@panguard-ai/panguard-skill-auditor 1.3.0 → 1.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/checks/atr-check.d.ts.map +1 -1
- package/dist/checks/atr-check.js +47 -1
- package/dist/checks/atr-check.js.map +1 -1
- package/dist/checks/code-check.d.ts +1 -1
- package/dist/checks/code-check.d.ts.map +1 -1
- package/dist/checks/code-check.js +12 -1
- package/dist/checks/code-check.js.map +1 -1
- package/dist/checks/permission-check.d.ts +3 -0
- package/dist/checks/permission-check.d.ts.map +1 -1
- package/dist/checks/permission-check.js +27 -22
- package/dist/checks/permission-check.js.map +1 -1
- package/dist/manifest-parser.d.ts.map +1 -1
- package/dist/manifest-parser.js +19 -10
- package/dist/manifest-parser.js.map +1 -1
- package/dist/types.d.ts.map +1 -1
- package/package.json +14 -14
- package/LICENSE +0 -21
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atr-check.d.ts","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,OAAO,KAAK,EAAgB,WAAW,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"atr-check.d.ts","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,OAAO,KAAK,EAAgB,WAAW,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAsJ5E;;;;;;;;;GASG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,aAAa,EACvB,UAAU,CAAC,EAAE,KAAK,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAC;IAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CAAE,CAAC,GAC5F,OAAO,CAAC,WAAW,CAAC,CAiItB"}
|
package/dist/checks/atr-check.js
CHANGED
|
@@ -12,6 +12,38 @@
|
|
|
12
12
|
import { resolve, dirname } from 'node:path';
|
|
13
13
|
import { fileURLToPath } from 'node:url';
|
|
14
14
|
const CHECK_LABEL = 'ATR Pattern Detection';
|
|
15
|
+
// ---------------------------------------------------------------------------
|
|
16
|
+
// Capability declaration detection (mirrors scan-core context-signals logic)
|
|
17
|
+
// ---------------------------------------------------------------------------
|
|
18
|
+
const CAPABILITY_SECTION_RE = /^#{1,3}\s+(?:Tools|Commands|Features|Capabilities|Functions|Methods|Endpoints)\s*$/m;
|
|
19
|
+
const TOOL_DEFINITION_LIST_RE = /^[-*]\s+\w[\w-]*\s*:\s+.+$/m;
|
|
20
|
+
const SECURITY_MEASURES_RE = /\b(only\s+SELECT|read[\s-]only|validated|sandboxed|restricted|allowed\s+directories|allow[\s-]?list|deny[\s-]?list|rate[\s-]?limit|no\s+write|no\s+delete|immutable|whitelisted|blocklist)\b/i;
|
|
21
|
+
function downgradeAuditSeverity(severity) {
|
|
22
|
+
const map = {
|
|
23
|
+
critical: 'medium',
|
|
24
|
+
high: 'low',
|
|
25
|
+
medium: 'low',
|
|
26
|
+
low: 'info',
|
|
27
|
+
info: 'info',
|
|
28
|
+
};
|
|
29
|
+
return map[severity] ?? 'info';
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Detect whether a manifest represents a legitimate capability declaration
|
|
33
|
+
* (structured tool listing with security measures) rather than a threat.
|
|
34
|
+
*/
|
|
35
|
+
function detectCapabilityContext(manifest) {
|
|
36
|
+
const content = manifest.instructions ?? '';
|
|
37
|
+
const hasName = !!manifest.name;
|
|
38
|
+
const hasDesc = !!manifest.description;
|
|
39
|
+
const hasCapSection = CAPABILITY_SECTION_RE.test(content);
|
|
40
|
+
const hasToolDefs = TOOL_DEFINITION_LIST_RE.test(content);
|
|
41
|
+
const hasSecurity = SECURITY_MEASURES_RE.test(content) || SECURITY_MEASURES_RE.test(manifest.description ?? '');
|
|
42
|
+
return {
|
|
43
|
+
isCapabilityDeclaration: hasName && hasDesc && hasCapSection && hasToolDefs,
|
|
44
|
+
hasSecurityMeasures: hasSecurity,
|
|
45
|
+
};
|
|
46
|
+
}
|
|
15
47
|
/** ATR category to AuditFinding category mapping */
|
|
16
48
|
const CATEGORY_MAP = {
|
|
17
49
|
'prompt-injection': 'prompt-injection',
|
|
@@ -180,7 +212,21 @@ export async function checkWithATR(manifest, cloudRules) {
|
|
|
180
212
|
}
|
|
181
213
|
}
|
|
182
214
|
// Deduplicate and convert to findings
|
|
183
|
-
|
|
215
|
+
let findings = matchesToFindings(allMatches);
|
|
216
|
+
// Apply capability-declaration context downgrades
|
|
217
|
+
const capCtx = detectCapabilityContext(manifest);
|
|
218
|
+
if (capCtx.isCapabilityDeclaration || capCtx.hasSecurityMeasures) {
|
|
219
|
+
findings = findings.map((f) => {
|
|
220
|
+
let severity = f.severity;
|
|
221
|
+
if (capCtx.isCapabilityDeclaration) {
|
|
222
|
+
severity = downgradeAuditSeverity(severity);
|
|
223
|
+
}
|
|
224
|
+
if (capCtx.hasSecurityMeasures) {
|
|
225
|
+
severity = downgradeAuditSeverity(severity);
|
|
226
|
+
}
|
|
227
|
+
return severity !== f.severity ? { ...f, severity } : f;
|
|
228
|
+
});
|
|
229
|
+
}
|
|
184
230
|
const hasCritical = findings.some((f) => f.severity === 'critical');
|
|
185
231
|
const hasHigh = findings.some((f) => f.severity === 'high');
|
|
186
232
|
const status = hasCritical ? 'fail' : hasHigh ? 'warn' : findings.length > 0 ? 'warn' : 'pass';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atr-check.js","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAIzC,MAAM,WAAW,GAAG,uBAAuB,CAAC;AAE5C,oDAAoD;AACpD,MAAM,YAAY,GAA6C;IAC7D,kBAAkB,EAAE,kBAAkB;IACtC,gBAAgB,EAAE,gBAAgB;IAClC,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,gBAAgB,EAAE,gBAAgB;IAClC,aAAa,EAAE,aAAa;IAC5B,kBAAkB,EAAE,kBAAkB;CACvC,CAAC;AAEF;;;GAGG;AACH,SAAS,eAAe;IACtB,IAAI,CAAC;QACH,+BAA+B;QAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAC;QAC3D,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC;YAChD,gEAAgE;YAChE,OAAO,OAAO,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,mCAAmC;IACrC,CAAC;IACD,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACxD,OAAO,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;AAC5D,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,OAAe,EAAE,QAAiB;IAC5D,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO;QACP,MAAM,EAAE;YACN,UAAU,EAAE,OAAO;YACnB,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7C;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,QAAgB,EAChB,WAAmB,EACnB,WAAqB;IAErB,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE;YACN,SAAS,EAAE,QAAQ;YACnB,SAAS,EAAE,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,IAAI,EAAE,CAAC;SAC7F;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAA4B;IACrD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,SAAS;QAC/B,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAEjB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC;QACjE,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;QAEvF,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,OAAO,MAAM,EAAE;YACnB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK;YACvB,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW;YACnC,QAAQ;YACR,QAAQ;YACR,QAAQ,EACN,KAAK,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC;gBAC9B,CAAC,CAAC,YAAY,KAAK,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC5D,CAAC,CAAC,SAAS;SAChB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAuB,EACvB,UAA6F;IAE7F,wDAAwD;IACxD,IAAI,SAA+B,CAAC;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAC7C,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,EAAE;SACb,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;QAEnC,0DAA0D;QAC1D,IAAI,gBAAyB,CAAC;QAC9B,IAAI,CAAC;YACH,MAAM,EAAE,qBAAqB,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;YACnE,gBAAgB,GAAG,IAAI,qBAAqB,EAAE,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,sDAAsD;QACxD,CAAC;QAED,MAAM,YAAY,GAA4B,EAAE,QAAQ,EAAE,CAAC;QAC3D,IAAI,gBAAgB;YAAE,YAAY,CAAC,kBAAkB,CAAC,GAAG,gBAAgB,CAAC;QAC1E,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,YAA8D,CAAC,CAAC;QAC7F,IAAI,SAAS,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;QAEzC,kFAAkF;QAClF,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;gBAC9B,IAAI,CAAC;oBACH,MAAM,CAAC,OAAO,CAAC,IAAqD,CAAC,CAAC;oBACtE,SAAS,EAAE,CAAC;gBACd,CAAC;gBAAC,MAAM,CAAC;oBACP,oCAAoC;gBACtC,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;YACpB,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,GAAG,WAAW,mBAAmB;gBACxC,QAAQ,EAAE,EAAE;aACb,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAe,EAAE,CAAC;QAElC,uBAAuB;QACvB,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;YAC1B,MAAM,kBAAkB,GAAG,MAAM,CAAC,QAAQ,CACxC,kBAAkB,CAAC,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,CACzD,CAAC;YACF,UAAU,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,CAAC;QACzC,CAAC;QAED,sBAAsB;QACtB,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;YAC9E,UAAU,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;QAClC,CAAC;QAED,4DAA4D;QAC5D,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;gBAC1C,IAAI,OAAO,CAAC,CAAC,aAAa,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACzC,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CACjC,kBAAkB,CACf,CAAC,CAAC,MAAM,CAAY,IAAI,EAAE,EAC3B,CAAC,CAAC,aAAa,CAAW,EAC1B,CAAC,CAAC,aAAa,CAAC,CACjB,CACF,CAAC;oBACF,UAAU,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,
|
|
1
|
+
{"version":3,"file":"atr-check.js","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAIzC,MAAM,WAAW,GAAG,uBAAuB,CAAC;AAE5C,8EAA8E;AAC9E,6EAA6E;AAC7E,8EAA8E;AAE9E,MAAM,qBAAqB,GACzB,qFAAqF,CAAC;AAExF,MAAM,uBAAuB,GAAG,6BAA6B,CAAC;AAE9D,MAAM,oBAAoB,GACxB,+LAA+L,CAAC;AAIlM,SAAS,sBAAsB,CAAC,QAAuB;IACrD,MAAM,GAAG,GAAyC;QAChD,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,KAAK;QACb,GAAG,EAAE,MAAM;QACX,IAAI,EAAE,MAAM;KACb,CAAC;IACF,OAAO,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,QAAuB;IAItD,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,IAAI,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;IAChC,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;IACvC,MAAM,aAAa,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1D,MAAM,WAAW,GAAG,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1D,MAAM,WAAW,GACf,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;IAE9F,OAAO;QACL,uBAAuB,EAAE,OAAO,IAAI,OAAO,IAAI,aAAa,IAAI,WAAW;QAC3E,mBAAmB,EAAE,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,oDAAoD;AACpD,MAAM,YAAY,GAA6C;IAC7D,kBAAkB,EAAE,kBAAkB;IACtC,gBAAgB,EAAE,gBAAgB;IAClC,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,gBAAgB,EAAE,gBAAgB;IAClC,aAAa,EAAE,aAAa;IAC5B,kBAAkB,EAAE,kBAAkB;CACvC,CAAC;AAEF;;;GAGG;AACH,SAAS,eAAe;IACtB,IAAI,CAAC;QACH,+BAA+B;QAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAC;QAC3D,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC;YAChD,gEAAgE;YAChE,OAAO,OAAO,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,mCAAmC;IACrC,CAAC;IACD,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACxD,OAAO,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;AAC5D,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,OAAe,EAAE,QAAiB;IAC5D,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO;QACP,MAAM,EAAE;YACN,UAAU,EAAE,OAAO;YACnB,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7C;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,QAAgB,EAChB,WAAmB,EACnB,WAAqB;IAErB,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE;YACN,SAAS,EAAE,QAAQ;YACnB,SAAS,EAAE,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,IAAI,EAAE,CAAC;SAC7F;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAA4B;IACrD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,SAAS;QAC/B,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAEjB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC;QACjE,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;QAEvF,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,OAAO,MAAM,EAAE;YACnB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK;YACvB,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW;YACnC,QAAQ;YACR,QAAQ;YACR,QAAQ,EACN,KAAK,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC;gBAC9B,CAAC,CAAC,YAAY,KAAK,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC5D,CAAC,CAAC,SAAS;SAChB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAuB,EACvB,UAA6F;IAE7F,wDAAwD;IACxD,IAAI,SAA+B,CAAC;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAC7C,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,EAAE;SACb,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;QAEnC,0DAA0D;QAC1D,IAAI,gBAAyB,CAAC;QAC9B,IAAI,CAAC;YACH,MAAM,EAAE,qBAAqB,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;YACnE,gBAAgB,GAAG,IAAI,qBAAqB,EAAE,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,sDAAsD;QACxD,CAAC;QAED,MAAM,YAAY,GAA4B,EAAE,QAAQ,EAAE,CAAC;QAC3D,IAAI,gBAAgB;YAAE,YAAY,CAAC,kBAAkB,CAAC,GAAG,gBAAgB,CAAC;QAC1E,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,YAA8D,CAAC,CAAC;QAC7F,IAAI,SAAS,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;QAEzC,kFAAkF;QAClF,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;gBAC9B,IAAI,CAAC;oBACH,MAAM,CAAC,OAAO,CAAC,IAAqD,CAAC,CAAC;oBACtE,SAAS,EAAE,CAAC;gBACd,CAAC;gBAAC,MAAM,CAAC;oBACP,oCAAoC;gBACtC,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;YACpB,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,GAAG,WAAW,mBAAmB;gBACxC,QAAQ,EAAE,EAAE;aACb,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAe,EAAE,CAAC;QAElC,uBAAuB;QACvB,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;YAC1B,MAAM,kBAAkB,GAAG,MAAM,CAAC,QAAQ,CACxC,kBAAkB,CAAC,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,CACzD,CAAC;YACF,UAAU,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,CAAC;QACzC,CAAC;QAED,sBAAsB;QACtB,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;YAC9E,UAAU,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;QAClC,CAAC;QAED,4DAA4D;QAC5D,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;gBAC1C,IAAI,OAAO,CAAC,CAAC,aAAa,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACzC,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CACjC,kBAAkB,CACf,CAAC,CAAC,MAAM,CAAY,IAAI,EAAE,EAC3B,CAAC,CAAC,aAAa,CAAW,EAC1B,CAAC,CAAC,aAAa,CAAC,CACjB,CACF,CAAC;oBACF,UAAU,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,IAAI,QAAQ,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAE7C,kDAAkD;QAClD,MAAM,MAAM,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,MAAM,CAAC,uBAAuB,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACjE,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC5B,IAAI,QAAQ,GAAG,CAAC,CAAC,QAAyB,CAAC;gBAC3C,IAAI,MAAM,CAAC,uBAAuB,EAAE,CAAC;oBACnC,QAAQ,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC;gBAC9C,CAAC;gBACD,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;oBAC/B,QAAQ,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC;gBAC9C,CAAC;gBACD,OAAO,QAAQ,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1D,CAAC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAE5D,MAAM,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QAE/F,MAAM,KAAK,GACT,QAAQ,CAAC,MAAM,KAAK,CAAC;YACnB,CAAC,CAAC,GAAG,WAAW,YAAY,SAAS,mBAAmB;YACxD,CAAC,CAAC,GAAG,WAAW,KAAK,QAAQ,CAAC,MAAM,qBAAqB,CAAC;QAE9D,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;IACrC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,GAAG,WAAW,gBAAgB;YACrC,QAAQ,EAAE;gBACR;oBACE,EAAE,EAAE,kBAAkB;oBACtB,KAAK,EAAE,iCAAiC;oBACxC,WAAW,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;oBAC7D,QAAQ,EAAE,MAAM;oBAChB,QAAQ,EAAE,KAAK;iBAChB;aACF;SACF,CAAC;IACJ,CAAC;AACH,CAAC"}
|
|
@@ -3,5 +3,5 @@
|
|
|
3
3
|
* 程式碼安全檢查 - 包裝 panguard-scan 的 SAST 和密鑰掃描器
|
|
4
4
|
*/
|
|
5
5
|
import type { CheckResult } from '../types.js';
|
|
6
|
-
export declare function checkCode(
|
|
6
|
+
export declare function checkCode(skillDirOrFile: string): Promise<CheckResult>;
|
|
7
7
|
//# sourceMappingURL=code-check.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"code-check.d.ts","sourceRoot":"","sources":["../../src/checks/code-check.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAgB,WAAW,EAAE,MAAM,aAAa,CAAC;AAG7D,wBAAsB,SAAS,CAAC,
|
|
1
|
+
{"version":3,"file":"code-check.d.ts","sourceRoot":"","sources":["../../src/checks/code-check.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAgB,WAAW,EAAE,MAAM,aAAa,CAAC;AAG7D,wBAAsB,SAAS,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CA6G5E"}
|
|
@@ -2,7 +2,18 @@
|
|
|
2
2
|
* Code security check - wraps panguard-scan SAST + secrets scanners
|
|
3
3
|
* 程式碼安全檢查 - 包裝 panguard-scan 的 SAST 和密鑰掃描器
|
|
4
4
|
*/
|
|
5
|
-
export async function checkCode(
|
|
5
|
+
export async function checkCode(skillDirOrFile) {
|
|
6
|
+
// Skip code scanning for direct .md files — they are text content, not source code.
|
|
7
|
+
// Scanning the parent directory (e.g. ~/.claude/commands/) would incorrectly scan ALL
|
|
8
|
+
// commands as if they were one skill's source code.
|
|
9
|
+
if (skillDirOrFile.endsWith('.md')) {
|
|
10
|
+
return {
|
|
11
|
+
status: 'pass',
|
|
12
|
+
label: 'Code: skipped (text-only skill file)',
|
|
13
|
+
findings: [],
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
const skillDir = skillDirOrFile;
|
|
6
17
|
const findings = [];
|
|
7
18
|
// Dynamic import to handle case where panguard-scan is not available
|
|
8
19
|
let checkSourceCode = null;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"code-check.js","sourceRoot":"","sources":["../../src/checks/code-check.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,
|
|
1
|
+
{"version":3,"file":"code-check.js","sourceRoot":"","sources":["../../src/checks/code-check.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,cAAsB;IACpD,oFAAoF;IACpF,sFAAsF;IACtF,oDAAoD;IACpD,IAAI,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO;YACL,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,sCAAsC;YAC7C,QAAQ,EAAE,EAAE;SACb,CAAC;IACJ,CAAC;IACD,MAAM,QAAQ,GAAG,cAAc,CAAC;IAChC,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,qEAAqE;IACrE,IAAI,eAAe,GAUR,IAAI,CAAC;IAChB,IAAI,qBAAqB,GAUd,IAAI,CAAC;IAEhB,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,4BAA4B,CAAC,CAAC;QACxD,IAAI,OAAO,IAAI,CAAC,eAAe,KAAK,UAAU,EAAE,CAAC;YAC/C,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;QACzC,CAAC;QACD,IAAI,OAAO,IAAI,CAAC,qBAAqB,KAAK,UAAU,EAAE,CAAC;YACrD,qBAAqB,GAAG,IAAI,CAAC,qBAAqB,CAAC;QACrD,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,0DAA0D;YACjE,QAAQ,EAAE;gBACR;oBACE,EAAE,EAAE,uBAAuB;oBAC3B,KAAK,EAAE,4BAA4B;oBACnC,WAAW,EACT,8JAA8J;oBAChK,QAAQ,EAAE,QAAQ;oBAClB,QAAQ,EAAE,MAAM;iBACjB;aACF;SACF,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACrD,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACjE,qBAAqB,CAAC,CAAC,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;KAC9E,CAAC,CAAC;IAEH,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,QAAQ,OAAO,CAAC,EAAE,EAAE;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,OAAO,CAAC,OAAO;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,UAAU,OAAO,CAAC,EAAE,EAAE;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,SAAS;YACnB,QAAQ,EAAE,OAAO,CAAC,OAAO;SAC1B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;IACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;IAE/F,MAAM,SAAS,GACb,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC;QACxD,CAAC,CAAC,gCAAgC;QAClC,CAAC,CAAC,SAAS,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,iBAAiB,CAAC;IAErF,MAAM,WAAW,GACf,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC;QAC3D,CAAC,CAAC,yCAAyC;QAC3C,CAAC,CAAC,YAAY,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,wBAAwB,CAAC;IAElG,OAAO;QACL,MAAM;QACN,KAAK,EAAE,GAAG,SAAS,KAAK,WAAW,EAAE;QACrC,QAAQ;KACT,CAAC;AACJ,CAAC"}
|
|
@@ -4,6 +4,9 @@
|
|
|
4
4
|
*
|
|
5
5
|
* Analyzes what tools and permissions a skill requires based on its instructions.
|
|
6
6
|
* 根據技能指令分析其需要的工具和權限。
|
|
7
|
+
*
|
|
8
|
+
* v1.4: Runs patterns against prose only (code blocks + negation sections stripped)
|
|
9
|
+
* to avoid false positives from documentation examples.
|
|
7
10
|
*/
|
|
8
11
|
import type { SkillManifest, CheckResult } from '../types.js';
|
|
9
12
|
export declare function checkPermissions(manifest: SkillManifest): CheckResult;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permission-check.d.ts","sourceRoot":"","sources":["../../src/checks/permission-check.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"permission-check.d.ts","sourceRoot":"","sources":["../../src/checks/permission-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAgB,WAAW,EAAE,MAAM,aAAa,CAAC;AAmG5E,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,aAAa,GAAG,WAAW,CAuDrE"}
|
|
@@ -4,11 +4,16 @@
|
|
|
4
4
|
*
|
|
5
5
|
* Analyzes what tools and permissions a skill requires based on its instructions.
|
|
6
6
|
* 根據技能指令分析其需要的工具和權限。
|
|
7
|
+
*
|
|
8
|
+
* v1.4: Runs patterns against prose only (code blocks + negation sections stripped)
|
|
9
|
+
* to avoid false positives from documentation examples.
|
|
7
10
|
*/
|
|
11
|
+
import { prepareContent } from '@panguard-ai/scan-core';
|
|
8
12
|
const TOOL_PATTERNS = [
|
|
9
13
|
{
|
|
10
14
|
name: 'Bash/Shell',
|
|
11
|
-
|
|
15
|
+
// Only match explicit shell execution intent, not mere mention of "terminal"
|
|
16
|
+
regex: /\b(bash\s+-[ci]|sh\s+-c|execute.*command|run.*command|shell\s+command|spawn\s+shell)\b/i,
|
|
12
17
|
risk: 'high',
|
|
13
18
|
reason: 'Can execute arbitrary system commands',
|
|
14
19
|
},
|
|
@@ -20,33 +25,42 @@ const TOOL_PATTERNS = [
|
|
|
20
25
|
},
|
|
21
26
|
{
|
|
22
27
|
name: 'File Read',
|
|
23
|
-
regex: /\b(read.*file|
|
|
28
|
+
regex: /\b(read.*file|open.*file|load.*from)\b/i,
|
|
24
29
|
risk: 'low',
|
|
25
30
|
reason: 'Can read files from disk',
|
|
26
31
|
},
|
|
27
32
|
{
|
|
28
33
|
name: 'Network/HTTP',
|
|
29
|
-
regex: /\b(
|
|
34
|
+
regex: /\b(http\s+request|api\s+call|download|upload)\b/i,
|
|
30
35
|
risk: 'medium',
|
|
31
36
|
reason: 'Can make network requests',
|
|
32
37
|
},
|
|
33
38
|
{
|
|
34
39
|
name: 'Browser',
|
|
35
|
-
regex: /\b(
|
|
40
|
+
regex: /\b(open.*url|navigate.*to|web.*scrape|playwright|puppeteer|headless\s+browser)\b/i,
|
|
36
41
|
risk: 'medium',
|
|
37
42
|
reason: 'Can open URLs and interact with web pages',
|
|
38
43
|
},
|
|
39
44
|
{
|
|
40
45
|
name: 'Database',
|
|
41
|
-
|
|
46
|
+
// Only match explicit DB operations, not generic words like "update" or "query"
|
|
47
|
+
regex: /\b(SELECT\s+.*\s+FROM|INSERT\s+INTO|CREATE\s+TABLE|DROP\s+TABLE|ALTER\s+TABLE|db\.(query|execute|run)|mongodb|postgres(?:ql)?|mysql|sqlite|supabase|prisma|drizzle)\b/i,
|
|
42
48
|
risk: 'high',
|
|
43
49
|
reason: 'Can access and modify database contents',
|
|
44
50
|
},
|
|
45
51
|
{
|
|
46
52
|
name: 'Credentials',
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
53
|
+
// Only match credential theft/access patterns, not mere mention of "token" or "auth"
|
|
54
|
+
regex: /\b(steal\s+.*(?:key|token|credential)|harvest\s+.*(?:password|secret)|exfiltrate\s+.*(?:credential|token)|dump\s+.*(?:password|secret))\b/i,
|
|
55
|
+
risk: 'high',
|
|
56
|
+
reason: 'Attempts to steal or exfiltrate credentials',
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
name: 'Credential Handling',
|
|
60
|
+
// Separate lower-risk pattern for skills that legitimately handle credentials
|
|
61
|
+
regex: /\b(api[_\s]?key|password|secret[_\s]?key|credential)\b/i,
|
|
62
|
+
risk: 'low',
|
|
63
|
+
reason: 'Handles credentials (verify they are used appropriately)',
|
|
50
64
|
},
|
|
51
65
|
{
|
|
52
66
|
name: 'SSH/Keys',
|
|
@@ -74,33 +88,24 @@ const TOOL_PATTERNS = [
|
|
|
74
88
|
},
|
|
75
89
|
{
|
|
76
90
|
name: 'Clipboard',
|
|
77
|
-
regex: /\b(pbpaste|pbcopy|xclip|xsel
|
|
91
|
+
regex: /\b(pbpaste|pbcopy|xclip|xsel)\b/i,
|
|
78
92
|
risk: 'medium',
|
|
79
93
|
reason: 'Can access or modify clipboard contents',
|
|
80
94
|
},
|
|
81
95
|
];
|
|
82
96
|
export function checkPermissions(manifest) {
|
|
83
97
|
const findings = [];
|
|
84
|
-
const
|
|
98
|
+
const { prose } = prepareContent(manifest.instructions);
|
|
85
99
|
const detectedTools = [];
|
|
86
100
|
for (const pattern of TOOL_PATTERNS) {
|
|
87
|
-
if (pattern.regex.test(
|
|
101
|
+
if (pattern.regex.test(prose)) {
|
|
88
102
|
detectedTools.push({ name: pattern.name, risk: pattern.risk });
|
|
89
|
-
if (pattern.risk
|
|
90
|
-
findings.push({
|
|
91
|
-
id: `perm-${pattern.name.toLowerCase().replace(/[^a-z]/g, '-')}`,
|
|
92
|
-
title: `Skill uses ${pattern.name} (${pattern.risk} risk)`,
|
|
93
|
-
description: pattern.reason,
|
|
94
|
-
severity: 'high',
|
|
95
|
-
category: 'permission',
|
|
96
|
-
});
|
|
97
|
-
}
|
|
98
|
-
else if (pattern.risk === 'medium') {
|
|
103
|
+
if (pattern.risk !== 'low') {
|
|
99
104
|
findings.push({
|
|
100
105
|
id: `perm-${pattern.name.toLowerCase().replace(/[^a-z]/g, '-')}`,
|
|
101
106
|
title: `Skill uses ${pattern.name} (${pattern.risk} risk)`,
|
|
102
107
|
description: pattern.reason,
|
|
103
|
-
severity: 'medium',
|
|
108
|
+
severity: pattern.risk === 'high' ? 'high' : 'medium',
|
|
104
109
|
category: 'permission',
|
|
105
110
|
});
|
|
106
111
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permission-check.js","sourceRoot":"","sources":["../../src/checks/permission-check.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"permission-check.js","sourceRoot":"","sources":["../../src/checks/permission-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AASxD,MAAM,aAAa,GAAkB;IACnC;QACE,IAAI,EAAE,YAAY;QAClB,6EAA6E;QAC7E,KAAK,EACH,yFAAyF;QAC3F,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,uCAAuC;KAChD;IACD;QACE,IAAI,EAAE,YAAY;QAClB,KAAK,EAAE,0DAA0D;QACjE,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,0BAA0B;KACnC;IACD;QACE,IAAI,EAAE,WAAW;QACjB,KAAK,EAAE,yCAAyC;QAChD,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,0BAA0B;KACnC;IACD;QACE,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,kDAAkD;QACzD,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,2BAA2B;KACpC;IACD;QACE,IAAI,EAAE,SAAS;QACf,KAAK,EAAE,mFAAmF;QAC1F,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,2CAA2C;KACpD;IACD;QACE,IAAI,EAAE,UAAU;QAChB,gFAAgF;QAChF,KAAK,EACH,wKAAwK;QAC1K,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,yCAAyC;KAClD;IACD;QACE,IAAI,EAAE,aAAa;QACnB,qFAAqF;QACrF,KAAK,EACH,4IAA4I;QAC9I,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,6CAA6C;KACtD;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,8EAA8E;QAC9E,KAAK,EAAE,yDAAyD;QAChE,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,0DAA0D;KACnE;IACD;QACE,IAAI,EAAE,UAAU;QAChB,KAAK,EAAE,8DAA8D;QACrE,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,+BAA+B;KACxC;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,KAAK,EAAE,gEAAgE;QACvE,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,wCAAwC;KACjD;IACD;QACE,IAAI,EAAE,QAAQ;QACd,KAAK,EAAE,2EAA2E;QAClF,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,uDAAuD;KAChE;IACD;QACE,IAAI,EAAE,eAAe;QACrB,KAAK,EACH,yFAAyF;QAC3F,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,oDAAoD;KAC7D;IACD;QACE,IAAI,EAAE,WAAW;QACjB,KAAK,EAAE,kCAAkC;QACzC,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,yCAAyC;KAClD;CACF,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,QAAuB;IACtD,MAAM,QAAQ,GAAmB,EAAE,CAAC;IACpC,MAAM,EAAE,KAAK,EAAE,GAAG,cAAc,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;IACxD,MAAM,aAAa,GAA0C,EAAE,CAAC;IAEhE,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;QACpC,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,aAAa,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;YAE/D,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBAC3B,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,QAAQ,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE;oBAChE,KAAK,EAAE,cAAc,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,QAAQ;oBAC1D,WAAW,EAAE,OAAO,CAAC,MAAM;oBAC3B,QAAQ,EAAE,OAAO,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;oBACrD,QAAQ,EAAE,YAAY;iBACvB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,6DAA6D;IAC7D,IAAI,QAAQ,CAAC,eAAe,KAAK,MAAM,EAAE,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,uBAAuB;YAC3B,KAAK,EAAE,+BAA+B;YACtC,WAAW,EACT,uGAAuG;YACzG,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,YAAY;SACvB,CAAC,CAAC;IACL,CAAC;IAED,kDAAkD;IAClD,IAAI,QAAQ,CAAC,sBAAsB,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,eAAe;YACnB,KAAK,EAAE,2BAA2B;YAClC,WAAW,EACT,sFAAsF;YACxF,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,YAAY;SACvB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,aAAa,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC5E,MAAM,MAAM,GAAG,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;IAEnD,MAAM,SAAS,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9D,MAAM,KAAK,GACT,aAAa,CAAC,MAAM,GAAG,CAAC;QACtB,CAAC,CAAC,qBAAqB,SAAS,EAAE;QAClC,CAAC,CAAC,6CAA6C,CAAC;IAEpD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AACrC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"manifest-parser.d.ts","sourceRoot":"","sources":["../src/manifest-parser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAIhD;;GAEG;AACH,wBAAsB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"manifest-parser.d.ts","sourceRoot":"","sources":["../src/manifest-parser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAIhD;;GAEG;AACH,wBAAsB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAyBxF"}
|
package/dist/manifest-parser.js
CHANGED
|
@@ -13,18 +13,27 @@ const MAX_SKILL_SIZE = 1024 * 1024; // 1 MB
|
|
|
13
13
|
* Parse a SKILL.md file and extract manifest + instructions.
|
|
14
14
|
*/
|
|
15
15
|
export async function parseSkillManifest(skillDir) {
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
16
|
+
// Support both directory paths (with SKILL.md inside) and direct .md file paths
|
|
17
|
+
const isFile = skillDir.endsWith('.md');
|
|
18
|
+
const candidates = isFile
|
|
19
|
+
? [skillDir]
|
|
20
|
+
: [path.join(skillDir, 'SKILL.md'), path.join(skillDir, 'skill.md')];
|
|
21
|
+
let content = null;
|
|
22
|
+
for (const candidate of candidates) {
|
|
23
|
+
try {
|
|
24
|
+
const stat = await fs.stat(candidate);
|
|
25
|
+
if (stat.isFile() && stat.size <= MAX_SKILL_SIZE) {
|
|
26
|
+
content = await fs.readFile(candidate, 'utf-8');
|
|
27
|
+
break;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
catch {
|
|
31
|
+
// Try next candidate
|
|
22
32
|
}
|
|
23
|
-
content = await fs.readFile(skillPath, 'utf-8');
|
|
24
33
|
}
|
|
25
|
-
|
|
34
|
+
if (!content)
|
|
26
35
|
return null;
|
|
27
|
-
|
|
28
|
-
return parseManifestFromString(content,
|
|
36
|
+
const name = isFile ? path.basename(skillDir, '.md') : path.basename(skillDir);
|
|
37
|
+
return parseManifestFromString(content, name);
|
|
29
38
|
}
|
|
30
39
|
//# sourceMappingURL=manifest-parser.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"manifest-parser.js","sourceRoot":"","sources":["../src/manifest-parser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AAGjE,MAAM,cAAc,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO;AAE3C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,QAAgB;IACvD,MAAM,
|
|
1
|
+
{"version":3,"file":"manifest-parser.js","sourceRoot":"","sources":["../src/manifest-parser.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,SAAS,CAAC;AACzC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AAGjE,MAAM,cAAc,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO;AAE3C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,QAAgB;IACvD,gFAAgF;IAChF,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,MAAM;QACvB,CAAC,CAAC,CAAC,QAAQ,CAAC;QACZ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;IAEvE,IAAI,OAAO,GAAkB,IAAI,CAAC;IAElC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACtC,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,IAAI,CAAC,IAAI,IAAI,cAAc,EAAE,CAAC;gBACjD,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;gBAChD,MAAM;YACR,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,qBAAqB;QACvB,CAAC;IACH,CAAC;IAED,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAE1B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC/E,OAAO,uBAAuB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;AAChD,CAAC"}
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,YAAY,EACV,QAAQ,EACR,eAAe,EACf,aAAa,EACb,aAAa,EACb,SAAS,GACV,MAAM,wBAAwB,CAAC;AAEhC,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,YAAY,EACV,QAAQ,EACR,eAAe,EACf,aAAa,EACb,aAAa,EACb,SAAS,GACV,MAAM,wBAAwB,CAAC;AAEhC,OAAO,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAMjE,yDAAyD;AACzD,MAAM,MAAM,YAAY,GAAG,OAAO,CAAC;AAEnC,wCAAwC;AACxC,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IAC1C,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,YAAY,EAAE,CAAC;CAC1B;AAED,6BAA6B;AAC7B,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,GAAG,CAAC,EAAE,OAAO,sBAAsB,EAAE,gBAAgB,CAAC;IACtD,gCAAgC;IAChC,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,iCAAiC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,qDAAqD;IACrD,UAAU,CAAC,EAAE,KAAK,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,OAAO,CAAC;QAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;KAAE,CAAC,CAAC;CAC/F;AAED,4BAA4B;AAC5B,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,wBAAwB,EAAE,aAAa,GAAG,IAAI,CAAC;IAChE,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,SAAS,CAAC;IACrB,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzB,mDAAmD;IACnD,cAAc,CAAC,EAAE;QACf,OAAO,EAAE,aAAa,CAAC;YACrB,EAAE,EAAE,MAAM,CAAC;YACX,IAAI,EAAE,SAAS,GAAG,SAAS,CAAC;YAC5B,KAAK,EAAE,MAAM,CAAC;YACd,MAAM,EAAE,MAAM,CAAC;SAChB,CAAC,CAAC;QACH,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@panguard-ai/panguard-skill-auditor",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.4.1",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -28,24 +28,24 @@
|
|
|
28
28
|
"package.json",
|
|
29
29
|
"README.md"
|
|
30
30
|
],
|
|
31
|
+
"scripts": {
|
|
32
|
+
"build": "tsc --build",
|
|
33
|
+
"clean": "rm -rf dist tsconfig.tsbuildinfo",
|
|
34
|
+
"typecheck": "tsc --noEmit",
|
|
35
|
+
"test": "vitest run",
|
|
36
|
+
"dev": "tsc --build --watch"
|
|
37
|
+
},
|
|
31
38
|
"dependencies": {
|
|
32
|
-
"
|
|
33
|
-
"@panguard-ai/
|
|
34
|
-
"@panguard-ai/
|
|
35
|
-
"@panguard-ai/core": "
|
|
36
|
-
"
|
|
39
|
+
"@panguard-ai/atr": "workspace:*",
|
|
40
|
+
"@panguard-ai/core": "workspace:*",
|
|
41
|
+
"@panguard-ai/panguard-scan": "workspace:*",
|
|
42
|
+
"@panguard-ai/scan-core": "workspace:*",
|
|
43
|
+
"js-yaml": "^4.1.0"
|
|
37
44
|
},
|
|
38
45
|
"devDependencies": {
|
|
39
46
|
"@types/js-yaml": "^4.0.9",
|
|
40
47
|
"@types/node": "^22.14.0",
|
|
41
48
|
"typescript": "~5.7.3",
|
|
42
49
|
"vitest": "^3.0.0"
|
|
43
|
-
},
|
|
44
|
-
"scripts": {
|
|
45
|
-
"build": "tsc --build",
|
|
46
|
-
"clean": "rm -rf dist tsconfig.tsbuildinfo",
|
|
47
|
-
"typecheck": "tsc --noEmit",
|
|
48
|
-
"test": "vitest run",
|
|
49
|
-
"dev": "tsc --build --watch"
|
|
50
50
|
}
|
|
51
|
-
}
|
|
51
|
+
}
|
package/LICENSE
DELETED
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
MIT License
|
|
2
|
-
|
|
3
|
-
Copyright (c) 2025-2026 Panguard AI Team
|
|
4
|
-
|
|
5
|
-
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
-
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
-
in the Software without restriction, including without limitation the rights
|
|
8
|
-
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
-
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
-
furnished to do so, subject to the following conditions:
|
|
11
|
-
|
|
12
|
-
The above copyright notice and this permission notice shall be included in all
|
|
13
|
-
copies or substantial portions of the Software.
|
|
14
|
-
|
|
15
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
-
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
-
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
-
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
-
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
-
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
-
SOFTWARE.
|