@pensar/apex 2.0.2-canary.1de5ff5b → 2.0.2-canary.3ed513a3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/{agent-0xj95pts.js → agent-d5j5r87f.js} +9 -9
- package/build/{agent-e7a8ecyn.js → agent-y8bhyea9.js} +7 -7
- package/build/agent-ypmxjw2p.js +19 -0
- package/build/{apps-p91cynx1.js → apps-dwcwrkn5.js} +15 -15
- package/build/{auth-snffaqnn.js → auth-m52cgpqf.js} +15 -15
- package/build/authentication-bcn4sv0c.js +19 -0
- package/build/blackboxAgent-thcq84k0.js +19 -0
- package/build/{blackboxPentest-2v0856w0.js → blackboxPentest-840p7bdj.js} +13 -13
- package/build/{cli-zgpj2mv1.js → cli-0a0azzew.js} +1 -1
- package/build/{cli-cbhsy5x3.js → cli-3tndns95.js} +3 -3
- package/build/{cli-wgqxjhky.js → cli-3wqq193x.js} +2 -2
- package/build/{cli-hkegr688.js → cli-4fvrwqjf.js} +1 -1
- package/build/{cli-jzkfbrnx.js → cli-6d24kmnb.js} +7 -7
- package/build/{cli-d5vz4kyn.js → cli-6hg8ey3k.js} +45 -39
- package/build/{cli-p4aht9hv.js → cli-7v8rrnff.js} +1 -1
- package/build/{cli-r9v48v8g.js → cli-a846tejv.js} +3 -3
- package/build/{cli-pevzp7nj.js → cli-f7yrqk91.js} +4 -4
- package/build/{cli-bxtz3bdv.js → cli-h9b8yg5m.js} +4 -4
- package/build/{cli-mep0ck1r.js → cli-hdsasmp6.js} +2 -2
- package/build/{cli-4x7k2s16.js → cli-ndysf75h.js} +1 -1
- package/build/{cli-5c0rvt4t.js → cli-sct7x6vb.js} +2 -2
- package/build/{cli-bcd6032f.js → cli-stkc18a7.js} +1 -1
- package/build/{cli-kn9tst6t.js → cli-z198wvtq.js} +1 -1
- package/build/{cli-w55v1bht.js → cli-zv890tvv.js} +1 -1
- package/build/cli.js +33 -33
- package/build/{config-rb760dgz.js → config-n2vz49fz.js} +3 -3
- package/build/{doctor-2m2xy88h.js → doctor-j8sqh5y5.js} +6 -6
- package/build/{fixes-y8qx2ps5.js → fixes-mkbnycf1.js} +15 -15
- package/build/{index-cwtb1k9c.js → index-2weqq1tv.js} +2 -2
- package/build/{index-pkq9jjgj.js → index-4tqxjke5.js} +6 -6
- package/build/{index-cnd7y4g5.js → index-b568hk1e.js} +4 -4
- package/build/{index-jhrbdyka.js → index-c0fmzbd2.js} +3 -3
- package/build/{index-5eb4pewb.js → index-cf6dc9s6.js} +17 -17
- package/build/{index-n04xcmzx.js → index-kzxbdchp.js} +9 -9
- package/build/{index-27fhky9b.js → index-xwch0gcm.js} +8 -8
- package/build/{issues-hzqc762k.js → issues-eqwwk3y8.js} +15 -15
- package/build/{logs-wmqhnyfa.js → logs-9grxbmqa.js} +15 -15
- package/build/{offesecAgent-6m7300st.js → offesecAgent-jh75vkda.js} +8 -8
- package/build/pentest-v60wwr25.js +28 -0
- package/build/{pentests-y3gqyam1.js → pentests-asxxrdak.js} +15 -15
- package/build/{targetedPentest-yrs8xwvg.js → targetedPentest-xgh10pz1.js} +9 -9
- package/build/{targets-439kemyk.js → targets-7g1k7482.js} +15 -15
- package/build/threatModel-t61kd8vg.js +26 -0
- package/build/{uninstall-p8d3kg6p.js → uninstall-xsp4pwq7.js} +1 -1
- package/build/{upload-5e7pkj1n.js → upload-05ds3hry.js} +6 -6
- package/build/{utils-amj862q8.js → utils-smyv8hg5.js} +5 -5
- package/package.json +1 -1
- package/build/agent-tcrb50te.js +0 -19
- package/build/authentication-8q9a1cpf.js +0 -19
- package/build/blackboxAgent-mwbcawfn.js +0 -19
- package/build/pentest-8b0ttsjk.js +0 -28
- package/build/threatModel-zr6dmn2t.js +0 -26
|
@@ -3,19 +3,19 @@ import {
|
|
|
3
3
|
buildPentestActiveTools,
|
|
4
4
|
buildPentestPrompt,
|
|
5
5
|
buildPentestSystemPrompt
|
|
6
|
-
} from "./cli-
|
|
6
|
+
} from "./cli-sct7x6vb.js";
|
|
7
7
|
import"./cli-9fsre5pt.js";
|
|
8
|
-
import"./cli-
|
|
9
|
-
import"./cli-
|
|
10
|
-
import"./cli-
|
|
8
|
+
import"./cli-ndysf75h.js";
|
|
9
|
+
import"./cli-6hg8ey3k.js";
|
|
10
|
+
import"./cli-7v8rrnff.js";
|
|
11
11
|
import"./cli-c8131c4q.js";
|
|
12
|
-
import"./cli-
|
|
13
|
-
import"./cli-
|
|
12
|
+
import"./cli-h9b8yg5m.js";
|
|
13
|
+
import"./cli-0a0azzew.js";
|
|
14
14
|
import"./cli-f7d23ded.js";
|
|
15
15
|
import"./cli-gpnb45ck.js";
|
|
16
|
-
import"./cli-
|
|
17
|
-
import"./cli-
|
|
18
|
-
import"./cli-
|
|
16
|
+
import"./cli-z198wvtq.js";
|
|
17
|
+
import"./cli-4fvrwqjf.js";
|
|
18
|
+
import"./cli-zv890tvv.js";
|
|
19
19
|
import"./cli-8rxa073f.js";
|
|
20
20
|
export {
|
|
21
21
|
buildPentestSystemPrompt,
|
|
@@ -1,23 +1,23 @@
|
|
|
1
1
|
import {
|
|
2
2
|
OffensiveSecurityAgent
|
|
3
|
-
} from "./cli-
|
|
3
|
+
} from "./cli-6hg8ey3k.js";
|
|
4
4
|
import {
|
|
5
5
|
detectOSAndEnhancePrompt
|
|
6
|
-
} from "./cli-
|
|
6
|
+
} from "./cli-7v8rrnff.js";
|
|
7
7
|
import"./cli-c8131c4q.js";
|
|
8
8
|
import {
|
|
9
9
|
init_dist,
|
|
10
10
|
stepCountIs
|
|
11
|
-
} from "./cli-
|
|
12
|
-
import"./cli-
|
|
11
|
+
} from "./cli-h9b8yg5m.js";
|
|
12
|
+
import"./cli-0a0azzew.js";
|
|
13
13
|
import {
|
|
14
14
|
exports_external,
|
|
15
15
|
init_zod
|
|
16
16
|
} from "./cli-f7d23ded.js";
|
|
17
17
|
import"./cli-gpnb45ck.js";
|
|
18
|
-
import"./cli-
|
|
19
|
-
import"./cli-
|
|
20
|
-
import"./cli-
|
|
18
|
+
import"./cli-z198wvtq.js";
|
|
19
|
+
import"./cli-4fvrwqjf.js";
|
|
20
|
+
import"./cli-zv890tvv.js";
|
|
21
21
|
import"./cli-8rxa073f.js";
|
|
22
22
|
|
|
23
23
|
// src/core/agents/specialized/findingJudge/agent.ts
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import {
|
|
2
|
+
CodeAgent
|
|
3
|
+
} from "./cli-3wqq193x.js";
|
|
4
|
+
import"./cli-9fsre5pt.js";
|
|
5
|
+
import"./cli-ndysf75h.js";
|
|
6
|
+
import"./cli-6hg8ey3k.js";
|
|
7
|
+
import"./cli-7v8rrnff.js";
|
|
8
|
+
import"./cli-c8131c4q.js";
|
|
9
|
+
import"./cli-h9b8yg5m.js";
|
|
10
|
+
import"./cli-0a0azzew.js";
|
|
11
|
+
import"./cli-f7d23ded.js";
|
|
12
|
+
import"./cli-gpnb45ck.js";
|
|
13
|
+
import"./cli-z198wvtq.js";
|
|
14
|
+
import"./cli-4fvrwqjf.js";
|
|
15
|
+
import"./cli-zv890tvv.js";
|
|
16
|
+
import"./cli-8rxa073f.js";
|
|
17
|
+
export {
|
|
18
|
+
CodeAgent
|
|
19
|
+
};
|
|
@@ -12,26 +12,26 @@ import {
|
|
|
12
12
|
searchEndpoints,
|
|
13
13
|
updateApp,
|
|
14
14
|
updateEndpoint
|
|
15
|
-
} from "./cli-
|
|
16
|
-
import"./cli-
|
|
17
|
-
import"./cli-
|
|
18
|
-
import"./cli-
|
|
19
|
-
import"./cli-
|
|
20
|
-
import"./cli-
|
|
21
|
-
import"./cli-
|
|
15
|
+
} from "./cli-f7yrqk91.js";
|
|
16
|
+
import"./cli-6d24kmnb.js";
|
|
17
|
+
import"./cli-a846tejv.js";
|
|
18
|
+
import"./cli-sct7x6vb.js";
|
|
19
|
+
import"./cli-3tndns95.js";
|
|
20
|
+
import"./cli-3wqq193x.js";
|
|
21
|
+
import"./cli-hdsasmp6.js";
|
|
22
22
|
import"./cli-9fsre5pt.js";
|
|
23
|
-
import"./cli-
|
|
24
|
-
import"./cli-
|
|
25
|
-
import"./cli-
|
|
23
|
+
import"./cli-ndysf75h.js";
|
|
24
|
+
import"./cli-6hg8ey3k.js";
|
|
25
|
+
import"./cli-7v8rrnff.js";
|
|
26
26
|
import"./cli-fw5r7pfj.js";
|
|
27
27
|
import"./cli-c8131c4q.js";
|
|
28
|
-
import"./cli-
|
|
29
|
-
import"./cli-
|
|
28
|
+
import"./cli-h9b8yg5m.js";
|
|
29
|
+
import"./cli-0a0azzew.js";
|
|
30
30
|
import"./cli-f7d23ded.js";
|
|
31
31
|
import"./cli-gpnb45ck.js";
|
|
32
|
-
import"./cli-
|
|
33
|
-
import"./cli-
|
|
34
|
-
import"./cli-
|
|
32
|
+
import"./cli-z198wvtq.js";
|
|
33
|
+
import"./cli-4fvrwqjf.js";
|
|
34
|
+
import"./cli-zv890tvv.js";
|
|
35
35
|
import"./cli-8rxa073f.js";
|
|
36
36
|
|
|
37
37
|
// src/cli/apps.ts
|
|
@@ -1,18 +1,18 @@
|
|
|
1
1
|
#!/usr/bin/env bun
|
|
2
|
-
import"./cli-
|
|
3
|
-
import"./cli-
|
|
4
|
-
import"./cli-
|
|
5
|
-
import"./cli-
|
|
6
|
-
import"./cli-
|
|
7
|
-
import"./cli-
|
|
8
|
-
import"./cli-
|
|
2
|
+
import"./cli-f7yrqk91.js";
|
|
3
|
+
import"./cli-6d24kmnb.js";
|
|
4
|
+
import"./cli-a846tejv.js";
|
|
5
|
+
import"./cli-sct7x6vb.js";
|
|
6
|
+
import"./cli-3tndns95.js";
|
|
7
|
+
import"./cli-3wqq193x.js";
|
|
8
|
+
import"./cli-hdsasmp6.js";
|
|
9
9
|
import"./cli-9fsre5pt.js";
|
|
10
|
-
import"./cli-
|
|
11
|
-
import"./cli-
|
|
12
|
-
import"./cli-
|
|
10
|
+
import"./cli-ndysf75h.js";
|
|
11
|
+
import"./cli-6hg8ey3k.js";
|
|
12
|
+
import"./cli-7v8rrnff.js";
|
|
13
13
|
import"./cli-fw5r7pfj.js";
|
|
14
14
|
import"./cli-c8131c4q.js";
|
|
15
|
-
import"./cli-
|
|
15
|
+
import"./cli-h9b8yg5m.js";
|
|
16
16
|
import {
|
|
17
17
|
disconnect,
|
|
18
18
|
fetchWorkspaces,
|
|
@@ -25,15 +25,15 @@ import {
|
|
|
25
25
|
pollWorkOSToken,
|
|
26
26
|
selectWorkspace,
|
|
27
27
|
startDeviceFlow
|
|
28
|
-
} from "./cli-
|
|
28
|
+
} from "./cli-0a0azzew.js";
|
|
29
29
|
import"./cli-f7d23ded.js";
|
|
30
30
|
import"./cli-gpnb45ck.js";
|
|
31
31
|
import {
|
|
32
32
|
config,
|
|
33
33
|
init_config
|
|
34
|
-
} from "./cli-
|
|
35
|
-
import"./cli-
|
|
36
|
-
import"./cli-
|
|
34
|
+
} from "./cli-z198wvtq.js";
|
|
35
|
+
import"./cli-4fvrwqjf.js";
|
|
36
|
+
import"./cli-zv890tvv.js";
|
|
37
37
|
import {
|
|
38
38
|
__require
|
|
39
39
|
} from "./cli-8rxa073f.js";
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import {
|
|
2
|
+
runAuthenticationAgent
|
|
3
|
+
} from "./cli-3tndns95.js";
|
|
4
|
+
import"./cli-9fsre5pt.js";
|
|
5
|
+
import"./cli-ndysf75h.js";
|
|
6
|
+
import"./cli-6hg8ey3k.js";
|
|
7
|
+
import"./cli-7v8rrnff.js";
|
|
8
|
+
import"./cli-c8131c4q.js";
|
|
9
|
+
import"./cli-h9b8yg5m.js";
|
|
10
|
+
import"./cli-0a0azzew.js";
|
|
11
|
+
import"./cli-f7d23ded.js";
|
|
12
|
+
import"./cli-gpnb45ck.js";
|
|
13
|
+
import"./cli-z198wvtq.js";
|
|
14
|
+
import"./cli-4fvrwqjf.js";
|
|
15
|
+
import"./cli-zv890tvv.js";
|
|
16
|
+
import"./cli-8rxa073f.js";
|
|
17
|
+
export {
|
|
18
|
+
runAuthenticationAgent
|
|
19
|
+
};
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import {
|
|
2
|
+
BlackboxAttackSurfaceAgent
|
|
3
|
+
} from "./cli-a846tejv.js";
|
|
4
|
+
import"./cli-9fsre5pt.js";
|
|
5
|
+
import"./cli-ndysf75h.js";
|
|
6
|
+
import"./cli-6hg8ey3k.js";
|
|
7
|
+
import"./cli-7v8rrnff.js";
|
|
8
|
+
import"./cli-c8131c4q.js";
|
|
9
|
+
import"./cli-h9b8yg5m.js";
|
|
10
|
+
import"./cli-0a0azzew.js";
|
|
11
|
+
import"./cli-f7d23ded.js";
|
|
12
|
+
import"./cli-gpnb45ck.js";
|
|
13
|
+
import"./cli-z198wvtq.js";
|
|
14
|
+
import"./cli-4fvrwqjf.js";
|
|
15
|
+
import"./cli-zv890tvv.js";
|
|
16
|
+
import"./cli-8rxa073f.js";
|
|
17
|
+
export {
|
|
18
|
+
BlackboxAttackSurfaceAgent
|
|
19
|
+
};
|
|
@@ -1,23 +1,23 @@
|
|
|
1
1
|
import {
|
|
2
2
|
runPentestWorkflow
|
|
3
|
-
} from "./cli-
|
|
4
|
-
import"./cli-
|
|
5
|
-
import"./cli-
|
|
6
|
-
import"./cli-
|
|
7
|
-
import"./cli-
|
|
3
|
+
} from "./cli-6d24kmnb.js";
|
|
4
|
+
import"./cli-a846tejv.js";
|
|
5
|
+
import"./cli-sct7x6vb.js";
|
|
6
|
+
import"./cli-3wqq193x.js";
|
|
7
|
+
import"./cli-hdsasmp6.js";
|
|
8
8
|
import"./cli-9fsre5pt.js";
|
|
9
|
-
import"./cli-
|
|
10
|
-
import"./cli-
|
|
11
|
-
import"./cli-
|
|
9
|
+
import"./cli-ndysf75h.js";
|
|
10
|
+
import"./cli-6hg8ey3k.js";
|
|
11
|
+
import"./cli-7v8rrnff.js";
|
|
12
12
|
import"./cli-fw5r7pfj.js";
|
|
13
13
|
import"./cli-c8131c4q.js";
|
|
14
|
-
import"./cli-
|
|
15
|
-
import"./cli-
|
|
14
|
+
import"./cli-h9b8yg5m.js";
|
|
15
|
+
import"./cli-0a0azzew.js";
|
|
16
16
|
import"./cli-f7d23ded.js";
|
|
17
17
|
import"./cli-gpnb45ck.js";
|
|
18
|
-
import"./cli-
|
|
19
|
-
import"./cli-
|
|
20
|
-
import"./cli-
|
|
18
|
+
import"./cli-z198wvtq.js";
|
|
19
|
+
import"./cli-4fvrwqjf.js";
|
|
20
|
+
import"./cli-zv890tvv.js";
|
|
21
21
|
import"./cli-8rxa073f.js";
|
|
22
22
|
|
|
23
23
|
// src/core/api/blackboxPentest.ts
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
import {
|
|
2
2
|
OffensiveSecurityAgent
|
|
3
|
-
} from "./cli-
|
|
3
|
+
} from "./cli-6hg8ey3k.js";
|
|
4
4
|
import {
|
|
5
5
|
detectOSAndEnhancePrompt
|
|
6
|
-
} from "./cli-
|
|
6
|
+
} from "./cli-7v8rrnff.js";
|
|
7
7
|
import {
|
|
8
8
|
createLogger,
|
|
9
9
|
hasToolCall,
|
|
@@ -11,7 +11,7 @@ import {
|
|
|
11
11
|
init_lazyLogger,
|
|
12
12
|
init_structured,
|
|
13
13
|
scopedLogger
|
|
14
|
-
} from "./cli-
|
|
14
|
+
} from "./cli-h9b8yg5m.js";
|
|
15
15
|
|
|
16
16
|
// src/core/agents/specialized/authenticationAgent/agent.ts
|
|
17
17
|
init_dist();
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
import {
|
|
2
2
|
OffensiveSecurityAgent
|
|
3
|
-
} from "./cli-
|
|
3
|
+
} from "./cli-6hg8ey3k.js";
|
|
4
4
|
import {
|
|
5
5
|
init_dist,
|
|
6
6
|
stepCountIs
|
|
7
|
-
} from "./cli-
|
|
7
|
+
} from "./cli-h9b8yg5m.js";
|
|
8
8
|
|
|
9
9
|
// src/core/agents/specialized/codeAgent/agent.ts
|
|
10
10
|
init_dist();
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
import {
|
|
2
2
|
BlackboxAttackSurfaceAgent
|
|
3
|
-
} from "./cli-
|
|
3
|
+
} from "./cli-a846tejv.js";
|
|
4
4
|
import {
|
|
5
5
|
TargetedPentestAgent,
|
|
6
6
|
buildPentestSystemPrompt
|
|
7
|
-
} from "./cli-
|
|
7
|
+
} from "./cli-sct7x6vb.js";
|
|
8
8
|
import {
|
|
9
9
|
CodeAgent
|
|
10
|
-
} from "./cli-
|
|
10
|
+
} from "./cli-3wqq193x.js";
|
|
11
11
|
import {
|
|
12
12
|
AppsDiscoveryResultSchema,
|
|
13
13
|
DiscoverySummarySchema,
|
|
@@ -15,10 +15,10 @@ import {
|
|
|
15
15
|
WHITEBOX_APPS_DISCOVERY_SYSTEM_PROMPT,
|
|
16
16
|
WHITEBOX_DISCOVERY_SYSTEM_PROMPT,
|
|
17
17
|
WHITEBOX_ENDPOINT_DOCUMENTATION_SYSTEM_PROMPT
|
|
18
|
-
} from "./cli-
|
|
18
|
+
} from "./cli-hdsasmp6.js";
|
|
19
19
|
import {
|
|
20
20
|
EvidenceFileEntrySchema
|
|
21
|
-
} from "./cli-
|
|
21
|
+
} from "./cli-ndysf75h.js";
|
|
22
22
|
import {
|
|
23
23
|
CweEntrySchema,
|
|
24
24
|
FindingsRegistry,
|
|
@@ -27,7 +27,7 @@ import {
|
|
|
27
27
|
ValidatedCweEntrySchema,
|
|
28
28
|
hasCanonicalName,
|
|
29
29
|
runWithBoundedConcurrency
|
|
30
|
-
} from "./cli-
|
|
30
|
+
} from "./cli-6hg8ey3k.js";
|
|
31
31
|
import {
|
|
32
32
|
createThreatModelPrompt
|
|
33
33
|
} from "./cli-fw5r7pfj.js";
|
|
@@ -38,7 +38,7 @@ import {
|
|
|
38
38
|
init_lazyLogger,
|
|
39
39
|
init_structured,
|
|
40
40
|
scopedLogger
|
|
41
|
-
} from "./cli-
|
|
41
|
+
} from "./cli-h9b8yg5m.js";
|
|
42
42
|
import {
|
|
43
43
|
exports_external,
|
|
44
44
|
init_zod
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import {
|
|
2
2
|
detectOSAndEnhancePrompt
|
|
3
|
-
} from "./cli-
|
|
3
|
+
} from "./cli-7v8rrnff.js";
|
|
4
4
|
import {
|
|
5
5
|
parseTargetUrl
|
|
6
6
|
} from "./cli-c8131c4q.js";
|
|
@@ -26,14 +26,14 @@ import {
|
|
|
26
26
|
scopedLogger,
|
|
27
27
|
streamResponse,
|
|
28
28
|
write
|
|
29
|
-
} from "./cli-
|
|
29
|
+
} from "./cli-h9b8yg5m.js";
|
|
30
30
|
import {
|
|
31
31
|
ensureValidToken,
|
|
32
32
|
getPensarApiUrl,
|
|
33
33
|
init_auth,
|
|
34
34
|
init_constants,
|
|
35
35
|
signGatewayRequest
|
|
36
|
-
} from "./cli-
|
|
36
|
+
} from "./cli-0a0azzew.js";
|
|
37
37
|
import {
|
|
38
38
|
exports_external,
|
|
39
39
|
init_zod,
|
|
@@ -43,7 +43,7 @@ import {
|
|
|
43
43
|
import {
|
|
44
44
|
config,
|
|
45
45
|
init_config
|
|
46
|
-
} from "./cli-
|
|
46
|
+
} from "./cli-z198wvtq.js";
|
|
47
47
|
import {
|
|
48
48
|
__commonJS,
|
|
49
49
|
__export,
|
|
@@ -115562,7 +115562,7 @@ When to use delegate_to_auth_subagent vs authenticate_session:
|
|
|
115562
115562
|
if (credentials) {
|
|
115563
115563
|
ctx.session.credentialManager.addFromAuthCredentials(credentials);
|
|
115564
115564
|
}
|
|
115565
|
-
const { runAuthenticationAgent } = await import("./authentication-
|
|
115565
|
+
const { runAuthenticationAgent } = await import("./authentication-bcn4sv0c.js");
|
|
115566
115566
|
const localBus = new AgentEventBus;
|
|
115567
115567
|
AgentEventBus.attachChild(localBus, ctx.eventBus, subagentId);
|
|
115568
115568
|
const result = await runAuthenticationAgent({
|
|
@@ -116242,7 +116242,7 @@ async function generateThreatModelForEndpoint(ctx, input) {
|
|
|
116242
116242
|
return threatModelLimiter(async () => {
|
|
116243
116243
|
if (ctx.abortSignal?.aborted)
|
|
116244
116244
|
return null;
|
|
116245
|
-
const { CodeAgent } = await import("./agent-
|
|
116245
|
+
const { CodeAgent } = await import("./agent-ypmxjw2p.js");
|
|
116246
116246
|
const subagentId = `threat-model-${sanitize(input.appName)}-${sanitize(input.routePath)}`;
|
|
116247
116247
|
ctx.eventBus?.emit("subagent-spawn", {
|
|
116248
116248
|
subagentId,
|
|
@@ -118118,7 +118118,7 @@ init_lazyLogger();
|
|
|
118118
118118
|
var log6 = scopedLogger(() => createLogger("FindingJudge"));
|
|
118119
118119
|
async function judgeFinding(input, ctx) {
|
|
118120
118120
|
try {
|
|
118121
|
-
const { FindingJudgeAgent } = await import("./agent-
|
|
118121
|
+
const { FindingJudgeAgent } = await import("./agent-y8bhyea9.js");
|
|
118122
118122
|
const agent = new FindingJudgeAgent({
|
|
118123
118123
|
finding: input,
|
|
118124
118124
|
model: ctx.model,
|
|
@@ -122141,15 +122141,9 @@ function sha256(value) {
|
|
|
122141
122141
|
}
|
|
122142
122142
|
var PromptInjectionCatalogEntrySchema = exports_external.object({
|
|
122143
122143
|
id: exports_external.string().min(1),
|
|
122144
|
-
name: exports_external.string().min(1),
|
|
122145
|
-
category: exports_external.
|
|
122146
|
-
|
|
122147
|
-
"data-exfiltration",
|
|
122148
|
-
"tool-misuse",
|
|
122149
|
-
"role-confusion",
|
|
122150
|
-
"encoding"
|
|
122151
|
-
]),
|
|
122152
|
-
description: exports_external.string(),
|
|
122144
|
+
name: exports_external.string().min(1).optional(),
|
|
122145
|
+
category: exports_external.string().min(1).optional(),
|
|
122146
|
+
description: exports_external.string().default(""),
|
|
122153
122147
|
tags: exports_external.array(exports_external.string()).default([]),
|
|
122154
122148
|
deliveryHints: exports_external.array(exports_external.string()).default([]),
|
|
122155
122149
|
expectedObservation: exports_external.string().default(""),
|
|
@@ -122230,8 +122224,14 @@ function parsePromptInjectionLibrary(raw, root) {
|
|
|
122230
122224
|
const entries = catalogEntries.map((entry) => {
|
|
122231
122225
|
const payloadFile = resolvePayloadPath(root, entry.payloadPath);
|
|
122232
122226
|
const payload = readFileSync3(payloadFile, "utf-8");
|
|
122233
|
-
const { payloadPath: _payloadPath, ...safeEntry } = entry;
|
|
122234
|
-
return {
|
|
122227
|
+
const { payloadPath: _payloadPath, name, category, ...safeEntry } = entry;
|
|
122228
|
+
return {
|
|
122229
|
+
...safeEntry,
|
|
122230
|
+
name: name ?? entry.id,
|
|
122231
|
+
category: category ?? "uncategorized",
|
|
122232
|
+
payload,
|
|
122233
|
+
payloadFilePath: payloadFile
|
|
122234
|
+
};
|
|
122235
122235
|
});
|
|
122236
122236
|
return new StaticPromptInjectionLibrary(entries);
|
|
122237
122237
|
}
|
|
@@ -124345,7 +124345,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
|
|
|
124345
124345
|
});
|
|
124346
124346
|
if (cwd) {
|
|
124347
124347
|
try {
|
|
124348
|
-
const { WhiteboxAttackSurfaceAgent } = await import("./index-
|
|
124348
|
+
const { WhiteboxAttackSurfaceAgent } = await import("./index-kzxbdchp.js");
|
|
124349
124349
|
const localBus = new AgentEventBus;
|
|
124350
124350
|
AgentEventBus.attachChild(localBus, ctx.eventBus, subagentId);
|
|
124351
124351
|
const agent = new WhiteboxAttackSurfaceAgent({
|
|
@@ -124395,7 +124395,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
|
|
|
124395
124395
|
}
|
|
124396
124396
|
}
|
|
124397
124397
|
try {
|
|
124398
|
-
const { BlackboxAttackSurfaceAgent } = await import("./blackboxAgent-
|
|
124398
|
+
const { BlackboxAttackSurfaceAgent } = await import("./blackboxAgent-thcq84k0.js");
|
|
124399
124399
|
const localBus = new AgentEventBus;
|
|
124400
124400
|
AgentEventBus.attachChild(localBus, ctx.eventBus, subagentId);
|
|
124401
124401
|
const agent = new BlackboxAttackSurfaceAgent({
|
|
@@ -124473,7 +124473,7 @@ Omit \`cwd\` for blackbox mode (live target probing only).`,
|
|
|
124473
124473
|
toolCallDescription: exports_external.string().describe("A concise, human-readable description of what this tool call is doing")
|
|
124474
124474
|
}),
|
|
124475
124475
|
execute: async ({ target, cwd }) => {
|
|
124476
|
-
const { runPentestWorkflow: workflow } = await import("./pentest-
|
|
124476
|
+
const { runPentestWorkflow: workflow } = await import("./pentest-v60wwr25.js");
|
|
124477
124477
|
if (!ctx.model) {
|
|
124478
124478
|
return {
|
|
124479
124479
|
success: false,
|
|
@@ -126049,7 +126049,7 @@ Returns an array of results with the text output from each agent.`,
|
|
|
126049
126049
|
});
|
|
126050
126050
|
}
|
|
126051
126051
|
async function runSingleCodingAgent(ctx, codebasePath, objective, agentIndex, name) {
|
|
126052
|
-
const { CodeAgent } = await import("./agent-
|
|
126052
|
+
const { CodeAgent } = await import("./agent-ypmxjw2p.js");
|
|
126053
126053
|
const subagentId = `coding-agent-${agentIndex}`;
|
|
126054
126054
|
ctx.eventBus?.emit("subagent-spawn", {
|
|
126055
126055
|
subagentId,
|
|
@@ -126555,7 +126555,7 @@ Returns the worker's summary, objective results, and finding count — but NOT t
|
|
|
126555
126555
|
message: "spawn_pentest_agent requires a model in the tool context."
|
|
126556
126556
|
};
|
|
126557
126557
|
}
|
|
126558
|
-
const { TargetedPentestAgent } = await import("./agent-
|
|
126558
|
+
const { TargetedPentestAgent } = await import("./agent-d5j5r87f.js");
|
|
126559
126559
|
const findingsRegistry = ctx.findingsRegistry ?? FindingsRegistry.fromDirectory(ctx.session.findingsPath, {
|
|
126560
126560
|
model: ctx.model,
|
|
126561
126561
|
authConfig: ctx.authConfig,
|
|
@@ -126709,7 +126709,7 @@ Pass every target you want tested — the swarm handles concurrency automaticall
|
|
|
126709
126709
|
toolCallDescription: exports_external.string().describe("A concise, human-readable description of what this tool call is doing")
|
|
126710
126710
|
}),
|
|
126711
126711
|
execute: async ({ targets }) => {
|
|
126712
|
-
const { runPentestSwarm, DEFAULT_CONCURRENCY: DEFAULT_CONCURRENCY2 } = await import("./pentest-
|
|
126712
|
+
const { runPentestSwarm, DEFAULT_CONCURRENCY: DEFAULT_CONCURRENCY2 } = await import("./pentest-v60wwr25.js");
|
|
126713
126713
|
if (!ctx.model) {
|
|
126714
126714
|
return {
|
|
126715
126715
|
success: false,
|
|
@@ -127398,25 +127398,31 @@ function listPromptInjections(ctx) {
|
|
|
127398
127398
|
return tool({
|
|
127399
127399
|
description: "List available prompt-injection test payloads by safe metadata only. " + "The raw payload text is never returned. Use the returned id as a " + 'PromptInjectionRef: {"kind":"prompt_injection_ref","id":"<id>"} when a tool supports runtime injection references.',
|
|
127400
127400
|
inputSchema: exports_external.object({
|
|
127401
|
-
category: exports_external.
|
|
127402
|
-
|
|
127403
|
-
|
|
127404
|
-
"tool-misuse",
|
|
127405
|
-
"role-confusion",
|
|
127406
|
-
"encoding"
|
|
127407
|
-
]).optional().describe("Optional category filter."),
|
|
127408
|
-
tag: exports_external.string().optional().describe("Optional tag filter."),
|
|
127409
|
-
toolCallDescription: exports_external.string().describe("A concise, human-readable description of why you are listing prompt-injection payloads.")
|
|
127401
|
+
category: exports_external.string().optional().describe("Optional category filter. Returns only payloads whose `category` " + "field matches this value exactly (case-sensitive). The library is " + "externally curated, so categories vary; common ones include " + "instruction-hijack, data-exfiltration, tool-misuse, role-confusion, " + "and encoding. Call the tool once without filters first to discover " + "the exact category strings available, then re-call with one of them. " + "Omit to list payloads from every category."),
|
|
127402
|
+
tag: exports_external.string().optional().describe("Optional tag filter. Returns only payloads whose `tags` array " + "contains this exact tag (case-sensitive). Tags are free-form labels " + 'defined by the library (e.g. "baseline", "encoding", "secrets"); ' + "inspect the `tags` on an unfiltered listing to find valid values. " + "Combine with `category` to narrow results further. Omit to ignore tags."),
|
|
127403
|
+
toolCallDescription: exports_external.string().describe("A concise, human-readable description (one short sentence) of why " + "you are listing prompt-injection payloads right now, e.g. " + '"Finding tool-misuse payloads to test the support-ticket endpoint". ' + "Shown in the run timeline for auditability.")
|
|
127410
127404
|
}),
|
|
127411
127405
|
execute: async ({ category, tag }) => {
|
|
127412
|
-
|
|
127413
|
-
|
|
127414
|
-
|
|
127415
|
-
|
|
127416
|
-
|
|
127406
|
+
let library;
|
|
127407
|
+
try {
|
|
127408
|
+
library = await getPromptInjectionLibrary({
|
|
127409
|
+
library: ctx.promptInjectionLibrary,
|
|
127410
|
+
source: ctx.promptInjectionLibrarySource
|
|
127411
|
+
});
|
|
127412
|
+
} catch (err) {
|
|
127413
|
+
return {
|
|
127414
|
+
success: false,
|
|
127415
|
+
configured: false,
|
|
127416
|
+
count: 0,
|
|
127417
|
+
injections: [],
|
|
127418
|
+
error: `Failed to load the prompt-injection library: ${err instanceof Error ? err.message : String(err)}`
|
|
127419
|
+
};
|
|
127420
|
+
}
|
|
127421
|
+
const catalog = library.listCatalog();
|
|
127422
|
+
const injections = catalog.filter((entry) => !category || entry.category === category).filter((entry) => !tag || entry.tags.includes(tag));
|
|
127417
127423
|
return {
|
|
127418
127424
|
success: true,
|
|
127419
|
-
configured:
|
|
127425
|
+
configured: catalog.length > 0,
|
|
127420
127426
|
count: injections.length,
|
|
127421
127427
|
injections
|
|
127422
127428
|
};
|
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
import {
|
|
2
2
|
OffensiveSecurityAgent
|
|
3
|
-
} from "./cli-
|
|
3
|
+
} from "./cli-6hg8ey3k.js";
|
|
4
4
|
import {
|
|
5
5
|
detectOSAndEnhancePrompt
|
|
6
|
-
} from "./cli-
|
|
6
|
+
} from "./cli-7v8rrnff.js";
|
|
7
7
|
import {
|
|
8
8
|
hasToolCall,
|
|
9
9
|
init_dist,
|
|
10
10
|
stepCountIs
|
|
11
|
-
} from "./cli-
|
|
11
|
+
} from "./cli-h9b8yg5m.js";
|
|
12
12
|
|
|
13
13
|
// src/core/agents/specialized/attackSurface/blackboxAgent.ts
|
|
14
14
|
init_dist();
|
|
@@ -4,19 +4,19 @@ import {
|
|
|
4
4
|
OffensiveSecurityAgent,
|
|
5
5
|
SKILL_TOOL_NAMES,
|
|
6
6
|
buildBaseSystemPrompt
|
|
7
|
-
} from "./cli-
|
|
7
|
+
} from "./cli-6hg8ey3k.js";
|
|
8
8
|
import {
|
|
9
9
|
init_dist,
|
|
10
10
|
init_session,
|
|
11
11
|
sessions,
|
|
12
12
|
stepCountIs
|
|
13
|
-
} from "./cli-
|
|
13
|
+
} from "./cli-h9b8yg5m.js";
|
|
14
14
|
import {
|
|
15
15
|
ensureValidToken,
|
|
16
16
|
getPensarApiUrl,
|
|
17
17
|
init_auth,
|
|
18
18
|
init_constants
|
|
19
|
-
} from "./cli-
|
|
19
|
+
} from "./cli-0a0azzew.js";
|
|
20
20
|
import {
|
|
21
21
|
exports_external,
|
|
22
22
|
init_zod
|
|
@@ -24,7 +24,7 @@ import {
|
|
|
24
24
|
import {
|
|
25
25
|
config,
|
|
26
26
|
init_config
|
|
27
|
-
} from "./cli-
|
|
27
|
+
} from "./cli-z198wvtq.js";
|
|
28
28
|
import {
|
|
29
29
|
__commonJS,
|
|
30
30
|
__require
|
|
@@ -4,7 +4,7 @@ import {
|
|
|
4
4
|
init_auth,
|
|
5
5
|
init_constants,
|
|
6
6
|
signGatewayRequest
|
|
7
|
-
} from "./cli-
|
|
7
|
+
} from "./cli-0a0azzew.js";
|
|
8
8
|
import {
|
|
9
9
|
AISDKError,
|
|
10
10
|
APICallError,
|
|
@@ -62,11 +62,11 @@ import {
|
|
|
62
62
|
import {
|
|
63
63
|
config,
|
|
64
64
|
init_config
|
|
65
|
-
} from "./cli-
|
|
65
|
+
} from "./cli-z198wvtq.js";
|
|
66
66
|
import {
|
|
67
67
|
getCurrentVersion,
|
|
68
68
|
init_installation
|
|
69
|
-
} from "./cli-
|
|
69
|
+
} from "./cli-zv890tvv.js";
|
|
70
70
|
import {
|
|
71
71
|
__callDispose,
|
|
72
72
|
__commonJS,
|
|
@@ -43833,7 +43833,7 @@ async function create2(input) {
|
|
|
43833
43833
|
if (normalizedConfig?.headers !== undefined) {
|
|
43834
43834
|
snapshotHeaders = { ...normalizedConfig.headers };
|
|
43835
43835
|
} else {
|
|
43836
|
-
const { config: appConfig } = await import("./index-
|
|
43836
|
+
const { config: appConfig } = await import("./index-c0fmzbd2.js");
|
|
43837
43837
|
const cfg = await appConfig.get();
|
|
43838
43838
|
snapshotHeaders = cfg.defaultHeaders ? { ...cfg.defaultHeaders } : { ...DEFAULT_HEADER_RECORD };
|
|
43839
43839
|
}
|