npm - @panguard-ai/scan-core - Versions diffs - 0.1.0 - Mend

@panguard-ai/scan-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (69) hide show

package/dist/__tests__/atr-engine.test.d.ts +2 -0
package/dist/__tests__/atr-engine.test.d.ts.map +1 -0
package/dist/__tests__/atr-engine.test.js +360 -0
package/dist/__tests__/atr-engine.test.js.map +1 -0
package/dist/__tests__/context-signals.test.d.ts +2 -0
package/dist/__tests__/context-signals.test.d.ts.map +1 -0
package/dist/__tests__/context-signals.test.js +373 -0
package/dist/__tests__/context-signals.test.js.map +1 -0
package/dist/__tests__/hash-utils.test.d.ts +2 -0
package/dist/__tests__/hash-utils.test.d.ts.map +1 -0
package/dist/__tests__/hash-utils.test.js +89 -0
package/dist/__tests__/hash-utils.test.js.map +1 -0
package/dist/__tests__/manifest-parser.test.d.ts +2 -0
package/dist/__tests__/manifest-parser.test.d.ts.map +1 -0
package/dist/__tests__/manifest-parser.test.js +246 -0
package/dist/__tests__/manifest-parser.test.js.map +1 -0
package/dist/__tests__/risk-scorer.test.d.ts +2 -0
package/dist/__tests__/risk-scorer.test.d.ts.map +1 -0
package/dist/__tests__/risk-scorer.test.js +189 -0
package/dist/__tests__/risk-scorer.test.js.map +1 -0
package/dist/__tests__/scanner.test.d.ts +2 -0
package/dist/__tests__/scanner.test.d.ts.map +1 -0
package/dist/__tests__/scanner.test.js +442 -0
package/dist/__tests__/scanner.test.js.map +1 -0
package/dist/atr-engine.d.ts +31 -0
package/dist/atr-engine.d.ts.map +1 -0
package/dist/atr-engine.js +149 -0
package/dist/atr-engine.js.map +1 -0
package/dist/context-signals.d.ts +33 -0
package/dist/context-signals.d.ts.map +1 -0
package/dist/context-signals.js +162 -0
package/dist/context-signals.js.map +1 -0
package/dist/hash-utils.d.ts +20 -0
package/dist/hash-utils.d.ts.map +1 -0
package/dist/hash-utils.js +28 -0
package/dist/hash-utils.js.map +1 -0
package/dist/index.d.ts +17 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +17 -0
package/dist/index.js.map +1 -0
package/dist/instruction-patterns.d.ts +18 -0
package/dist/instruction-patterns.d.ts.map +1 -0
package/dist/instruction-patterns.js +291 -0
package/dist/instruction-patterns.js.map +1 -0
package/dist/manifest-parser.d.ts +19 -0
package/dist/manifest-parser.d.ts.map +1 -0
package/dist/manifest-parser.js +73 -0
package/dist/manifest-parser.js.map +1 -0
package/dist/markdown-utils.d.ts +16 -0
package/dist/markdown-utils.d.ts.map +1 -0
package/dist/markdown-utils.js +41 -0
package/dist/markdown-utils.js.map +1 -0
package/dist/risk-scorer.d.ts +21 -0
package/dist/risk-scorer.d.ts.map +1 -0
package/dist/risk-scorer.js +63 -0
package/dist/risk-scorer.js.map +1 -0
package/dist/scanner.d.ts +24 -0
package/dist/scanner.d.ts.map +1 -0
package/dist/scanner.js +131 -0
package/dist/scanner.js.map +1 -0
package/dist/secret-detection.d.ts +16 -0
package/dist/secret-detection.d.ts.map +1 -0
package/dist/secret-detection.js +42 -0
package/dist/secret-detection.js.map +1 -0
package/dist/types.d.ts +106 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +8 -0
package/dist/types.js.map +1 -0
package/package.json +47 -0

package/dist/manifest-parser.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+/**
+ * String-based SKILL.md manifest parser.
+ *
+ * Parses YAML frontmatter from raw content string.
+ * No filesystem dependencies - caller is responsible for reading the file.
+ */
+import type { SkillManifest } from './types.js';
+/**
+ * Parse SKILL.md content string and extract manifest + instructions.
+ *
+ * @param content - Raw SKILL.md content
+ * @param fallbackName - Name to use if no name field in frontmatter (e.g. directory name)
+ */
+export declare function parseManifestFromString(content: string, fallbackName?: string): SkillManifest;
+/**
+ * Quick skill name extraction from raw content (no full parse).
+ */
+export declare function parseSkillName(content: string): string | null;
+//# sourceMappingURL=manifest-parser.d.ts.map

package/dist/manifest-parser.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"manifest-parser.d.ts","sourceRoot":"","sources":["../src/manifest-parser.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,aAAa,EAAiB,MAAM,YAAY,CAAC;AAI/D;;;;;GAKG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,MAAM,EACf,YAAY,GAAE,MAAkB,GAC/B,aAAa,CAmDf;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAG7D"}

package/dist/manifest-parser.js ADDED Viewed

@@ -0,0 +1,73 @@
+/**
+ * String-based SKILL.md manifest parser.
+ *
+ * Parses YAML frontmatter from raw content string.
+ * No filesystem dependencies - caller is responsible for reading the file.
+ */
+import yaml from 'js-yaml';
+const FRONTMATTER_RE = /^---\r?\n([\s\S]*?)\r?\n---\r?\n?([\s\S]*)$/;
+/**
+ * Parse SKILL.md content string and extract manifest + instructions.
+ *
+ * @param content - Raw SKILL.md content
+ * @param fallbackName - Name to use if no name field in frontmatter (e.g. directory name)
+ */
+export function parseManifestFromString(content, fallbackName = 'unknown') {
+    const match = FRONTMATTER_RE.exec(content);
+    if (!match) {
+        // No frontmatter - treat entire content as instructions
+        return {
+            name: fallbackName,
+            description: '',
+            instructions: content,
+        };
+    }
+    const [, frontmatterRaw, instructions] = match;
+    let parsed;
+    try {
+        parsed =
+            yaml.load(frontmatterRaw ?? '', { schema: yaml.JSON_SCHEMA }) ??
+                {};
+    }
+    catch {
+        return {
+            name: fallbackName,
+            description: '',
+            instructions: instructions ?? content,
+        };
+    }
+    // Parse metadata - can be a JSON string or an object
+    let metadata;
+    if (typeof parsed['metadata'] === 'string') {
+        try {
+            metadata = JSON.parse(parsed['metadata']);
+        }
+        catch {
+            metadata = undefined;
+        }
+    }
+    else if (typeof parsed['metadata'] === 'object' && parsed['metadata'] !== null) {
+        metadata = parsed['metadata'];
+    }
+    return {
+        name: parsed['name'] ?? fallbackName,
+        description: parsed['description'] ?? '',
+        license: parsed['license'],
+        homepage: parsed['homepage'],
+        userInvocable: parsed['user-invocable'],
+        disableModelInvocation: parsed['disable-model-invocation'],
+        commandDispatch: parsed['command-dispatch'],
+        commandTool: parsed['command-tool'],
+        metadata,
+        'allowed-tools': parsed['allowed-tools'],
+        instructions: instructions ?? '',
+    };
+}
+/**
+ * Quick skill name extraction from raw content (no full parse).
+ */
+export function parseSkillName(content) {
+    const match = content.match(/^---\n[\s\S]*?^name:\s*(.+)$/m);
+    return match?.[1]?.trim() ?? null;
+}
+//# sourceMappingURL=manifest-parser.js.map

package/dist/manifest-parser.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"manifest-parser.js","sourceRoot":"","sources":["../src/manifest-parser.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,IAAI,MAAM,SAAS,CAAC;AAG3B,MAAM,cAAc,GAAG,6CAA6C,CAAC;AAErE;;;;;GAKG;AACH,MAAM,UAAU,uBAAuB,CACrC,OAAe,EACf,eAAuB,SAAS;IAEhC,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC3C,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,wDAAwD;QACxD,OAAO;YACL,IAAI,EAAE,YAAY;YAClB,WAAW,EAAE,EAAE;YACf,YAAY,EAAE,OAAO;SACtB,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,EAAE,cAAc,EAAE,YAAY,CAAC,GAAG,KAAK,CAAC;IAE/C,IAAI,MAA+B,CAAC;IACpC,IAAI,CAAC;QACH,MAAM;YACH,IAAI,CAAC,IAAI,CAAC,cAAc,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,IAAI,CAAC,WAAW,EAAE,CAA6B;gBAC1F,EAAE,CAAC;IACP,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,IAAI,EAAE,YAAY;YAClB,WAAW,EAAE,EAAE;YACf,YAAY,EAAE,YAAY,IAAI,OAAO;SACtC,CAAC;IACJ,CAAC;IAED,qDAAqD;IACrD,IAAI,QAAmC,CAAC;IACxC,IAAI,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,QAAQ,EAAE,CAAC;QAC3C,IAAI,CAAC;YACH,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAkB,CAAC;QAC7D,CAAC;QAAC,MAAM,CAAC;YACP,QAAQ,GAAG,SAAS,CAAC;QACvB,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,MAAM,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,IAAI,EAAE,CAAC;QACjF,QAAQ,GAAG,MAAM,CAAC,UAAU,CAAkB,CAAC;IACjD,CAAC;IAED,OAAO;QACL,IAAI,EAAG,MAAM,CAAC,MAAM,CAAY,IAAI,YAAY;QAChD,WAAW,EAAG,MAAM,CAAC,aAAa,CAAY,IAAI,EAAE;QACpD,OAAO,EAAE,MAAM,CAAC,SAAS,CAAuB;QAChD,QAAQ,EAAE,MAAM,CAAC,UAAU,CAAuB;QAClD,aAAa,EAAE,MAAM,CAAC,gBAAgB,CAAwB;QAC9D,sBAAsB,EAAE,MAAM,CAAC,0BAA0B,CAAwB;QACjF,eAAe,EAAE,MAAM,CAAC,kBAAkB,CAAuB;QACjE,WAAW,EAAE,MAAM,CAAC,cAAc,CAAuB;QACzD,QAAQ;QACR,eAAe,EAAE,MAAM,CAAC,eAAe,CAAkC;QACzE,YAAY,EAAE,YAAY,IAAI,EAAE;KACjC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;IAC7D,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;AACpC,CAAC"}

package/dist/markdown-utils.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Markdown processing utilities for scan-core.
+ *
+ * Pure string operations, no I/O.
+ */
+/**
+ * Strip markdown code blocks, inline code, blockquotes, HTML tags, and link URLs.
+ * Used for two-pass ATR scanning: raw content catches hidden attacks,
+ * stripped content catches attacks in prose.
+ */
+export declare function stripMarkdownNoise(raw: string): string;
+/** Extract content from fenced code blocks */
+export declare function extractCodeBlocks(content: string): string;
+/** Remove fenced code blocks from content */
+export declare function stripCodeBlocks(content: string): string;
+//# sourceMappingURL=markdown-utils.d.ts.map

package/dist/markdown-utils.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"markdown-utils.d.ts","sourceRoot":"","sources":["../src/markdown-utils.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAetD;AAED,8CAA8C;AAC9C,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAQzD;AAED,6CAA6C;AAC7C,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEvD"}

package/dist/markdown-utils.js ADDED Viewed

@@ -0,0 +1,41 @@
+/**
+ * Markdown processing utilities for scan-core.
+ *
+ * Pure string operations, no I/O.
+ */
+/**
+ * Strip markdown code blocks, inline code, blockquotes, HTML tags, and link URLs.
+ * Used for two-pass ATR scanning: raw content catches hidden attacks,
+ * stripped content catches attacks in prose.
+ */
+export function stripMarkdownNoise(raw) {
+    let cleaned = raw;
+    // Remove fenced code blocks (```...```)
+    cleaned = cleaned.replace(/```[\s\S]*?```/g, ' ');
+    // Remove indented code blocks (4 spaces or 1 tab)
+    cleaned = cleaned.replace(/^(?:    |\t).+$/gm, ' ');
+    // Remove inline code (`...`)
+    cleaned = cleaned.replace(/`[^`]+`/g, ' ');
+    // Remove blockquotes
+    cleaned = cleaned.replace(/^>\s?.+$/gm, ' ');
+    // Remove markdown link URLs (keep link text)
+    cleaned = cleaned.replace(/\[([^\]]*)\]\([^)]+\)/g, '$1');
+    // Remove HTML tags
+    cleaned = cleaned.replace(/<[^>]+>/g, ' ');
+    return cleaned;
+}
+/** Extract content from fenced code blocks */
+export function extractCodeBlocks(content) {
+    const blocks = [];
+    const re = /```[\s\S]*?```/g;
+    let match;
+    while ((match = re.exec(content)) !== null) {
+        blocks.push(match[0]);
+    }
+    return blocks.join('\n');
+}
+/** Remove fenced code blocks from content */
+export function stripCodeBlocks(content) {
+    return content.replace(/```[\s\S]*?```/g, ' ');
+}
+//# sourceMappingURL=markdown-utils.js.map

package/dist/markdown-utils.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"markdown-utils.js","sourceRoot":"","sources":["../src/markdown-utils.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,GAAW;IAC5C,IAAI,OAAO,GAAG,GAAG,CAAC;IAClB,wCAAwC;IACxC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;IAClD,kDAAkD;IAClD,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;IACpD,6BAA6B;IAC7B,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;IAC3C,qBAAqB;IACrB,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;IAC7C,6CAA6C;IAC7C,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,wBAAwB,EAAE,IAAI,CAAC,CAAC;IAC1D,mBAAmB;IACnB,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;IAC3C,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,8CAA8C;AAC9C,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,EAAE,GAAG,iBAAiB,CAAC;IAC7B,IAAI,KAA6B,CAAC;IAClC,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,OAAO,OAAO,CAAC,OAAO,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;AACjD,CAAC"}

package/dist/risk-scorer.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Risk scoring engine
+ *
+ * Calculates a 0-100 risk score from findings.
+ * Deduplicates findings by ID - only the highest severity instance counts.
+ */
+import type { Finding, RiskLevel } from './types.js';
+/**
+ * Calculate risk score (0-100) from findings.
+ * Deduplicates by finding ID - keeps the highest severity instance.
+ *
+ * @param findings - Scan findings to score
+ * @param contextMultiplier - Multiplier from context signals (default 1.0).
+ *   >1 = malicious context (boosts score).
+ *   <1 = legitimate context (reduces score).
+ */
+export declare function calculateRiskScore(findings: readonly Finding[], contextMultiplier?: number): {
+    score: number;
+    level: RiskLevel;
+};
+//# sourceMappingURL=risk-scorer.d.ts.map

package/dist/risk-scorer.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"risk-scorer.d.ts","sourceRoot":"","sources":["../src/risk-scorer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,SAAS,EAAY,MAAM,YAAY,CAAC;AAkB/D;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,SAAS,OAAO,EAAE,EAC5B,iBAAiB,GAAE,MAAY,GAC9B;IACD,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,SAAS,CAAC;CAClB,CAoCA"}

package/dist/risk-scorer.js ADDED Viewed

@@ -0,0 +1,63 @@
+/**
+ * Risk scoring engine
+ *
+ * Calculates a 0-100 risk score from findings.
+ * Deduplicates findings by ID - only the highest severity instance counts.
+ */
+const SEVERITY_WEIGHTS = {
+    critical: 25,
+    high: 15,
+    medium: 5,
+    low: 1,
+    info: 0,
+};
+const SEVERITY_RANK = {
+    critical: 4,
+    high: 3,
+    medium: 2,
+    low: 1,
+    info: 0,
+};
+/**
+ * Calculate risk score (0-100) from findings.
+ * Deduplicates by finding ID - keeps the highest severity instance.
+ *
+ * @param findings - Scan findings to score
+ * @param contextMultiplier - Multiplier from context signals (default 1.0).
+ *   >1 = malicious context (boosts score).
+ *   <1 = legitimate context (reduces score).
+ */
+export function calculateRiskScore(findings, contextMultiplier = 1.0) {
+    // Deduplicate: keep highest severity per finding ID
+    const deduped = new Map();
+    for (const finding of findings) {
+        const existing = deduped.get(finding.id);
+        if (!existing ||
+            (SEVERITY_RANK[finding.severity] ?? 0) > (SEVERITY_RANK[existing.severity] ?? 0)) {
+            deduped.set(finding.id, finding);
+        }
+    }
+    let rawScore = 0;
+    for (const finding of deduped.values()) {
+        rawScore += SEVERITY_WEIGHTS[finding.severity] ?? 0;
+    }
+    // Apply context multiplier
+    const adjustedScore = Math.round(rawScore * contextMultiplier);
+    const score = Math.min(100, adjustedScore);
+    const hasCritical = [...deduped.values()].some((f) => f.severity === 'critical');
+    // Critical-override behavior depends on context:
+    // - Normal context (multiplier >= 0.6): critical finding forces at least HIGH
+    // - Strong legitimate context (multiplier < 0.6): critical finding forces MEDIUM only
+    const weakenedCriticalOverride = contextMultiplier < 0.6;
+    let level;
+    if (score >= 70 || (hasCritical && !weakenedCriticalOverride && score >= 25))
+        level = 'CRITICAL';
+    else if (score >= 40 || (hasCritical && !weakenedCriticalOverride))
+        level = 'HIGH';
+    else if (score >= 15 || (hasCritical && weakenedCriticalOverride))
+        level = 'MEDIUM';
+    else
+        level = 'LOW';
+    return { score, level };
+}
+//# sourceMappingURL=risk-scorer.js.map

package/dist/risk-scorer.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"risk-scorer.js","sourceRoot":"","sources":["../src/risk-scorer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,MAAM,gBAAgB,GAA2B;IAC/C,QAAQ,EAAE,EAAE;IACZ,IAAI,EAAE,EAAE;IACR,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,UAAU,kBAAkB,CAChC,QAA4B,EAC5B,oBAA4B,GAAG;IAK/B,oDAAoD;IACpD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAmB,CAAC;IAC3C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACzC,IACE,CAAC,QAAQ;YACT,CAAC,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAChF,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;QACvC,QAAQ,IAAI,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACtD,CAAC;IAED,2BAA2B;IAC3B,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,GAAG,iBAAiB,CAAC,CAAC;IAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IAE3C,MAAM,WAAW,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;IAEjF,iDAAiD;IACjD,8EAA8E;IAC9E,sFAAsF;IACtF,MAAM,wBAAwB,GAAG,iBAAiB,GAAG,GAAG,CAAC;IAEzD,IAAI,KAAgB,CAAC;IACrB,IAAI,KAAK,IAAI,EAAE,IAAI,CAAC,WAAW,IAAI,CAAC,wBAAwB,IAAI,KAAK,IAAI,EAAE,CAAC;QAAE,KAAK,GAAG,UAAU,CAAC;SAC5F,IAAI,KAAK,IAAI,EAAE,IAAI,CAAC,WAAW,IAAI,CAAC,wBAAwB,CAAC;QAAE,KAAK,GAAG,MAAM,CAAC;SAC9E,IAAI,KAAK,IAAI,EAAE,IAAI,CAAC,WAAW,IAAI,wBAAwB,CAAC;QAAE,KAAK,GAAG,QAAQ,CAAC;;QAC/E,KAAK,GAAG,KAAK,CAAC;IAEnB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;AAC1B,CAAC"}

package/dist/scanner.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+/**
+ * Unified scan entry point.
+ *
+ * scanContent() is the single function both CLI and Website call.
+ * Pure function: takes content string + options, returns ScanResult.
+ * No I/O, no network, no filesystem.
+ */
+import type { ScanOptions, ScanResult } from './types.js';
+/**
+ * Scan skill content for security threats.
+ *
+ * Composes all detection layers:
+ * 1. Manifest parsing
+ * 2. Context signal detection (boosters/reducers)
+ * 3. ATR rule matching (two-pass: raw + stripped)
+ * 4. Instruction pattern matching (prompt injection, tool poisoning, encoding attacks)
+ * 5. Secret detection
+ * 6. Risk scoring with context multiplier
+ *
+ * @param content - Raw SKILL.md or README.md content
+ * @param options - Scan configuration
+ */
+export declare function scanContent(content: string, options?: ScanOptions): ScanResult;
+//# sourceMappingURL=scanner.d.ts.map

package/dist/scanner.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EAIX,MAAM,YAAY,CAAC;AASpB;;;;;;;;;;;;;GAaG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,GAAE,WAAgB,GAAG,UAAU,CAsHlF"}

package/dist/scanner.js ADDED Viewed

@@ -0,0 +1,131 @@
+/**
+ * Unified scan entry point.
+ *
+ * scanContent() is the single function both CLI and Website call.
+ * Pure function: takes content string + options, returns ScanResult.
+ * No I/O, no network, no filesystem.
+ */
+import { parseManifestFromString, parseSkillName } from './manifest-parser.js';
+import { checkInstructions } from './instruction-patterns.js';
+import { detectSecrets } from './secret-detection.js';
+import { detectContextSignals } from './context-signals.js';
+import { scanWithATR } from './atr-engine.js';
+import { calculateRiskScore } from './risk-scorer.js';
+import { contentHash, patternHash } from './hash-utils.js';
+/**
+ * Scan skill content for security threats.
+ *
+ * Composes all detection layers:
+ * 1. Manifest parsing
+ * 2. Context signal detection (boosters/reducers)
+ * 3. ATR rule matching (two-pass: raw + stripped)
+ * 4. Instruction pattern matching (prompt injection, tool poisoning, encoding attacks)
+ * 5. Secret detection
+ * 6. Risk scoring with context multiplier
+ *
+ * @param content - Raw SKILL.md or README.md content
+ * @param options - Scan configuration
+ */
+export function scanContent(content, options = {}) {
+    const start = Date.now();
+    // Early return for empty content
+    if (!content || content.trim().length === 0) {
+        return {
+            skillName: options.skillName ?? null,
+            manifest: null,
+            findings: [],
+            checks: [{ status: 'info', label: 'No content to scan' }],
+            riskScore: 0,
+            riskLevel: 'LOW',
+            contextSignals: { signals: [], multiplier: 1.0 },
+            atrRulesEvaluated: 0,
+            atrPatternsMatched: 0,
+            contentHash: contentHash(content || ''),
+            patternHash: '',
+            durationMs: Date.now() - start,
+        };
+    }
+    const findings = [];
+    const checks = [];
+    const sourceType = options.sourceType ?? 'skill';
+    const isReadme = sourceType === 'documentation';
+    // -- Parse manifest --
+    const skillName = options.skillName ?? parseSkillName(content);
+    const manifest = parseManifestFromString(content, skillName ?? 'unknown');
+    // -- Context signals (pre-compute for ATR severity adjustments) --
+    const ctx = detectContextSignals(content, manifest);
+    const hasStrongReducers = ctx.multiplier < 0.7;
+    const allReducers = ctx.signals.every(s => s.type === 'reducer');
+    // -- ATR pattern detection --
+    const atrRules = options.atrRules ?? [];
+    let atrMatchedCount = 0;
+    if (atrRules.length > 0) {
+        const atrResult = scanWithATR(content, atrRules, {
+            isReadme,
+            hasStrongReducers,
+            allReducers,
+        });
+        findings.push(...atrResult.findings);
+        checks.push(atrResult.check);
+        atrMatchedCount = atrResult.matchedCount;
+    }
+    // -- Instruction pattern detection --
+    const instrResult = checkInstructions(manifest.instructions || content, sourceType);
+    findings.push(...instrResult.findings);
+    checks.push({ status: instrResult.status, label: instrResult.label, findings: instrResult.findings });
+    // -- Secret detection --
+    const secretResult = detectSecrets(content);
+    findings.push(...secretResult.findings);
+    checks.push(secretResult.check);
+    // -- Manifest validation --
+    const hasFrontmatter = /^---\n[\s\S]*?\n---/.test(content);
+    const hasName = /^name:\s*.+/m.test(content);
+    if (isReadme) {
+        checks.push({ status: 'info', label: 'Manifest: no SKILL.md found, analyzed README.md' });
+    }
+    else if (!hasFrontmatter || !hasName) {
+        checks.push({ status: 'warn', label: 'Manifest: incomplete structure' });
+    }
+    else {
+        checks.push({ status: 'pass', label: 'Manifest: valid' });
+    }
+    // -- Content size --
+    checks.push({
+        status: content.length > 50_000 ? 'warn' : 'pass',
+        label: `Size: ${(content.length / 1024).toFixed(1)}KB`,
+    });
+    // -- Context signals report --
+    if (ctx.signals.length > 0) {
+        const boosterCount = ctx.signals.filter(s => s.type === 'booster').length;
+        const reducerCount = ctx.signals.filter(s => s.type === 'reducer').length;
+        checks.push({
+            status: boosterCount > 0 ? 'warn' : 'pass',
+            label: `Context: ${boosterCount} risk booster(s), ${reducerCount} reducer(s), multiplier ${ctx.multiplier.toFixed(2)}x`,
+        });
+    }
+    // -- Risk scoring --
+    const { score, level } = calculateRiskScore(findings, ctx.multiplier);
+    // -- Hashes --
+    const cHash = contentHash(content);
+    const highFindings = findings
+        .filter((f) => f.severity === 'critical' || f.severity === 'high')
+        .slice(0, 5);
+    const findingSummary = highFindings.map((f) => f.title).join('; ');
+    const pHash = patternHash(skillName ?? cHash, findingSummary);
+    const durationMs = Date.now() - start;
+    return {
+        skillName,
+        manifest,
+        findings,
+        checks,
+        riskScore: score,
+        riskLevel: level,
+        contextSignals: ctx,
+        atrRulesEvaluated: atrRules.length,
+        atrPatternsMatched: atrMatchedCount,
+        contentHash: cHash,
+        patternHash: pHash,
+        durationMs,
+    };
+}
+//# sourceMappingURL=scanner.js.map

package/dist/scanner.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"scanner.js","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AASH,OAAO,EAAE,uBAAuB,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAE3D;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,WAAW,CAAC,OAAe,EAAE,UAAuB,EAAE;IACpE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,iCAAiC;IACjC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,IAAI;YACpC,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,EAAE;YACZ,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;YACzD,SAAS,EAAE,CAAC;YACZ,SAAS,EAAE,KAAK;YAChB,cAAc,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE;YAChD,iBAAiB,EAAE,CAAC;YACpB,kBAAkB,EAAE,CAAC;YACrB,WAAW,EAAE,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;YACvC,WAAW,EAAE,EAAE;YACf,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;SAC/B,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAkB,EAAE,CAAC;IAEjC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC;IACjD,MAAM,QAAQ,GAAG,UAAU,KAAK,eAAe,CAAC;IAEhD,uBAAuB;IACvB,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,uBAAuB,CAAC,OAAO,EAAE,SAAS,IAAI,SAAS,CAAC,CAAC;IAE1E,mEAAmE;IACnE,MAAM,GAAG,GAAG,oBAAoB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACpD,MAAM,iBAAiB,GAAG,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;IAC/C,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;IAEjE,8BAA8B;IAC9B,MAAM,QAAQ,GAA4B,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC;IACjE,IAAI,eAAe,GAAG,CAAC,CAAC;IAExB,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE;YAC/C,QAAQ;YACR,iBAAiB;YACjB,WAAW;SACZ,CAAC,CAAC;QACH,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC7B,eAAe,GAAG,SAAS,CAAC,YAAY,CAAC;IAC3C,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,iBAAiB,CACnC,QAAQ,CAAC,YAAY,IAAI,OAAO,EAChC,UAAU,CACX,CAAC;IACF,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,WAAW,CAAC,KAAK,EAAE,QAAQ,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEtG,yBAAyB;IACzB,MAAM,YAAY,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;IAC5C,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACxC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;IAEhC,4BAA4B;IAC5B,MAAM,cAAc,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC3D,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC7C,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,iDAAiD,EAAE,CAAC,CAAC;IAC5F,CAAC;SAAM,IAAI,CAAC,cAAc,IAAI,CAAC,OAAO,EAAE,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,gCAAgC,EAAE,CAAC,CAAC;IAC3E,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,qBAAqB;IACrB,MAAM,CAAC,IAAI,CAAC;QACV,MAAM,EAAE,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;QACjD,KAAK,EAAE,SAAS,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;KACvD,CAAC,CAAC;IAEH,+BAA+B;IAC/B,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;QAC1E,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;QAC1E,MAAM,CAAC,IAAI,CAAC;YACV,MAAM,EAAE,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YAC1C,KAAK,EAAE,YAAY,YAAY,qBAAqB,YAAY,2BAA2B,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;SACxH,CAAC,CAAC;IACL,CAAC;IAED,qBAAqB;IACrB,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,kBAAkB,CAAC,QAAQ,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;IAEtE,eAAe;IACf,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,YAAY,GAAG,QAAQ;SAC1B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;SACjE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACf,MAAM,cAAc,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnE,MAAM,KAAK,GAAG,WAAW,CAAC,SAAS,IAAI,KAAK,EAAE,cAAc,CAAC,CAAC;IAE9D,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC;IAEtC,OAAO;QACL,SAAS;QACT,QAAQ;QACR,QAAQ;QACR,MAAM;QACN,SAAS,EAAE,KAAK;QAChB,SAAS,EAAE,KAAK;QAChB,cAAc,EAAE,GAAG;QACnB,iBAAiB,EAAE,QAAQ,CAAC,MAAM;QAClC,kBAAkB,EAAE,eAAe;QACnC,WAAW,EAAE,KAAK;QAClB,WAAW,EAAE,KAAK;QAClB,UAAU;KACX,CAAC;AACJ,CAAC"}

package/dist/secret-detection.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Hardcoded secret detection.
+ *
+ * Detects exposed API keys, tokens, and private keys in skill content.
+ */
+import type { Finding, CheckResult } from './types.js';
+/**
+ * Scan content for hardcoded secrets.
+ *
+ * @returns Findings for each detected secret type + a check summary.
+ */
+export declare function detectSecrets(content: string): {
+    findings: Finding[];
+    check: CheckResult;
+};
+//# sourceMappingURL=secret-detection.d.ts.map

package/dist/secret-detection.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"secret-detection.d.ts","sourceRoot":"","sources":["../src/secret-detection.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAmBvD;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG;IAC9C,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,WAAW,CAAC;CACpB,CAsBA"}

package/dist/secret-detection.js ADDED Viewed

@@ -0,0 +1,42 @@
+/**
+ * Hardcoded secret detection.
+ *
+ * Detects exposed API keys, tokens, and private keys in skill content.
+ */
+const SECRET_PATTERNS = [
+    { id: 'secret-aws', pattern: /AKIA[0-9A-Z]{16}/, title: 'AWS Access Key exposed' },
+    { id: 'secret-github', pattern: /gh[pousr]_[A-Za-z0-9_]{36,}/, title: 'GitHub token exposed' },
+    { id: 'secret-sk', pattern: /sk-[A-Za-z0-9]{20,}/, title: 'API secret key exposed' },
+    {
+        id: 'secret-private-key',
+        pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/,
+        title: 'Private key exposed',
+    },
+];
+/**
+ * Scan content for hardcoded secrets.
+ *
+ * @returns Findings for each detected secret type + a check summary.
+ */
+export function detectSecrets(content) {
+    const findings = [];
+    for (const p of SECRET_PATTERNS) {
+        if (p.pattern.test(content)) {
+            findings.push({
+                id: p.id,
+                title: p.title,
+                description: 'Hardcoded secret found in content',
+                severity: 'critical',
+                category: 'secrets',
+            });
+        }
+    }
+    return {
+        findings,
+        check: {
+            status: findings.length > 0 ? 'fail' : 'pass',
+            label: findings.length > 0 ? `Secrets: ${findings.length} exposed` : 'Secrets: none found',
+        },
+    };
+}
+//# sourceMappingURL=secret-detection.js.map

package/dist/secret-detection.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"secret-detection.js","sourceRoot":"","sources":["../src/secret-detection.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAUH,MAAM,eAAe,GAA6B;IAChD,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,kBAAkB,EAAE,KAAK,EAAE,wBAAwB,EAAE;IAClF,EAAE,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,6BAA6B,EAAE,KAAK,EAAE,sBAAsB,EAAE;IAC9F,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,qBAAqB,EAAE,KAAK,EAAE,wBAAwB,EAAE;IACpF;QACE,EAAE,EAAE,oBAAoB;QACxB,OAAO,EAAE,+CAA+C;QACxD,KAAK,EAAE,qBAAqB;KAC7B;CACF,CAAC;AAEF;;;;GAIG;AACH,MAAM,UAAU,aAAa,CAAC,OAAe;IAI3C,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,IAAI,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;aACpB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,QAAQ;QACR,KAAK,EAAE;YACL,MAAM,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YAC7C,KAAK,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,QAAQ,CAAC,MAAM,UAAU,CAAC,CAAC,CAAC,qBAAqB;SAC3F;KACF,CAAC;AACJ,CAAC"}

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,106 @@
+/**
+ * @panguard-ai/scan-core - Unified type definitions
+ *
+ * Shared between CLI Skill Auditor and Website scanner.
+ * These are the canonical types for all scan operations.
+ */
+export type Severity = 'info' | 'low' | 'medium' | 'high' | 'critical';
+export type FindingCategory = 'manifest' | 'prompt-injection' | 'tool-poisoning' | 'context-exfiltration' | 'agent-manipulation' | 'privilege-escalation' | 'excessive-autonomy' | 'data-poisoning' | 'model-abuse' | 'skill-compromise' | 'code' | 'secrets' | 'dependency' | 'permission' | 'ai-analysis' | 'atr';
+/** Single scan finding */
+export interface Finding {
+    readonly id: string;
+    readonly title: string;
+    readonly description: string;
+    readonly severity: Severity;
+    readonly category: FindingCategory | string;
+    readonly location?: string;
+}
+/** Result of a single check category */
+export interface CheckResult {
+    readonly status: 'pass' | 'warn' | 'fail' | 'info';
+    readonly label: string;
+    readonly findings?: readonly Finding[];
+}
+export type RiskLevel = 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
+export interface ContextSignal {
+    readonly id: string;
+    readonly type: 'booster' | 'reducer';
+    readonly label: string;
+    readonly weight: number;
+}
+export interface ContextSignals {
+    readonly signals: readonly ContextSignal[];
+    readonly multiplier: number;
+}
+export interface SkillMetadata {
+    readonly author?: string;
+    readonly version?: string;
+    readonly tags?: readonly string[];
+    readonly triggers?: readonly string[];
+    readonly openclaw?: {
+        readonly requires?: {
+            readonly bins?: readonly string[];
+            readonly env?: readonly string[];
+            readonly config?: readonly string[];
+        };
+        readonly primaryEnv?: string;
+        readonly os?: readonly string[];
+        readonly always?: boolean;
+        readonly homepage?: string;
+    };
+    readonly [key: string]: unknown;
+}
+export interface SkillManifest {
+    readonly name: string;
+    readonly description: string;
+    readonly license?: string;
+    readonly homepage?: string;
+    readonly userInvocable?: boolean;
+    readonly disableModelInvocation?: boolean;
+    readonly commandDispatch?: string;
+    readonly commandTool?: string;
+    readonly metadata?: SkillMetadata;
+    readonly 'allowed-tools'?: readonly string[];
+    /** Raw instruction body (after frontmatter) */
+    readonly instructions: string;
+}
+export interface ATRRuleCompiled {
+    readonly id: string;
+    readonly title: string;
+    readonly severity: string;
+    readonly category: string;
+    readonly patterns: ReadonlyArray<{
+        readonly field: string;
+        readonly pattern: string;
+        readonly desc: string;
+    }>;
+}
+export interface CompiledRule extends ATRRuleCompiled {
+    readonly compiled: ReadonlyArray<{
+        readonly regex: RegExp;
+        readonly desc: string;
+    }>;
+}
+export interface ScanOptions {
+    /** Source type hint: 'skill' (SKILL.md) or 'documentation' (README, docs) */
+    readonly sourceType?: 'skill' | 'documentation';
+    /** Pre-compiled ATR rules (if omitted, no ATR scanning) */
+    readonly atrRules?: readonly CompiledRule[];
+    /** Skill name override (auto-detected from frontmatter if omitted) */
+    readonly skillName?: string;
+}
+export interface ScanResult {
+    readonly skillName: string | null;
+    readonly manifest: SkillManifest | null;
+    readonly findings: readonly Finding[];
+    readonly checks: readonly CheckResult[];
+    readonly riskScore: number;
+    readonly riskLevel: RiskLevel;
+    readonly contextSignals: ContextSignals;
+    readonly atrRulesEvaluated: number;
+    readonly atrPatternsMatched: number;
+    readonly contentHash: string;
+    readonly patternHash: string;
+    readonly durationMs: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAMvE,MAAM,MAAM,eAAe,GACvB,UAAU,GACV,kBAAkB,GAClB,gBAAgB,GAChB,sBAAsB,GACtB,oBAAoB,GACpB,sBAAsB,GACtB,oBAAoB,GACpB,gBAAgB,GAChB,aAAa,GACb,kBAAkB,GAClB,MAAM,GACN,SAAS,GACT,YAAY,GACZ,YAAY,GACZ,aAAa,GACb,KAAK,CAAC;AAEV,0BAA0B;AAC1B,MAAM,WAAW,OAAO;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,eAAe,GAAG,MAAM,CAAC;IAC5C,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,wCAAwC;AACxC,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IACnD,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,QAAQ,CAAC,EAAE,SAAS,OAAO,EAAE,CAAC;CACxC;AAMD,MAAM,MAAM,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAM/D,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,SAAS,GAAG,SAAS,CAAC;IACrC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,OAAO,EAAE,SAAS,aAAa,EAAE,CAAC;IAC3C,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAMD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAClC,QAAQ,CAAC,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACtC,QAAQ,CAAC,QAAQ,CAAC,EAAE;QAClB,QAAQ,CAAC,QAAQ,CAAC,EAAE;YAClB,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;YAClC,QAAQ,CAAC,GAAG,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;YACjC,QAAQ,CAAC,MAAM,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;SACrC,CAAC;QACF,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;QAC7B,QAAQ,CAAC,EAAE,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;QAChC,QAAQ,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,QAAQ,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACjC;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,aAAa,CAAC,EAAE,OAAO,CAAC;IACjC,QAAQ,CAAC,sBAAsB,CAAC,EAAE,OAAO,CAAC;IAC1C,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,QAAQ,CAAC,EAAE,aAAa,CAAC;IAClC,QAAQ,CAAC,eAAe,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC7C,+CAA+C;IAC/C,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;CAC/B;AAMD,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC;QAC/B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QACvB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;QACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;KACvB,CAAC,CAAC;CACJ;AAED,MAAM,WAAW,YAAa,SAAQ,eAAe;IACnD,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC;QAAE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACrF;AAMD,MAAM,WAAW,WAAW;IAC1B,6EAA6E;IAC7E,QAAQ,CAAC,UAAU,CAAC,EAAE,OAAO,GAAG,eAAe,CAAC;IAChD,2DAA2D;IAC3D,QAAQ,CAAC,QAAQ,CAAC,EAAE,SAAS,YAAY,EAAE,CAAC;IAC5C,sEAAsE;IACtE,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,QAAQ,CAAC,QAAQ,EAAE,aAAa,GAAG,IAAI,CAAC;IACxC,QAAQ,CAAC,QAAQ,EAAE,SAAS,OAAO,EAAE,CAAC;IACtC,QAAQ,CAAC,MAAM,EAAE,SAAS,WAAW,EAAE,CAAC;IACxC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC;IAC9B,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAC;IACxC,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B"}

package/dist/types.js ADDED Viewed

@@ -0,0 +1,8 @@
+/**
+ * @panguard-ai/scan-core - Unified type definitions
+ *
+ * Shared between CLI Skill Auditor and Website scanner.
+ * These are the canonical types for all scan operations.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG"}