY,CAAW,CAAC;QAChE,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CAAC,GAAW,EAAE,SAAiB;QACtD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,GAAG,SAAS,EAAE,CAAC;YACtC,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;gBACrB,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;YAC3D,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}

package/dist/agent/respond/action-manifest.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+/**
+ * Action manifest for persistence and rollback tracking.
+ * @module @panguard-ai/panguard-guard/agent/respond/action-manifest
+ */
+import type { ResponseAction, ThreatVerdict } from '../../types.js';
+import type { ActionManifestEntry } from './types.js';
+export declare class ActionManifest {
+    private readonly entries;
+    private readonly manifestPath;
+    constructor(dataDir: string);
+    /** Record a new action and persist it */
+    record(action: ResponseAction, target: string, verdict: ThreatVerdict, expiresAt?: string): ActionManifestEntry;
+    /** Find an entry by ID that has not been rolled back */
+    findRollbackable(entryId: string): ActionManifestEntry | undefined;
+    /** Find an entry by ID */
+    findById(entryId: string): ActionManifestEntry | undefined;
+    /** Get all active (non-rolled-back) entries */
+    getActive(): ActionManifestEntry[];
+    /** Mark an entry as rolled back and persist the change */
+    markRolledBack(entryId: string): void;
+    /** Persist a single entry to the JSONL file */
+    persist(entry: ActionManifestEntry): void;
+    /** Load existing manifest entries from disk */
+    private load;
+}
+//# sourceMappingURL=action-manifest.d.ts.map

package/dist/agent/respond/action-manifest.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"action-manifest.d.ts","sourceRoot":"","sources":["../../../src/agent/respond/action-manifest.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAItD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAA6B;IACrD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;gBAE1B,OAAO,EAAE,MAAM;IAa3B,yCAAyC;IACzC,MAAM,CACJ,MAAM,EAAE,cAAc,EACtB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,aAAa,EACtB,SAAS,CAAC,EAAE,MAAM,GACjB,mBAAmB;IAgBtB,wDAAwD;IACxD,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS;IAIlE,0BAA0B;IAC1B,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS;IAI1D,+CAA+C;IAC/C,SAAS,IAAI,mBAAmB,EAAE;IAIlC,0DAA0D;IAC1D,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAQrC,+CAA+C;IAC/C,OAAO,CAAC,KAAK,EAAE,mBAAmB,GAAG,IAAI;IASzC,+CAA+C;IAC/C,OAAO,CAAC,IAAI;CAiBb"}

package/dist/agent/respond/action-manifest.js ADDED Viewed

@@ -0,0 +1,89 @@
+/**
+ * Action manifest for persistence and rollback tracking.
+ * @module @panguard-ai/panguard-guard/agent/respond/action-manifest
+ */
+import { appendFileSync, readFileSync, mkdirSync } from 'node:fs';
+import { dirname } from 'node:path';
+import { createLogger } from '@panguard-ai/core';
+const logger = createLogger('panguard-guard:action-manifest');
+export class ActionManifest {
+    entries = [];
+    manifestPath;
+    constructor(dataDir) {
+        this.manifestPath = `${dataDir}/action-manifest.jsonl`;
+        // Ensure manifest directory exists
+        try {
+            mkdirSync(dirname(this.manifestPath), { recursive: true });
+        }
+        catch {
+            // Directory may already exist
+        }
+        this.load();
+    }
+    /** Record a new action and persist it */
+    record(action, target, verdict, expiresAt) {
+        const entry = {
+            id: `act-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+            action,
+            target,
+            timestamp: new Date().toISOString(),
+            expiresAt,
+            rolledBack: false,
+            verdict: { conclusion: verdict.conclusion, confidence: verdict.confidence },
+        };
+        this.entries.push(entry);
+        this.persist(entry);
+        return entry;
+    }
+    /** Find an entry by ID that has not been rolled back */
+    findRollbackable(entryId) {
+        return this.entries.find((e) => e.id === entryId && !e.rolledBack);
+    }
+    /** Find an entry by ID */
+    findById(entryId) {
+        return this.entries.find((e) => e.id === entryId);
+    }
+    /** Get all active (non-rolled-back) entries */
+    getActive() {
+        return this.entries.filter((e) => !e.rolledBack);
+    }
+    /** Mark an entry as rolled back and persist the change */
+    markRolledBack(entryId) {
+        const entry = this.entries.find((e) => e.id === entryId);
+        if (entry) {
+            entry.rolledBack = true;
+            this.persist(entry);
+        }
+    }
+    /** Persist a single entry to the JSONL file */
+    persist(entry) {
+        try {
+            appendFileSync(this.manifestPath, JSON.stringify(entry) + '\n', 'utf-8');
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            logger.error(`Failed to persist action manifest: ${msg}`);
+        }
+    }
+    /** Load existing manifest entries from disk */
+    load() {
+        try {
+            const content = readFileSync(this.manifestPath, 'utf-8');
+            const lines = content.trim().split('\n').filter(Boolean);
+            for (const line of lines) {
+                try {
+                    const entry = JSON.parse(line);
+                    this.entries.push(entry);
+                }
+                catch {
+                    // Skip malformed lines
+                }
+            }
+            logger.info(`Loaded ${this.entries.length} action manifest entries`);
+        }
+        catch {
+            // Manifest file may not exist yet
+        }
+    }
+}
+//# sourceMappingURL=action-manifest.js.map

package/dist/agent/respond/action-manifest.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"action-manifest.js","sourceRoot":"","sources":["../../../src/agent/respond/action-manifest.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAClE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAIjD,MAAM,MAAM,GAAG,YAAY,CAAC,gCAAgC,CAAC,CAAC;AAE9D,MAAM,OAAO,cAAc;IACR,OAAO,GAA0B,EAAE,CAAC;IACpC,YAAY,CAAS;IAEtC,YAAY,OAAe;QACzB,IAAI,CAAC,YAAY,GAAG,GAAG,OAAO,wBAAwB,CAAC;QAEvD,mCAAmC;QACnC,IAAI,CAAC;YACH,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7D,CAAC;QAAC,MAAM,CAAC;YACP,8BAA8B;QAChC,CAAC;QAED,IAAI,CAAC,IAAI,EAAE,CAAC;IACd,CAAC;IAED,yCAAyC;IACzC,MAAM,CACJ,MAAsB,EACtB,MAAc,EACd,OAAsB,EACtB,SAAkB;QAElB,MAAM,KAAK,GAAwB;YACjC,EAAE,EAAE,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YACjE,MAAM;YACN,MAAM;YACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,SAAS;YACT,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,EAAE;SAC5E,CAAC;QAEF,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACpB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,wDAAwD;IACxD,gBAAgB,CAAC,OAAe;QAC9B,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,OAAO,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;IACrE,CAAC;IAED,0BAA0B;IAC1B,QAAQ,CAAC,OAAe;QACtB,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,OAAO,CAAC,CAAC;IACpD,CAAC;IAED,+CAA+C;IAC/C,SAAS;QACP,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;IACnD,CAAC;IAED,0DAA0D;IAC1D,cAAc,CAAC,OAAe;QAC5B,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,OAAO,CAAC,CAAC;QACzD,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,CAAC,UAAU,GAAG,IAAI,CAAC;YACxB,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,OAAO,CAAC,KAA0B;QAChC,IAAI,CAAC;YACH,cAAc,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;QAC3E,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,MAAM,CAAC,KAAK,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,+CAA+C;IACvC,IAAI;QACV,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;YACzD,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACzD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,CAAC;oBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAwB,CAAC;oBACtD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC3B,CAAC;gBAAC,MAAM,CAAC;oBACP,uBAAuB;gBACzB,CAAC;YACH,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,MAAM,0BAA0B,CAAC,CAAC;QACvE,CAAC;QAAC,MAAM,CAAC;YACP,kCAAkC;QACpC,CAAC;IACH,CAAC;CACF"}

package/dist/agent/respond/action-rate-limiter.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+/**
+ * Rate limiter for response actions -- prevents runaway auto-responses
+ * from causing self-DoS if DetectAgent produces false-positive loops.
+ *
+ * @module @panguard-ai/panguard-guard/agent/respond/action-rate-limiter
+ */
+import type { ResponseAction } from '../../types.js';
+export declare class ActionRateLimiter {
+    private readonly windows;
+    private consecutiveFailures;
+    private circuitBreakerUntil;
+    /** Per-action limits: max invocations per 60-second window */
+    private readonly limits;
+    /** Circuit breaker: pause all actions after N consecutive failures */
+    private readonly maxConsecutiveFailures;
+    /** Circuit breaker cooldown: 60 seconds */
+    private readonly circuitBreakerCooldownMs;
+    /** Sliding window size: 60 seconds */
+    private readonly windowMs;
+    /**
+     * Check whether the given action is allowed under rate limits.
+     * Returns true if allowed, false if rate-limited or circuit-broken.
+     */
+    allow(action: ResponseAction): boolean;
+    /** Record that an action was executed (adds to sliding window) */
+    record(action: ResponseAction): void;
+    /** Record a successful action -- resets consecutive failure counter */
+    recordSuccess(): void;
+    /** Record a failed action execution. Trips circuit breaker after threshold. */
+    recordFailure(): void;
+    /** Check if circuit breaker is currently active */
+    isCircuitBroken(): boolean;
+    /** Get current rate limit status for monitoring */
+    getStatus(): {
+        circuitBroken: boolean;
+        consecutiveFailures: number;
+        windowCounts: Record<string, number>;
+    };
+}
+//# sourceMappingURL=action-rate-limiter.d.ts.map

package/dist/agent/respond/action-rate-limiter.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"action-rate-limiter.d.ts","sourceRoot":"","sources":["../../../src/agent/respond/action-rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAIrD,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAuC;IAC/D,OAAO,CAAC,mBAAmB,CAAK;IAChC,OAAO,CAAC,mBAAmB,CAAK;IAEhC,8DAA8D;IAC9D,OAAO,CAAC,QAAQ,CAAC,MAAM,CAarB;IAEF,sEAAsE;IACtE,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAK;IAC5C,2CAA2C;IAC3C,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAU;IACnD,sCAAsC;IACtC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAU;IAEnC;;;OAGG;IACH,KAAK,CAAC,MAAM,EAAE,cAAc,GAAG,OAAO;IAoBtC,kEAAkE;IAClE,MAAM,CAAC,MAAM,EAAE,cAAc,GAAG,IAAI;IAMpC,uEAAuE;IACvE,aAAa,IAAI,IAAI;IAIrB,+EAA+E;IAC/E,aAAa,IAAI,IAAI;IAYrB,mDAAmD;IACnD,eAAe,IAAI,OAAO;IAI1B,mDAAmD;IACnD,SAAS,IAAI;QACX,aAAa,EAAE,OAAO,CAAC;QACvB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACtC;CAaF"}

package/dist/agent/respond/action-rate-limiter.js ADDED Viewed

@@ -0,0 +1,93 @@
+/**
+ * Rate limiter for response actions -- prevents runaway auto-responses
+ * from causing self-DoS if DetectAgent produces false-positive loops.
+ *
+ * @module @panguard-ai/panguard-guard/agent/respond/action-rate-limiter
+ */
+import { createLogger } from '@panguard-ai/core';
+const logger = createLogger('panguard-guard:action-rate-limiter');
+export class ActionRateLimiter {
+    windows = new Map();
+    consecutiveFailures = 0;
+    circuitBreakerUntil = 0;
+    /** Per-action limits: max invocations per 60-second window */
+    limits = {
+        block_ip: 10,
+        kill_process: 5,
+        disable_account: 2,
+        isolate_file: 5,
+        notify: 30,
+        log_only: Infinity,
+        // ATR agent-specific actions
+        block_tool: 10,
+        kill_agent: 3,
+        quarantine_session: 5,
+        revoke_skill: 10,
+        reduce_permissions: 5,
+    };
+    /** Circuit breaker: pause all actions after N consecutive failures */
+    maxConsecutiveFailures = 5;
+    /** Circuit breaker cooldown: 60 seconds */
+    circuitBreakerCooldownMs = 60_000;
+    /** Sliding window size: 60 seconds */
+    windowMs = 60_000;
+    /**
+     * Check whether the given action is allowed under rate limits.
+     * Returns true if allowed, false if rate-limited or circuit-broken.
+     */
+    allow(action) {
+        const now = Date.now();
+        // Circuit breaker check
+        if (now < this.circuitBreakerUntil) {
+            return false;
+        }
+        const limit = this.limits[action] ?? 10;
+        if (limit === Infinity)
+            return true;
+        // Sliding window: prune old entries, count recent
+        const timestamps = this.windows.get(action) ?? [];
+        const cutoff = now - this.windowMs;
+        const recent = timestamps.filter((t) => t > cutoff);
+        this.windows.set(action, recent);
+        return recent.length < limit;
+    }
+    /** Record that an action was executed (adds to sliding window) */
+    record(action) {
+        const timestamps = this.windows.get(action) ?? [];
+        timestamps.push(Date.now());
+        this.windows.set(action, timestamps);
+    }
+    /** Record a successful action -- resets consecutive failure counter */
+    recordSuccess() {
+        this.consecutiveFailures = 0;
+    }
+    /** Record a failed action execution. Trips circuit breaker after threshold. */
+    recordFailure() {
+        this.consecutiveFailures++;
+        if (this.consecutiveFailures >= this.maxConsecutiveFailures) {
+            this.circuitBreakerUntil = Date.now() + this.circuitBreakerCooldownMs;
+            logger.error(`Circuit breaker tripped: ${this.consecutiveFailures} consecutive failures. ` +
+                `All auto-responses paused for ${this.circuitBreakerCooldownMs / 1000}s.`);
+            this.consecutiveFailures = 0;
+        }
+    }
+    /** Check if circuit breaker is currently active */
+    isCircuitBroken() {
+        return Date.now() < this.circuitBreakerUntil;
+    }
+    /** Get current rate limit status for monitoring */
+    getStatus() {
+        const now = Date.now();
+        const cutoff = now - this.windowMs;
+        const windowCounts = {};
+        for (const [action, timestamps] of this.windows) {
+            windowCounts[action] = timestamps.filter((t) => t > cutoff).length;
+        }
+        return {
+            circuitBroken: this.isCircuitBroken(),
+            consecutiveFailures: this.consecutiveFailures,
+            windowCounts,
+        };
+    }
+}
+//# sourceMappingURL=action-rate-limiter.js.map

package/dist/agent/respond/action-rate-limiter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"action-rate-limiter.js","sourceRoot":"","sources":["../../../src/agent/respond/action-rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAGjD,MAAM,MAAM,GAAG,YAAY,CAAC,oCAAoC,CAAC,CAAC;AAElE,MAAM,OAAO,iBAAiB;IACX,OAAO,GAAG,IAAI,GAAG,EAA4B,CAAC;IACvD,mBAAmB,GAAG,CAAC,CAAC;IACxB,mBAAmB,GAAG,CAAC,CAAC;IAEhC,8DAA8D;IAC7C,MAAM,GAA2B;QAChD,QAAQ,EAAE,EAAE;QACZ,YAAY,EAAE,CAAC;QACf,eAAe,EAAE,CAAC;QAClB,YAAY,EAAE,CAAC;QACf,MAAM,EAAE,EAAE;QACV,QAAQ,EAAE,QAAQ;QAClB,6BAA6B;QAC7B,UAAU,EAAE,EAAE;QACd,UAAU,EAAE,CAAC;QACb,kBAAkB,EAAE,CAAC;QACrB,YAAY,EAAE,EAAE;QAChB,kBAAkB,EAAE,CAAC;KACtB,CAAC;IAEF,sEAAsE;IACrD,sBAAsB,GAAG,CAAC,CAAC;IAC5C,2CAA2C;IAC1B,wBAAwB,GAAG,MAAM,CAAC;IACnD,sCAAsC;IACrB,QAAQ,GAAG,MAAM,CAAC;IAEnC;;;OAGG;IACH,KAAK,CAAC,MAAsB;QAC1B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,wBAAwB;QACxB,IAAI,GAAG,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACxC,IAAI,KAAK,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEpC,kDAAkD;QAClD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACnC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,MAAM,CAAC,MAAM,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED,kEAAkE;IAClE,MAAM,CAAC,MAAsB;QAC3B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAClD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QAC5B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACvC,CAAC;IAED,uEAAuE;IACvE,aAAa;QACX,IAAI,CAAC,mBAAmB,GAAG,CAAC,CAAC;IAC/B,CAAC;IAED,+EAA+E;IAC/E,aAAa;QACX,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC3B,IAAI,IAAI,CAAC,mBAAmB,IAAI,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5D,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,wBAAwB,CAAC;YACtE,MAAM,CAAC,KAAK,CACV,4BAA4B,IAAI,CAAC,mBAAmB,yBAAyB;gBAC3E,iCAAiC,IAAI,CAAC,wBAAwB,GAAG,IAAI,IAAI,CAC5E,CAAC;YACF,IAAI,CAAC,mBAAmB,GAAG,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,mDAAmD;IACnD,eAAe;QACb,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,mBAAmB,CAAC;IAC/C,CAAC;IAED,mDAAmD;IACnD,SAAS;QAKP,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;QACnC,MAAM,YAAY,GAA2B,EAAE,CAAC;QAChD,KAAK,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAChD,YAAY,CAAC,MAAM,CAAC,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,MAAM,CAAC;QACrE,CAAC;QACD,OAAO;YACL,aAAa,EAAE,IAAI,CAAC,eAAe,EAAE;YACrC,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;YAC7C,YAAY;SACb,CAAC;IACJ,CAAC;CACF"}

package/dist/agent/respond/escalation-tracker.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+/**
+ * Escalation tracker: monitors repeat offenders for progressive response.
+ * @module @panguard-ai/panguard-guard/agent/respond/escalation-tracker
+ */
+import type { EscalationRecord } from './types.js';
+export declare class EscalationTracker {
+    private readonly records;
+    /** Track a violation for the given target */
+    track(target: string): void;
+    /** Get the escalation record for a target (if any) */
+    get(target: string): EscalationRecord | undefined;
+    /** Check if target is a repeat offender (>= threshold violations) */
+    isRepeatOffender(target: string, threshold: number): boolean;
+    /** Get a snapshot of all records */
+    getAll(): Map<string, EscalationRecord>;
+}
+//# sourceMappingURL=escalation-tracker.d.ts.map

package/dist/agent/respond/escalation-tracker.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"escalation-tracker.d.ts","sourceRoot":"","sources":["../../../src/agent/respond/escalation-tracker.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAEnD,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAuC;IAE/D,6CAA6C;IAC7C,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAgB3B,sDAAsD;IACtD,GAAG,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,GAAG,SAAS;IAIjD,qEAAqE;IACrE,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO;IAK5D,oCAAoC;IACpC,MAAM,IAAI,GAAG,CAAC,MAAM,EAAE,gBAAgB,CAAC;CAGxC"}

package/dist/agent/respond/escalation-tracker.js ADDED Viewed

@@ -0,0 +1,38 @@
+/**
+ * Escalation tracker: monitors repeat offenders for progressive response.
+ * @module @panguard-ai/panguard-guard/agent/respond/escalation-tracker
+ */
+export class EscalationTracker {
+    records = new Map();
+    /** Track a violation for the given target */
+    track(target) {
+        const now = new Date().toISOString();
+        const existing = this.records.get(target);
+        if (existing) {
+            existing.violationCount += 1;
+            existing.lastSeen = now;
+        }
+        else {
+            this.records.set(target, {
+                target,
+                violationCount: 1,
+                firstSeen: now,
+                lastSeen: now,
+            });
+        }
+    }
+    /** Get the escalation record for a target (if any) */
+    get(target) {
+        return this.records.get(target);
+    }
+    /** Check if target is a repeat offender (>= threshold violations) */
+    isRepeatOffender(target, threshold) {
+        const record = this.records.get(target);
+        return record !== undefined && record.violationCount >= threshold;
+    }
+    /** Get a snapshot of all records */
+    getAll() {
+        return new Map(this.records);
+    }
+}
+//# sourceMappingURL=escalation-tracker.js.map

package/dist/agent/respond/escalation-tracker.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"escalation-tracker.js","sourceRoot":"","sources":["../../../src/agent/respond/escalation-tracker.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,OAAO,iBAAiB;IACX,OAAO,GAAG,IAAI,GAAG,EAA4B,CAAC;IAE/D,6CAA6C;IAC7C,KAAK,CAAC,MAAc;QAClB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,cAAc,IAAI,CAAC,CAAC;YAC7B,QAAQ,CAAC,QAAQ,GAAG,GAAG,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE;gBACvB,MAAM;gBACN,cAAc,EAAE,CAAC;gBACjB,SAAS,EAAE,GAAG;gBACd,QAAQ,EAAE,GAAG;aACd,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sDAAsD;IACtD,GAAG,CAAC,MAAc;QAChB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC;IAED,qEAAqE;IACrE,gBAAgB,CAAC,MAAc,EAAE,SAAiB;QAChD,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACxC,OAAO,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,cAAc,IAAI,SAAS,CAAC;IACpE,CAAC;IAED,oCAAoC;IACpC,MAAM;QACJ,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/B,CAAC;CACF"}

package/dist/agent/respond/evidence-extractor.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+/**
+ * Pure functions to extract structured data from ThreatVerdict evidence.
+ * @module @panguard-ai/panguard-guard/agent/respond/evidence-extractor
+ */
+import type { ThreatVerdict } from '../../types.js';
+/** Extract IP address from verdict evidence */
+export declare function extractIP(verdict: ThreatVerdict): string | undefined;
+/** Extract PID from verdict evidence */
+export declare function extractPID(verdict: ThreatVerdict): number | undefined;
+/** Extract username from verdict evidence */
+export declare function extractUsername(verdict: ThreatVerdict): string | undefined;
+/** Extract file path from verdict evidence */
+export declare function extractFilePath(verdict: ThreatVerdict): string | undefined;
+/** Extract process name from verdict evidence */
+export declare function extractProcessName(verdict: ThreatVerdict): string | undefined;
+/** Extract the most relevant target identifier from verdict */
+export declare function extractTarget(verdict: ThreatVerdict): string | undefined;
+//# sourceMappingURL=evidence-extractor.d.ts.map

package/dist/agent/respond/evidence-extractor.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"evidence-extractor.d.ts","sourceRoot":"","sources":["../../../src/agent/respond/evidence-extractor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAEpD,+CAA+C;AAC/C,wBAAgB,SAAS,CAAC,OAAO,EAAE,aAAa,GAAG,MAAM,GAAG,SAAS,CAOpE;AAED,wCAAwC;AACxC,wBAAgB,UAAU,CAAC,OAAO,EAAE,aAAa,GAAG,MAAM,GAAG,SAAS,CAMrE;AAED,6CAA6C;AAC7C,wBAAgB,eAAe,CAAC,OAAO,EAAE,aAAa,GAAG,MAAM,GAAG,SAAS,CAM1E;AAED,8CAA8C;AAC9C,wBAAgB,eAAe,CAAC,OAAO,EAAE,aAAa,GAAG,MAAM,GAAG,SAAS,CAM1E;AAED,iDAAiD;AACjD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,aAAa,GAAG,MAAM,GAAG,SAAS,CAM7E;AAED,+DAA+D;AAC/D,wBAAgB,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,MAAM,GAAG,SAAS,CAOxE"}

package/dist/agent/respond/evidence-extractor.js ADDED Viewed

@@ -0,0 +1,59 @@
+/**
+ * Pure functions to extract structured data from ThreatVerdict evidence.
+ * @module @panguard-ai/panguard-guard/agent/respond/evidence-extractor
+ */
+/** Extract IP address from verdict evidence */
+export function extractIP(verdict) {
+    for (const e of verdict.evidence) {
+        const data = e.data;
+        if (data?.['ip'])
+            return data['ip'];
+        if (data?.['sourceIP'])
+            return data['sourceIP'];
+    }
+    return undefined;
+}
+/** Extract PID from verdict evidence */
+export function extractPID(verdict) {
+    for (const e of verdict.evidence) {
+        const data = e.data;
+        if (data?.['pid'])
+            return Number(data['pid']);
+    }
+    return undefined;
+}
+/** Extract username from verdict evidence */
+export function extractUsername(verdict) {
+    for (const e of verdict.evidence) {
+        const data = e.data;
+        if (data?.['username'])
+            return data['username'];
+    }
+    return undefined;
+}
+/** Extract file path from verdict evidence */
+export function extractFilePath(verdict) {
+    for (const e of verdict.evidence) {
+        const data = e.data;
+        if (data?.['filePath'])
+            return data['filePath'];
+    }
+    return undefined;
+}
+/** Extract process name from verdict evidence */
+export function extractProcessName(verdict) {
+    for (const e of verdict.evidence) {
+        const data = e.data;
+        if (data?.['processName'])
+            return data['processName'];
+    }
+    return undefined;
+}
+/** Extract the most relevant target identifier from verdict */
+export function extractTarget(verdict) {
+    return (extractIP(verdict) ??
+        extractProcessName(verdict) ??
+        extractUsername(verdict) ??
+        extractFilePath(verdict));
+}
+//# sourceMappingURL=evidence-extractor.js.map

package/dist/agent/respond/evidence-extractor.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"evidence-extractor.js","sourceRoot":"","sources":["../../../src/agent/respond/evidence-extractor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,+CAA+C;AAC/C,MAAM,UAAU,SAAS,CAAC,OAAsB;IAC9C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;QAC3D,IAAI,IAAI,EAAE,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC,IAAI,CAAW,CAAC;QAC9C,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;YAAE,OAAO,IAAI,CAAC,UAAU,CAAW,CAAC;IAC5D,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,UAAU,CAAC,OAAsB;IAC/C,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;QAC3D,IAAI,IAAI,EAAE,CAAC,KAAK,CAAC;YAAE,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,eAAe,CAAC,OAAsB;IACpD,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;QAC3D,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;YAAE,OAAO,IAAI,CAAC,UAAU,CAAW,CAAC;IAC5D,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,8CAA8C;AAC9C,MAAM,UAAU,eAAe,CAAC,OAAsB;IACpD,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;QAC3D,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC;YAAE,OAAO,IAAI,CAAC,UAAU,CAAW,CAAC;IAC5D,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,iDAAiD;AACjD,MAAM,UAAU,kBAAkB,CAAC,OAAsB;IACvD,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,GAAG,CAAC,CAAC,IAA2C,CAAC;QAC3D,IAAI,IAAI,EAAE,CAAC,aAAa,CAAC;YAAE,OAAO,IAAI,CAAC,aAAa,CAAW,CAAC;IAClE,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,+DAA+D;AAC/D,MAAM,UAAU,aAAa,CAAC,OAAsB;IAClD,OAAO,CACL,SAAS,CAAC,OAAO,CAAC;QAClB,kBAAkB,CAAC,OAAO,CAAC;QAC3B,eAAe,CAAC,OAAO,CAAC;QACxB,eAAe,CAAC,OAAO,CAAC,CACzB,CAAC;AACJ,CAAC"}

package/dist/agent/respond/index.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+/**
+ * Respond Agent module barrel export
+ * @module @panguard-ai/panguard-guard/agent/respond
+ */
+export type { ActionManifestEntry, EscalationRecord } from './types.js';
+export { SAFETY_RULES } from './safety-rules.js';
+export { ActionRateLimiter } from './action-rate-limiter.js';
+export { ActionManifest } from './action-manifest.js';
+export { EscalationTracker } from './escalation-tracker.js';
+export { extractIP, extractPID, extractUsername, extractFilePath, extractProcessName, extractTarget, } from './evidence-extractor.js';
+export { blockIP, unblockIP, killProcess, disableAccount, isolateFile, execFilePromise, } from './os-actions.js';
+export type { BlockIPDeps } from './os-actions.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/agent/respond/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/agent/respond/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,YAAY,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AACxE,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EACL,SAAS,EACT,UAAU,EACV,eAAe,EACf,eAAe,EACf,kBAAkB,EAClB,aAAa,GACd,MAAM,yBAAyB,CAAC;AACjC,OAAO,EACL,OAAO,EACP,SAAS,EACT,WAAW,EACX,cAAc,EACd,WAAW,EACX,eAAe,GAChB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/agent/respond/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Respond Agent module barrel export
+ * @module @panguard-ai/panguard-guard/agent/respond
+ */
+export { SAFETY_RULES } from './safety-rules.js';
+export { ActionRateLimiter } from './action-rate-limiter.js';
+export { ActionManifest } from './action-manifest.js';
+export { EscalationTracker } from './escalation-tracker.js';
+export { extractIP, extractPID, extractUsername, extractFilePath, extractProcessName, extractTarget, } from './evidence-extractor.js';
+export { blockIP, unblockIP, killProcess, disableAccount, isolateFile, execFilePromise, } from './os-actions.js';
+//# sourceMappingURL=index.js.map

package/dist/agent/respond/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/agent/respond/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EACL,SAAS,EACT,UAAU,EACV,eAAe,EACf,eAAe,EACf,kBAAkB,EAClB,aAAa,GACd,MAAM,yBAAyB,CAAC;AACjC,OAAO,EACL,OAAO,EACP,SAAS,EACT,WAAW,EACX,cAAc,EACd,WAAW,EACX,eAAe,GAChB,MAAM,iBAAiB,CAAC"}

package/dist/agent/respond/os-actions.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+/**
+ * OS-level response actions: IP blocking, process killing, account disabling, file isolation.
+ * Uses execFile (never exec) for all system commands to prevent command injection.
+ *
+ * @module @panguard-ai/panguard-guard/agent/respond/os-actions
+ */
+import type { ThreatVerdict, ResponseResult } from '../../types.js';
+import type { ActionManifest } from './action-manifest.js';
+import type { EscalationTracker } from './escalation-tracker.js';
+/** Promise wrapper for execFile */
+export declare function execFilePromise(command: string, args: string[]): Promise<string>;
+export interface BlockIPDeps {
+    readonly additionalWhitelistedIPs: ReadonlySet<string>;
+    readonly manifest: ActionManifest;
+    readonly escalation: EscalationTracker;
+    readonly unblockTimers: Map<string, ReturnType<typeof setTimeout>>;
+}
+export declare function blockIP(verdict: ThreatVerdict, deps: BlockIPDeps): Promise<ResponseResult>;
+export declare function unblockIP(ip: string, unblockTimers: Map<string, ReturnType<typeof setTimeout>>): Promise<ResponseResult>;
+export declare function killProcess(verdict: ThreatVerdict, manifest: ActionManifest): Promise<ResponseResult>;
+export declare function disableAccount(verdict: ThreatVerdict, manifest: ActionManifest): Promise<ResponseResult>;
+export declare function isolateFile(verdict: ThreatVerdict, manifest: ActionManifest): Promise<ResponseResult>;
+//# sourceMappingURL=os-actions.d.ts.map

package/dist/agent/respond/os-actions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"os-actions.d.ts","sourceRoot":"","sources":["../../../src/agent/respond/os-actions.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,OAAO,KAAK,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AASpE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAIjE,mCAAmC;AACnC,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAUhF;AAoBD,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,wBAAwB,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;IACvD,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,UAAU,EAAE,iBAAiB,CAAC;IACvC,QAAQ,CAAC,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,OAAO,UAAU,CAAC,CAAC,CAAC;CACpE;AAED,wBAAsB,OAAO,CAAC,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,cAAc,CAAC,CAiFhG;AAED,wBAAsB,SAAS,CAC7B,EAAE,EAAE,MAAM,EACV,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,OAAO,UAAU,CAAC,CAAC,GACxD,OAAO,CAAC,cAAc,CAAC,CA0CzB;AAuBD,wBAAsB,WAAW,CAC/B,OAAO,EAAE,aAAa,EACtB,QAAQ,EAAE,cAAc,GACvB,OAAO,CAAC,cAAc,CAAC,CAoEzB;AAMD,wBAAsB,cAAc,CAClC,OAAO,EAAE,aAAa,EACtB,QAAQ,EAAE,cAAc,GACvB,OAAO,CAAC,cAAc,CAAC,CAqEzB;AAuCD,wBAAsB,WAAW,CAC/B,OAAO,EAAE,aAAa,EACtB,QAAQ,EAAE,cAAc,GACvB,OAAO,CAAC,cAAc,CAAC,CAsEzB"}