@panguard-ai/security-hardening 0.1.0

package/dist/sandbox/filesystem-guard.js

@@ -0,0 +1,67 @@
+/**
+ * Filesystem access control for Skills
+ * Skills 的檔案系統存取控制
+ *
+ * Restricts file access to whitelisted directories only.
+ * 限制檔案存取僅限白名單目錄。
+ *
+ * @module @panguard-ai/security-hardening/sandbox/filesystem-guard
+ */
+import { resolve, normalize } from 'path';
+import { createLogger, validateFilePath } from '@panguard-ai/core';
+const logger = createLogger('sandbox:filesystem-guard');
+/**
+ * Check if a file path is within allowed directories
+ * 檢查檔案路徑是否在允許的目錄內
+ *
+ * @param filePath - File path to check / 要檢查的檔案路徑
+ * @param allowedDirs - Allowed directories / 允許的目錄
+ * @returns true if path is allowed / 路徑被允許則回傳 true
+ */
+export function isPathAllowed(filePath, allowedDirs) {
+    if (allowedDirs.length === 0) {
+        logger.warn('No allowed directories configured, blocking all access');
+        return false;
+    }
+    try {
+        // Use core's validateFilePath to check for traversal attacks
+        const sanitized = validateFilePath(filePath);
+        const absolutePath = normalize(resolve(sanitized));
+        for (const dir of allowedDirs) {
+            const allowedAbsolute = normalize(resolve(dir));
+            if (absolutePath.startsWith(allowedAbsolute + '/') || absolutePath === allowedAbsolute) {
+                logger.info('Path access allowed', { filePath, allowedDir: dir });
+                return true;
+            }
+        }
+        logger.warn('Path access denied: not in allowed directories', { filePath });
+        return false;
+    }
+    catch (error) {
+        // validateFilePath throws on traversal attempts
+        logger.error('Path validation failed (possible traversal attack)', {
+            filePath,
+            error: String(error),
+        });
+        return false;
+    }
+}
+/**
+ * Create a filesystem guard function
+ * 建立檔案系統守衛函式
+ *
+ * Returns a function that throws if a path is not allowed.
+ * 回傳一個在路徑不被允許時拋出錯誤的函式。
+ *
+ * @param allowedDirs - Allowed directories / 允許的目錄
+ * @returns Guard function / 守衛函式
+ */
+export function createFilesystemGuard(allowedDirs) {
+    return (filePath) => {
+        if (!isPathAllowed(filePath, allowedDirs)) {
+            throw new Error(`Filesystem access denied: ${filePath} is not in allowed directories / ` +
+                `檔案系統存取拒絕：${filePath} 不在允許的目錄中`);
+        }
+    };
+}
+//# sourceMappingURL=filesystem-guard.js.map

package/dist/sandbox/filesystem-guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"filesystem-guard.js","sourceRoot":"","sources":["../../src/sandbox/filesystem-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAEnE,MAAM,MAAM,GAAG,YAAY,CAAC,0BAA0B,CAAC,CAAC;AAExD;;;;;;;GAOG;AACH,MAAM,UAAU,aAAa,CAAC,QAAgB,EAAE,WAAqB;IACnE,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACtE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC;QACH,6DAA6D;QAC7D,MAAM,SAAS,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC7C,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC;QAEnD,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;YAC9B,MAAM,eAAe,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;YAChD,IAAI,YAAY,CAAC,UAAU,CAAC,eAAe,GAAG,GAAG,CAAC,IAAI,YAAY,KAAK,eAAe,EAAE,CAAC;gBACvF,MAAM,CAAC,IAAI,CAAC,qBAAqB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;gBAClE,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC5E,OAAO,KAAK,CAAC;IACf,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,gDAAgD;QAChD,MAAM,CAAC,KAAK,CAAC,oDAAoD,EAAE;YACjE,QAAQ;YACR,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC;SACrB,CAAC,CAAC;QACH,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,qBAAqB,CAAC,WAAqB;IACzD,OAAO,CAAC,QAAgB,EAAQ,EAAE;QAChC,IAAI,CAAC,aAAa,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,KAAK,CACb,6BAA6B,QAAQ,mCAAmC;gBACtE,YAAY,QAAQ,WAAW,CAClC,CAAC;QACJ,CAAC;IACH,CAAC,CAAC;AACJ,CAAC"}

package/dist/sandbox/index.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Skill sandbox module
+ * Skill 沙盒模組
+ *
+ * @module @panguard-ai/security-hardening/sandbox
+ */
+export { isPathAllowed, createFilesystemGuard } from './filesystem-guard.js';
+export { isCommandAllowed, createCommandValidator, extractBaseCommand, DEFAULT_ALLOWED_COMMANDS, } from './command-whitelist.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/sandbox/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/sandbox/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC7E,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,kBAAkB,EAClB,wBAAwB,GACzB,MAAM,wBAAwB,CAAC"}

package/dist/sandbox/index.js

@@ -0,0 +1,9 @@
+/**
+ * Skill sandbox module
+ * Skill 沙盒模組
+ *
+ * @module @panguard-ai/security-hardening/sandbox
+ */
+export { isPathAllowed, createFilesystemGuard } from './filesystem-guard.js';
+export { isCommandAllowed, createCommandValidator, extractBaseCommand, DEFAULT_ALLOWED_COMMANDS, } from './command-whitelist.js';
+//# sourceMappingURL=index.js.map

package/dist/sandbox/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/sandbox/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC7E,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,kBAAkB,EAClB,wBAAwB,GACzB,MAAM,wBAAwB,CAAC"}

package/dist/scanner/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Security scanner module
+ * 安全掃描器模組
+ *
+ * @module @panguard-ai/security-hardening/scanner
+ */
+export { runSecurityAudit } from './vulnerability-scanner.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/scanner/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC"}

package/dist/scanner/index.js

@@ -0,0 +1,8 @@
+/**
+ * Security scanner module
+ * 安全掃描器模組
+ *
+ * @module @panguard-ai/security-hardening/scanner
+ */
+export { runSecurityAudit } from './vulnerability-scanner.js';
+//# sourceMappingURL=index.js.map

package/dist/scanner/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC"}

package/dist/scanner/vulnerability-scanner.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Security vulnerability scanner
+ * 安全漏洞掃描器
+ *
+ * Detects known vulnerabilities and generates audit reports.
+ * 偵測已知漏洞並產生稽核報告。
+ *
+ * @module @panguard-ai/security-hardening/scanner/vulnerability-scanner
+ */
+import type { SecurityPolicy, SecurityAuditReport } from '../types.js';
+/**
+ * Run a complete security audit
+ * 執行完整安全稽核
+ *
+ * Scans for known vulnerabilities and generates a report with risk score.
+ * 掃描已知漏洞並產生含風險評分的報告。
+ *
+ * @param policy - Current security policy (defaults to DEFAULT_SECURITY_POLICY) / 目前的安全政策
+ * @returns Security audit report / 安全稽核報告
+ */
+export declare function runSecurityAudit(policy?: SecurityPolicy): SecurityAuditReport;
+//# sourceMappingURL=vulnerability-scanner.d.ts.map

package/dist/scanner/vulnerability-scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vulnerability-scanner.d.ts","sourceRoot":"","sources":["../../src/scanner/vulnerability-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAwB,mBAAmB,EAAE,MAAM,aAAa,CAAC;AA2G7F;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAC9B,MAAM,GAAE,cAAwC,GAC/C,mBAAmB,CAmCrB"}

package/dist/scanner/vulnerability-scanner.js

@@ -0,0 +1,138 @@
+/**
+ * Security vulnerability scanner
+ * 安全漏洞掃描器
+ *
+ * Detects known vulnerabilities and generates audit reports.
+ * 偵測已知漏洞並產生稽核報告。
+ *
+ * @module @panguard-ai/security-hardening/scanner/vulnerability-scanner
+ */
+import { createLogger } from '@panguard-ai/core';
+import { DEFAULT_SECURITY_POLICY } from '../permissions/security-policy.js';
+import { scanPlaintextCredentials } from '../credentials/migration.js';
+const logger = createLogger('scanner:vulnerability');
+const HARDENING_VERSION = '0.1.0';
+/** Severity weights for risk score calculation / 嚴重程度權重用於風險評分計算 */
+const SEVERITY_WEIGHTS = {
+    info: 0,
+    low: 10,
+    medium: 25,
+    high: 50,
+    critical: 100,
+};
+/**
+ * Check CVE-2026-25253: WebSocket authentication bypass
+ * 檢查 CVE-2026-25253：WebSocket 認證繞過
+ */
+function checkWebSocketAuth(policy) {
+    const hasCsrf = policy.requireCsrfToken;
+    const hasOriginCheck = policy.allowedOrigins.length > 0;
+    const fixed = hasCsrf && hasOriginCheck;
+    return {
+        id: 'CVE-2026-25253',
+        severity: fixed ? 'info' : 'high',
+        title: 'WebSocket Cross-Site Authentication Hijacking / WebSocket 跨站認證劫持',
+        description: fixed
+            ? 'CSRF token and Origin validation are enabled. / CSRF token 和 Origin 驗證已啟用。'
+            : 'WebSocket connections lack CSRF protection and/or Origin validation. / WebSocket 連線缺少 CSRF 保護和/或 Origin 驗證。',
+        component: 'WebSocket Gateway',
+        remediation: 'Enable requireCsrfToken and configure allowedOrigins in security policy. / 在安全政策中啟用 requireCsrfToken 並配置 allowedOrigins。',
+        fixed,
+    };
+}
+/**
+ * Check for plaintext credential storage
+ * 檢查明文憑證儲存
+ */
+function checkCredentialStorage() {
+    const plaintext = scanPlaintextCredentials();
+    const fixed = plaintext.length === 0;
+    return {
+        id: 'OCL-SEC-001',
+        severity: fixed ? 'info' : 'high',
+        title: 'Plaintext Credential Storage / 明文憑證儲存',
+        description: fixed
+            ? 'No plaintext credentials detected. / 未偵測到明文憑證。'
+            : `Found ${plaintext.length} plaintext credential file(s). / 發現 ${plaintext.length} 個明文憑證檔案。`,
+        component: 'Credential Storage',
+        remediation: 'Use EncryptedFileCredentialStore and run credential migration. / 使用 EncryptedFileCredentialStore 並執行憑證遷移。',
+        fixed,
+    };
+}
+/**
+ * Check Skill sandbox configuration
+ * 檢查 Skill 沙盒配置
+ */
+function checkSkillSandbox(policy) {
+    const hasFilesystemRestriction = policy.allowedDirectories.length > 0;
+    const hasCommandRestriction = policy.allowedCommands.length > 0;
+    const noShell = !policy.allowShellAccess;
+    const fixed = noShell && (hasFilesystemRestriction || hasCommandRestriction);
+    return {
+        id: 'OCL-SEC-002',
+        severity: fixed ? 'info' : 'medium',
+        title: 'Unrestricted Skill Permissions / 無限制的 Skill 權限',
+        description: fixed
+            ? 'Skill sandbox is properly configured. / Skill 沙盒已正確配置。'
+            : 'Skills may have unrestricted filesystem and/or command execution access. / Skills 可能有無限制的檔案系統和/或命令執行存取。',
+        component: 'Skill Sandbox',
+        remediation: 'Set allowShellAccess=false and configure allowedDirectories/allowedCommands. / 設定 allowShellAccess=false 並配置 allowedDirectories/allowedCommands。',
+        fixed,
+    };
+}
+/**
+ * Check audit logging configuration
+ * 檢查稽核日誌配置
+ */
+function checkAuditLogging(policy) {
+    const fixed = policy.enableAuditLog;
+    return {
+        id: 'OCL-SEC-003',
+        severity: fixed ? 'info' : 'low',
+        title: 'Audit Logging Disabled / 稽核日誌停用',
+        description: fixed
+            ? 'Audit logging is enabled. / 稽核日誌已啟用。'
+            : 'Security operations are not being audited. / 安全操作未被稽核。',
+        component: 'Audit System',
+        remediation: 'Set enableAuditLog=true in security policy. / 在安全政策中設定 enableAuditLog=true。',
+        fixed,
+    };
+}
+/**
+ * Run a complete security audit
+ * 執行完整安全稽核
+ *
+ * Scans for known vulnerabilities and generates a report with risk score.
+ * 掃描已知漏洞並產生含風險評分的報告。
+ *
+ * @param policy - Current security policy (defaults to DEFAULT_SECURITY_POLICY) / 目前的安全政策
+ * @returns Security audit report / 安全稽核報告
+ */
+export function runSecurityAudit(policy = DEFAULT_SECURITY_POLICY) {
+    logger.info('Starting security audit');
+    const findings = [
+        checkWebSocketAuth(policy),
+        checkCredentialStorage(),
+        checkSkillSandbox(policy),
+        checkAuditLogging(policy),
+    ];
+    // Calculate risk score: sum of unfixed severity weights, capped at 100
+    const riskScore = Math.min(100, findings
+        .filter((f) => !f.fixed)
+        .reduce((sum, f) => sum + (SEVERITY_WEIGHTS[f.severity] ?? 0), 0));
+    const recommendations = findings.filter((f) => !f.fixed).map((f) => f.remediation);
+    const report = {
+        timestamp: new Date().toISOString(),
+        version: HARDENING_VERSION,
+        findings,
+        riskScore,
+        recommendations,
+    };
+    logger.info('Security audit complete', {
+        totalFindings: findings.length,
+        unfixed: findings.filter((f) => !f.fixed).length,
+        riskScore,
+    });
+    return report;
+}
+//# sourceMappingURL=vulnerability-scanner.js.map

package/dist/scanner/vulnerability-scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vulnerability-scanner.js","sourceRoot":"","sources":["../../src/scanner/vulnerability-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AAC5E,OAAO,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AAEvE,MAAM,MAAM,GAAG,YAAY,CAAC,uBAAuB,CAAC,CAAC;AAErD,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAElC,mEAAmE;AACnE,MAAM,gBAAgB,GAA2B;IAC/C,IAAI,EAAE,CAAC;IACP,GAAG,EAAE,EAAE;IACP,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;IACR,QAAQ,EAAE,GAAG;CACd,CAAC;AAEF;;;GAGG;AACH,SAAS,kBAAkB,CAAC,MAAsB;IAChD,MAAM,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC;IACxC,MAAM,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC;IACxD,MAAM,KAAK,GAAG,OAAO,IAAI,cAAc,CAAC;IAExC,OAAO;QACL,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;QACjC,KAAK,EAAE,kEAAkE;QACzE,WAAW,EAAE,KAAK;YAChB,CAAC,CAAC,4EAA4E;YAC9E,CAAC,CAAC,6GAA6G;QACjH,SAAS,EAAE,mBAAmB;QAC9B,WAAW,EACT,0HAA0H;QAC5H,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,sBAAsB;IAC7B,MAAM,SAAS,GAAG,wBAAwB,EAAE,CAAC;IAC7C,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,KAAK,CAAC,CAAC;IAErC,OAAO;QACL,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;QACjC,KAAK,EAAE,uCAAuC;QAC9C,WAAW,EAAE,KAAK;YAChB,CAAC,CAAC,gDAAgD;YAClD,CAAC,CAAC,SAAS,SAAS,CAAC,MAAM,uCAAuC,SAAS,CAAC,MAAM,WAAW;QAC/F,SAAS,EAAE,oBAAoB;QAC/B,WAAW,EACT,2GAA2G;QAC7G,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,MAAsB;IAC/C,MAAM,wBAAwB,GAAG,MAAM,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC;IACtE,MAAM,qBAAqB,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC;IAChE,MAAM,OAAO,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC;IACzC,MAAM,KAAK,GAAG,OAAO,IAAI,CAAC,wBAAwB,IAAI,qBAAqB,CAAC,CAAC;IAE7E,OAAO;QACL,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;QACnC,KAAK,EAAE,gDAAgD;QACvD,WAAW,EAAE,KAAK;YAChB,CAAC,CAAC,wDAAwD;YAC1D,CAAC,CAAC,yGAAyG;QAC7G,SAAS,EAAE,eAAe;QAC1B,WAAW,EACT,kJAAkJ;QACpJ,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,iBAAiB,CAAC,MAAsB;IAC/C,MAAM,KAAK,GAAG,MAAM,CAAC,cAAc,CAAC;IAEpC,OAAO;QACL,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK;QAChC,KAAK,EAAE,iCAAiC;QACxC,WAAW,EAAE,KAAK;YAChB,CAAC,CAAC,sCAAsC;YACxC,CAAC,CAAC,wDAAwD;QAC5D,SAAS,EAAE,cAAc;QACzB,WAAW,EACT,6EAA6E;QAC/E,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAC9B,SAAyB,uBAAuB;IAEhD,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IAEvC,MAAM,QAAQ,GAA2B;QACvC,kBAAkB,CAAC,MAAM,CAAC;QAC1B,sBAAsB,EAAE;QACxB,iBAAiB,CAAC,MAAM,CAAC;QACzB,iBAAiB,CAAC,MAAM,CAAC;KAC1B,CAAC;IAEF,uEAAuE;IACvE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CACxB,GAAG,EACH,QAAQ;SACL,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;SACvB,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CACpE,CAAC;IAEF,MAAM,eAAe,GAAa,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;IAE7F,MAAM,MAAM,GAAwB;QAClC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,iBAAiB;QAC1B,QAAQ;QACR,SAAS;QACT,eAAe;KAChB,CAAC;IAEF,MAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;QACrC,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM;QAChD,SAAS;KACV,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,143 @@
+/**
+ * Security hardening type definitions
+ * 安全強化類型定義
+ *
+ * @module @panguard-ai/security-hardening/types
+ */
+import type { Severity } from '@panguard-ai/core';
+/**
+ * Security policy configuration
+ * 安全政策配置
+ */
+export interface SecurityPolicy {
+    /** Enable shell access / 啟用 shell 存取 */
+    allowShellAccess: boolean;
+    /** Allowed filesystem directories / 允許的檔案系統目錄 */
+    allowedDirectories: string[];
+    /** Allowed commands for sandbox / 沙盒允許的命令 */
+    allowedCommands: string[];
+    /** Require CSRF tokens for WebSocket / WebSocket 要求 CSRF token */
+    requireCsrfToken: boolean;
+    /** Allowed WebSocket origins / 允許的 WebSocket 來源 */
+    allowedOrigins: string[];
+    /** Enable audit logging / 啟用稽核日誌 */
+    enableAuditLog: boolean;
+    /** Syslog server address (optional) / Syslog 伺服器位址（可選） */
+    syslogServer?: string;
+    /** Syslog server port (optional) / Syslog 伺服器連接埠（可選） */
+    syslogPort?: number;
+}
+/**
+ * CSRF token data
+ * CSRF token 資料
+ */
+export interface CsrfToken {
+    /** Token value / Token 值 */
+    token: string;
+    /** Session ID / 會話 ID */
+    sessionId: string;
+    /** Expiration timestamp / 過期時間戳 */
+    expiresAt: Date;
+    /** Creation timestamp / 建立時間戳 */
+    createdAt: Date;
+}
+/**
+ * Origin validation configuration
+ * Origin 驗證配置
+ */
+export interface OriginConfig {
+    /** Explicitly allowed origins / 明確允許的 origins */
+    allowedOrigins: string[];
+    /** Allow localhost connections / 允許本機連線 */
+    allowLocalhost: boolean;
+}
+/**
+ * Audit event action types
+ * 稽核事件操作類型
+ */
+export type AuditAction = 'websocket_connect' | 'credential_access' | 'credential_migrate' | 'file_access' | 'command_execution' | 'policy_check' | 'security_scan';
+/**
+ * Audit event for security operations
+ * 安全操作的稽核事件
+ */
+export interface AuditEvent {
+    /** ISO timestamp / ISO 時間戳 */
+    timestamp: string;
+    /** Log level / 日誌等級 */
+    level: 'info' | 'warn' | 'error';
+    /** Action type / 操作類型 */
+    action: AuditAction;
+    /** Target resource / 目標資源 */
+    target: string;
+    /** Operation result / 操作結果 */
+    result: 'success' | 'failure' | 'blocked';
+    /** Module name / 模組名稱 */
+    module: string;
+    /** Additional context / 額外上下文 */
+    context?: Record<string, unknown>;
+}
+/**
+ * Credential store interface
+ * 憑證儲存介面
+ */
+export interface CredentialStore {
+    /** Get credential / 取得憑證 */
+    get(service: string, account: string): Promise<string | null>;
+    /** Set credential / 設定憑證 */
+    set(service: string, account: string, password: string): Promise<void>;
+    /** Delete credential / 刪除憑證 */
+    delete(service: string, account: string): Promise<boolean>;
+    /** List accounts for a service / 列出服務的帳號 */
+    list(service: string): Promise<string[]>;
+}
+/**
+ * Vulnerability finding from security audit
+ * 安全稽核的漏洞發現
+ */
+export interface VulnerabilityFinding {
+    /** CVE or internal identifier / CVE 或內部識別碼 */
+    id: string;
+    /** Severity level / 嚴重程度 */
+    severity: Severity;
+    /** Vulnerability title / 漏洞標題 */
+    title: string;
+    /** Description / 描述 */
+    description: string;
+    /** Affected component / 受影響的元件 */
+    component: string;
+    /** Remediation steps / 修復步驟 */
+    remediation: string;
+    /** Is fixed / 是否已修復 */
+    fixed: boolean;
+}
+/**
+ * Security audit report
+ * 安全稽核報告
+ */
+export interface SecurityAuditReport {
+    /** Scan timestamp / 掃描時間戳 */
+    timestamp: string;
+    /** Security hardening version / 安全強化版本 */
+    version: string;
+    /** Vulnerability findings / 漏洞發現 */
+    findings: VulnerabilityFinding[];
+    /** Overall risk score (0-100) / 整體風險評分（0-100） */
+    riskScore: number;
+    /** Recommendations / 建議 */
+    recommendations: string[];
+}
+/**
+ * Migration report for credential migration
+ * 憑證遷移報告
+ */
+export interface MigrationReport {
+    /** Number of credentials scanned / 掃描的憑證數量 */
+    scanned: number;
+    /** Number of credentials migrated / 已遷移的憑證數量 */
+    migrated: number;
+    /** Number of failed migrations / 遷移失敗的數量 */
+    failed: number;
+    /** Error messages / 錯誤訊息 */
+    errors: string[];
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAElD;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,wCAAwC;IACxC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,iDAAiD;IACjD,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,6CAA6C;IAC7C,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,kEAAkE;IAClE,gBAAgB,EAAE,OAAO,CAAC;IAC1B,mDAAmD;IACnD,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,oCAAoC;IACpC,cAAc,EAAE,OAAO,CAAC;IACxB,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,wDAAwD;IACxD,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,4BAA4B;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,yBAAyB;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,mCAAmC;IACnC,SAAS,EAAE,IAAI,CAAC;IAChB,iCAAiC;IACjC,SAAS,EAAE,IAAI,CAAC;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,iDAAiD;IACjD,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,2CAA2C;IAC3C,cAAc,EAAE,OAAO,CAAC;CACzB;AAED;;;GAGG;AACH,MAAM,MAAM,WAAW,GACnB,mBAAmB,GACnB,mBAAmB,GACnB,oBAAoB,GACpB,aAAa,GACb,mBAAmB,GACnB,cAAc,GACd,eAAe,CAAC;AAEpB;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,8BAA8B;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,uBAAuB;IACvB,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IACjC,yBAAyB;IACzB,MAAM,EAAE,WAAW,CAAC;IACpB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,8BAA8B;IAC9B,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;IAC1C,yBAAyB;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,iCAAiC;IACjC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,4BAA4B;IAC5B,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAC9D,4BAA4B;IAC5B,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACvE,+BAA+B;IAC/B,MAAM,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC3D,4CAA4C;IAC5C,IAAI,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;CAC1C;AAED;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,8CAA8C;IAC9C,EAAE,EAAE,MAAM,CAAC;IACX,4BAA4B;IAC5B,QAAQ,EAAE,QAAQ,CAAC;IACnB,iCAAiC;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,+BAA+B;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,uBAAuB;IACvB,KAAK,EAAE,OAAO,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,mBAAmB;IAClC,6BAA6B;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,0CAA0C;IAC1C,OAAO,EAAE,MAAM,CAAC;IAChB,oCAAoC;IACpC,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IACjC,iDAAiD;IACjD,SAAS,EAAE,MAAM,CAAC;IAClB,2BAA2B;IAC3B,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,8CAA8C;IAC9C,OAAO,EAAE,MAAM,CAAC;IAChB,gDAAgD;IAChD,QAAQ,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,MAAM,EAAE,MAAM,CAAC;IACf,4BAA4B;IAC5B,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB"}

package/dist/types.js

@@ -0,0 +1,8 @@
+/**
+ * Security hardening type definitions
+ * 安全強化類型定義
+ *
+ * @module @panguard-ai/security-hardening/types
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG"}

package/dist/websocket/connection-validator.d.ts

@@ -0,0 +1,35 @@
+/**
+ * WebSocket connection validation
+ * WebSocket 連線驗證
+ *
+ * Prevents auto-connection to untrusted external URLs (CVE-2026-25253).
+ * 防止自動連線到不受信任的外部 URL（CVE-2026-25253）。
+ *
+ * @module @panguard-ai/security-hardening/websocket/connection-validator
+ */
+/**
+ * Validate a gatewayUrl query parameter
+ * 驗證 gatewayUrl 查詢參數
+ *
+ * Prevents automatic connection to external WebSocket URLs.
+ * Localhost URLs are always allowed; external URLs require explicit confirmation.
+ * 防止自動連線到外部 WebSocket URL。
+ * 本機 URL 始終允許；外部 URL 需要明確確認。
+ *
+ * @param gatewayUrl - Gateway URL from query parameter / 來自查詢參數的 Gateway URL
+ * @param confirmCallback - Optional callback to request user confirmation / 可選的使用者確認回呼
+ * @returns true if connection is allowed / 連線被允許則回傳 true
+ */
+export declare function validateGatewayUrl(gatewayUrl: string | undefined, confirmCallback?: (url: string) => Promise<boolean>): Promise<boolean>;
+/**
+ * Sanitize a WebSocket URL
+ * 清理 WebSocket URL
+ *
+ * Only allows ws:// and wss:// protocols, strips credentials.
+ * 僅允許 ws:// 和 wss:// 協定，移除憑證。
+ *
+ * @param url - Raw URL / 原始 URL
+ * @returns Sanitized URL or null if invalid / 清理後的 URL，無效則為 null
+ */
+export declare function sanitizeWebSocketUrl(url: string): string | null;
+//# sourceMappingURL=connection-validator.d.ts.map

package/dist/websocket/connection-validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection-validator.d.ts","sourceRoot":"","sources":["../../src/websocket/connection-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAiBH;;;;;;;;;;;;GAYG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,GAAG,SAAS,EAC9B,eAAe,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,GAClD,OAAO,CAAC,OAAO,CAAC,CAkClB;AAED;;;;;;;;;GASG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAiB/D"}

package/dist/websocket/connection-validator.js

@@ -0,0 +1,93 @@
+/**
+ * WebSocket connection validation
+ * WebSocket 連線驗證
+ *
+ * Prevents auto-connection to untrusted external URLs (CVE-2026-25253).
+ * 防止自動連線到不受信任的外部 URL（CVE-2026-25253）。
+ *
+ * @module @panguard-ai/security-hardening/websocket/connection-validator
+ */
+import { createLogger } from '@panguard-ai/core';
+const logger = createLogger('websocket:connection-validator');
+/**
+ * Check if a URL is a localhost address
+ * 檢查 URL 是否為本機位址
+ *
+ * @param url - URL to check / 要檢查的 URL
+ * @returns true if localhost / 為本機則回傳 true
+ */
+function isLocalhostUrl(url) {
+    return url.hostname === 'localhost' || url.hostname === '127.0.0.1' || url.hostname === '::1';
+}
+/**
+ * Validate a gatewayUrl query parameter
+ * 驗證 gatewayUrl 查詢參數
+ *
+ * Prevents automatic connection to external WebSocket URLs.
+ * Localhost URLs are always allowed; external URLs require explicit confirmation.
+ * 防止自動連線到外部 WebSocket URL。
+ * 本機 URL 始終允許；外部 URL 需要明確確認。
+ *
+ * @param gatewayUrl - Gateway URL from query parameter / 來自查詢參數的 Gateway URL
+ * @param confirmCallback - Optional callback to request user confirmation / 可選的使用者確認回呼
+ * @returns true if connection is allowed / 連線被允許則回傳 true
+ */
+export async function validateGatewayUrl(gatewayUrl, confirmCallback) {
+    if (!gatewayUrl) {
+        return true; // No URL = use default, always OK
+    }
+    let parsed;
+    try {
+        parsed = new URL(gatewayUrl);
+    }
+    catch {
+        logger.error('Invalid gateway URL format rejected', { gatewayUrl });
+        return false;
+    }
+    if (isLocalhostUrl(parsed)) {
+        logger.info('Localhost gateway URL allowed', { gatewayUrl });
+        return true;
+    }
+    // External URL detected
+    logger.warn('External gateway URL detected', { gatewayUrl });
+    if (confirmCallback) {
+        const confirmed = await confirmCallback(gatewayUrl);
+        if (confirmed) {
+            logger.info('User confirmed external gateway connection', { gatewayUrl });
+            return true;
+        }
+        logger.warn('User rejected external gateway connection', { gatewayUrl });
+        return false;
+    }
+    // No confirmation mechanism - block by default
+    logger.error('External gateway URL blocked (no confirmation mechanism)', { gatewayUrl });
+    return false;
+}
+/**
+ * Sanitize a WebSocket URL
+ * 清理 WebSocket URL
+ *
+ * Only allows ws:// and wss:// protocols, strips credentials.
+ * 僅允許 ws:// 和 wss:// 協定，移除憑證。
+ *
+ * @param url - Raw URL / 原始 URL
+ * @returns Sanitized URL or null if invalid / 清理後的 URL，無效則為 null
+ */
+export function sanitizeWebSocketUrl(url) {
+    let parsed;
+    try {
+        parsed = new URL(url);
+    }
+    catch {
+        logger.error('Failed to parse WebSocket URL', { url });
+        return null;
+    }
+    if (parsed.protocol !== 'ws:' && parsed.protocol !== 'wss:') {
+        logger.warn('Invalid WebSocket protocol rejected', { url, protocol: parsed.protocol });
+        return null;
+    }
+    // Reconstruct without credentials
+    const sanitized = `${parsed.protocol}//${parsed.host}${parsed.pathname}`;
+    return sanitized;
+}
+//# sourceMappingURL=connection-validator.js.map

package/dist/websocket/connection-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"connection-validator.js","sourceRoot":"","sources":["../../src/websocket/connection-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,MAAM,MAAM,GAAG,YAAY,CAAC,gCAAgC,CAAC,CAAC;AAE9D;;;;;;GAMG;AACH,SAAS,cAAc,CAAC,GAAQ;IAC9B,OAAO,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,IAAI,GAAG,CAAC,QAAQ,KAAK,KAAK,CAAC;AAChG,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,UAA8B,EAC9B,eAAmD;IAEnD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC,CAAC,kCAAkC;IACjD,CAAC;IAED,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;QACpE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,wBAAwB;IACxB,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;IAE7D,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC,UAAU,CAAC,CAAC;QACpD,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;QACzE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,+CAA+C;IAC/C,MAAM,CAAC,KAAK,CAAC,0DAA0D,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;IACzF,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,oBAAoB,CAAC,GAAW;IAC9C,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,KAAK,KAAK,IAAI,MAAM,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;QAC5D,MAAM,CAAC,IAAI,CAAC,qCAAqC,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QACvF,OAAO,IAAI,CAAC;IACd,CAAC;IAED,kCAAkC;IAClC,MAAM,SAAS,GAAG,GAAG,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,IAAI,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;IACzE,OAAO,SAAS,CAAC;AACnB,CAAC"}