@pensar/apex 0.0.111 → 0.0.112

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/README.md +2 -3
  2. package/bin/pensar.js +31 -276
  3. package/build/agent-5qdmmchx.js +206 -0
  4. package/build/agent-s2z0dasf.js +16 -0
  5. package/build/auth-jvq72ekc.js +263 -0
  6. package/build/authentication-nya4td5k.js +310 -0
  7. package/build/blackboxAgent-qa9ze2hn.js +17 -0
  8. package/build/blackboxPentest-85hwznet.js +41 -0
  9. package/build/cli-15vxn9zj.js +1358 -0
  10. package/build/cli-2ckm5es2.js +50 -0
  11. package/build/cli-49cd9yfk.js +4475 -0
  12. package/build/cli-5d6cs4dq.js +53 -0
  13. package/build/cli-6gtnyaqf.js +109 -0
  14. package/build/cli-7ckctq7a.js +45 -0
  15. package/build/cli-8rxa073f.js +104 -0
  16. package/build/cli-bp6d08sg.js +110 -0
  17. package/build/cli-e20q3hqz.js +307 -0
  18. package/build/cli-f9shhcxf.js +1498 -0
  19. package/build/cli-hmrzx8am.js +507 -0
  20. package/build/cli-j66pect7.js +202 -0
  21. package/build/cli-jb0gcnrs.js +60 -0
  22. package/build/cli-jh38b6zv.js +1074 -0
  23. package/build/cli-kqtgcdzn.js +54784 -0
  24. package/build/cli-r8r90gka.js +96700 -0
  25. package/build/cli-va4y0089.js +395 -0
  26. package/build/cli-w04ggbe4.js +104 -0
  27. package/build/cli-x1msjf55.js +103 -0
  28. package/build/cli-yj3dy0vg.js +180 -0
  29. package/build/cli.js +509 -0
  30. package/build/doctor-b7612pzw.js +117 -0
  31. package/build/fixes-1r6v7kh2.js +49 -0
  32. package/build/index-5ke2yd32.js +17 -0
  33. package/build/index-9ze42wn7.js +68412 -0
  34. package/build/index-rd11fk7h.js +1257 -0
  35. package/build/index-tke6896d.js +1097 -0
  36. package/build/index-vwvh1rdw.js +535 -0
  37. package/build/issues-kx721wja.js +94 -0
  38. package/build/logs-hav7d0nm.js +77 -0
  39. package/build/main-2483qzbq.js +397 -0
  40. package/build/multipart-parser-r38qdp5v.js +350 -0
  41. package/build/pentest-zzebnfa0.js +25 -0
  42. package/build/pentests-s9fwd71b.js +70 -0
  43. package/build/projects-tr719twv.js +35 -0
  44. package/build/targetedPentest-w2c85whf.js +32 -0
  45. package/build/token-6x6aavpc.js +58 -0
  46. package/build/token-util-na95bqjj.js +6 -0
  47. package/build/uninstall-2j0pymb0.js +231 -0
  48. package/build/utils-jky0th19.js +107 -0
  49. package/package.json +3 -4
  50. package/build/auth.js +0 -625
  51. package/build/highlights-eq9cgrbb.scm +0 -604
  52. package/build/highlights-ghv9g403.scm +0 -205
  53. package/build/highlights-hk7bwhj4.scm +0 -284
  54. package/build/highlights-r812a2qc.scm +0 -150
  55. package/build/highlights-x6tmsnaa.scm +0 -115
  56. package/build/index.js +0 -292069
  57. package/build/injections-73j83es3.scm +0 -27
  58. package/build/tree-sitter-javascript-nd0q4pe9.wasm +0 -0
  59. package/build/tree-sitter-markdown-411r6y9b.wasm +0 -0
  60. package/build/tree-sitter-markdown_inline-j5349f42.wasm +0 -0
  61. package/build/tree-sitter-typescript-zxjzwt75.wasm +0 -0
  62. package/build/tree-sitter-zig-e78zbjpm.wasm +0 -0
  63. package/src/core/installation/index.ts +0 -223
  64. package/src/core/installation/installation.test.ts +0 -454
package/build/cli-2ckm5es2.js ADDED
@@ -0,0 +1,50 @@
1
+ import {
2
+ exports_external,
3
+ init_zod
4
+ } from "./cli-kqtgcdzn.js";
5
+
6
+ // src/core/agents/specialized/whiteboxAttackSurface/types.ts
7
+ init_zod();
8
+ var RiskScoreBreakdownSchema = exports_external.object({
9
+ exposure: exports_external.number().min(0).max(3).describe("Exposure Level (0-3): 3=Public no auth, 2=Standard user login, 1=Privileged/admin access, 0=Private/internal-only"),
10
+ dataSensitivity: exports_external.number().min(0).max(3).describe("Data Sensitivity (0-3): 3=PII/PHI/financial/passwords/tokens, 2=Business operations/configs, 1=Low-value user data, 0=No meaningful data"),
11
+ functionCriticality: exports_external.number().min(0).max(2).describe("Function Criticality (0-2): 2=Auth flows/payments/state-changing mutations, 1=Core product functionality, 0=Non-critical content"),
12
+ securityIndicators: exports_external.number().min(0).max(2).describe("Security Indicators (0-2): 2=Critical vuln patterns (SQLi, command injection, hardcoded secrets), 1=Moderate concerns (missing validation, weak error handling), 0=No obvious issues")
13
+ });
14
+ var RiskScoreSchema = exports_external.object({
15
+ score: exports_external.number().min(0).max(10).describe("Total risk score (0-10)"),
16
+ explanation: exports_external.string().describe("Justification for the risk score"),
17
+ breakdown: RiskScoreBreakdownSchema
18
+ });
19
+ var EndpointSchema = exports_external.object({
20
+ method: exports_external.string().describe("HTTP method (GET, POST, PUT, DELETE, etc.) or 'PAGE' for web pages"),
21
+ path: exports_external.string().describe("Route path (e.g. /api/users/:id, /dashboard)"),
22
+ handler: exports_external.string().optional().describe("Handler function or component name, if identifiable"),
23
+ file: exports_external.string().describe("File where this endpoint is defined"),
24
+ line: exports_external.number().optional().describe("Line number in the file"),
25
+ authRequired: exports_external.boolean().optional().describe("Whether this endpoint appears to require authentication"),
26
+ description: exports_external.string().optional().describe("Brief description of what this endpoint does"),
27
+ pentestObjectives: exports_external.array(exports_external.string()).describe("Specific pentest objectives for this endpoint (e.g. 'Test for IDOR by enumerating user IDs', 'Test for SQL injection in search parameter')"),
28
+ riskScore: RiskScoreSchema.optional().describe("AI-calculated risk score for prioritizing pentest efforts")
29
+ });
30
+ var AppSchema = exports_external.object({
31
+ name: exports_external.string().describe("Application or service name"),
32
+ framework: exports_external.string().describe("Framework in use (e.g. Express, Next.js, Django, FastAPI, Rails)"),
33
+ description: exports_external.string().describe("Brief description of what this app does"),
34
+ location: exports_external.string().describe("Path to the app root relative to the repository root"),
35
+ pages: exports_external.array(EndpointSchema).describe("Web pages / views defined in this app"),
36
+ apiEndpoints: exports_external.array(EndpointSchema).describe("API endpoints defined in this app")
37
+ });
38
+ var WhiteboxAttackSurfaceResultSchema = exports_external.object({
39
+ repoType: exports_external.string().describe("Repository structure type (e.g. 'monorepo', 'single-app', 'multi-package')"),
40
+ packageManager: exports_external.string().describe("Package manager detected (e.g. npm, yarn, pnpm, pip, cargo, go modules)"),
41
+ apps: exports_external.array(AppSchema).describe("All applications discovered in the repository"),
42
+ summary: exports_external.object({
43
+ totalApps: exports_external.number(),
44
+ totalPages: exports_external.number(),
45
+ totalApiEndpoints: exports_external.number(),
46
+ totalPentestObjectives: exports_external.number()
47
+ })
48
+ });
49
+
50
+ export { EndpointSchema, WhiteboxAttackSurfaceResultSchema };