@planu/cli 0.30.1 → 0.31.0

package/dist/engine/runtime-security/checkers/content-security.js

@@ -0,0 +1,106 @@
+// engine/runtime-security/checkers/content-security.ts — SPEC-084 AC-12
+// Detects insecure code patterns and unsafe configurations in generated content.
+const INSECURE_CODE_PATTERNS = [
+    // TypeScript/JavaScript
+    { name: 'eval', regex: /\beval\s*\(/g, language: 'typescript' },
+    { name: 'innerHTML', regex: /\.innerHTML\s*=/g, language: 'typescript' },
+    { name: 'dangerouslySetInnerHTML', regex: /dangerouslySetInnerHTML/g, language: 'typescript' },
+    { name: 'document.write', regex: /document\.write\s*\(/g, language: 'typescript' },
+    // Python
+    { name: 'pickle.loads', regex: /pickle\.loads?\s*\(/g, language: 'python' },
+    { name: 'yaml.load-unsafe', regex: /yaml\.load\s*\([^)]*(?!Loader)/g, language: 'python' },
+    {
+        name: 'subprocess-shell',
+        regex: /subprocess\.\w+\([^)]*shell\s*=\s*True/g,
+        language: 'python',
+    },
+    { name: 'exec-python', regex: /\bexec\s*\(\s*[^)]+\)/g, language: 'python' },
+    // Go
+    { name: 'template-unescaped', regex: /template\.HTML\s*\(/g, language: 'go' },
+    {
+        name: 'sql-concat',
+        regex: /fmt\.Sprintf\s*\(\s*"[^"]*(?:SELECT|INSERT|UPDATE|DELETE)/gi,
+        language: 'go',
+    },
+    { name: 'tls-skip-verify', regex: /InsecureSkipVerify\s*:\s*true/g, language: 'go' },
+    // Java
+    {
+        name: 'sql-concat-java',
+        regex: /Statement\s*\.\s*execute(?:Query|Update)\s*\(\s*"[^"]*\+/g,
+        language: 'java',
+    },
+    { name: 'runtime-exec', regex: /Runtime\.getRuntime\(\)\.exec/g, language: 'java' },
+    {
+        name: 'xml-external-entity',
+        regex: /XMLInputFactory|SAXParser(?!.*disallow)/g,
+        language: 'java',
+    },
+    // Ruby
+    { name: 'system-ruby', regex: /\bsystem\s*\(/g, language: 'ruby' },
+    { name: 'send-ruby', regex: /\.send\s*\(\s*params/g, language: 'ruby' },
+    { name: 'constantize', regex: /\.constantize/g, language: 'ruby' },
+    // PHP
+    { name: 'shell-exec-php', regex: /shell_exec\s*\(/g, language: 'php' },
+    { name: 'preg-replace-e', regex: /preg_replace\s*\([^)]*\/e/g, language: 'php' },
+    { name: 'extract-php', regex: /\bextract\s*\(\s*\$_/g, language: 'php' },
+    // Rust
+    { name: 'unsafe-rust', regex: /unsafe\s*\{/g, language: 'rust' },
+    { name: 'unwrap-rust', regex: /\.unwrap\(\)/g, language: 'rust' },
+    // C#
+    { name: 'sql-concat-csharp', regex: /SqlCommand\s*\([^)]*\+/g, language: 'csharp' },
+    { name: 'process-start', regex: /Process\.Start\s*\(/g, language: 'csharp' },
+    // Swift
+    { name: 'force-unwrap', regex: /!\s*\./g, language: 'swift' },
+    {
+        name: 'nsurlsession-no-ssl',
+        regex: /allowsExpiredCertificates|NSAllowsArbitraryLoads/g,
+        language: 'swift',
+    },
+    // Dart
+    { name: 'dart-mirrors', regex: /import\s+['"]dart:mirrors['"]/g, language: 'dart' },
+];
+const INSECURE_CONFIG_PATTERNS = [
+    {
+        name: 'cors-wildcard',
+        regex: /(?:cors|access-control-allow-origin)\s*[:=]\s*['"]\*['"]/gi,
+        language: 'config',
+    },
+    { name: 'debug-production', regex: /debug\s*[:=]\s*(?:true|True|1)/gi, language: 'config' },
+    { name: 'node-env-dev', regex: /NODE_ENV\s*[:=]\s*['"]?development['"]?/g, language: 'config' },
+    {
+        name: 'ssl-disabled',
+        regex: /(?:disable_ssl|verify_ssl\s*[:=]\s*false|rejectUnauthorized\s*:\s*false)/gi,
+        language: 'config',
+    },
+];
+function checkContent(value, field) {
+    const threats = [];
+    for (const pattern of [...INSECURE_CODE_PATTERNS, ...INSECURE_CONFIG_PATTERNS]) {
+        pattern.regex.lastIndex = 0;
+        if (pattern.regex.test(value)) {
+            threats.push({
+                type: 'content-security',
+                severity: 'warning',
+                message: `Insecure pattern detected: ${pattern.name} (${pattern.language})`,
+                field,
+                pattern: pattern.name,
+            });
+        }
+    }
+    return threats;
+}
+export const contentSecurityChecker = {
+    type: 'content-security',
+    check(_toolName, inputs, _config) {
+        const threats = [];
+        // Only check content-like fields (not paths, IDs, etc.)
+        const contentFields = ['content', 'code', 'template', 'output', 'description', 'body'];
+        for (const [key, value] of Object.entries(inputs)) {
+            if (typeof value === 'string' && (contentFields.includes(key) || value.length > 200)) {
+                threats.push(...checkContent(value, key));
+            }
+        }
+        return threats;
+    },
+};
+//# sourceMappingURL=content-security.js.map

package/dist/engine/runtime-security/checkers/content-security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"content-security.js","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/content-security.ts"],"names":[],"mappings":"AAAA,wEAAwE;AACxE,iFAAiF;AASjF,MAAM,sBAAsB,GAA0B;IACpD,wBAAwB;IACxB,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,EAAE;IAC/D,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,YAAY,EAAE;IACxE,EAAE,IAAI,EAAE,yBAAyB,EAAE,KAAK,EAAE,0BAA0B,EAAE,QAAQ,EAAE,YAAY,EAAE;IAC9F,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,uBAAuB,EAAE,QAAQ,EAAE,YAAY,EAAE;IAClF,SAAS;IACT,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,sBAAsB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC3E,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,iCAAiC,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC1F;QACE,IAAI,EAAE,kBAAkB;QACxB,KAAK,EAAE,yCAAyC;QAChD,QAAQ,EAAE,QAAQ;KACnB;IACD,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,wBAAwB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC5E,KAAK;IACL,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,sBAAsB,EAAE,QAAQ,EAAE,IAAI,EAAE;IAC7E;QACE,IAAI,EAAE,YAAY;QAClB,KAAK,EAAE,6DAA6D;QACpE,QAAQ,EAAE,IAAI;KACf;IACD,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,gCAAgC,EAAE,QAAQ,EAAE,IAAI,EAAE;IACpF,OAAO;IACP;QACE,IAAI,EAAE,iBAAiB;QACvB,KAAK,EAAE,2DAA2D;QAClE,QAAQ,EAAE,MAAM;KACjB;IACD,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,gCAAgC,EAAE,QAAQ,EAAE,MAAM,EAAE;IACnF;QACE,IAAI,EAAE,qBAAqB;QAC3B,KAAK,EAAE,0CAA0C;QACjD,QAAQ,EAAE,MAAM;KACjB;IACD,OAAO;IACP,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE;IAClE,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,uBAAuB,EAAE,QAAQ,EAAE,MAAM,EAAE;IACvE,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE;IAClE,MAAM;IACN,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,KAAK,EAAE;IACtE,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,4BAA4B,EAAE,QAAQ,EAAE,KAAK,EAAE;IAChF,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,uBAAuB,EAAE,QAAQ,EAAE,KAAK,EAAE;IACxE,OAAO;IACP,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE;IAChE,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE;IACjE,KAAK;IACL,EAAE,IAAI,EAAE,mBAAmB,EAAE,KAAK,EAAE,yBAAyB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACnF,EAAE,IAAI,EAAE,eAAe,EAAE,KAAK,EAAE,sBAAsB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC5E,QAAQ;IACR,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE;IAC7D;QACE,IAAI,EAAE,qBAAqB;QAC3B,KAAK,EAAE,mDAAmD;QAC1D,QAAQ,EAAE,OAAO;KAClB;IACD,OAAO;IACP,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,gCAAgC,EAAE,QAAQ,EAAE,MAAM,EAAE;CACpF,CAAC;AAEF,MAAM,wBAAwB,GAA0B;IACtD;QACE,IAAI,EAAE,eAAe;QACrB,KAAK,EAAE,4DAA4D;QACnE,QAAQ,EAAE,QAAQ;KACnB;IACD,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,kCAAkC,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC3F,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,0CAA0C,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC/F;QACE,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,4EAA4E;QACnF,QAAQ,EAAE,QAAQ;KACnB;CACF,CAAC;AAEF,SAAS,YAAY,CAAC,KAAa,EAAE,KAAa;IAChD,MAAM,OAAO,GAA4B,EAAE,CAAC;IAE5C,KAAK,MAAM,OAAO,IAAI,CAAC,GAAG,sBAAsB,EAAE,GAAG,wBAAwB,CAAC,EAAE,CAAC;QAC/E,OAAO,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC;QAC5B,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,8BAA8B,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,QAAQ,GAAG;gBAC3E,KAAK;gBACL,OAAO,EAAE,OAAO,CAAC,IAAI;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,CAAC,MAAM,sBAAsB,GAA2B;IAC5D,IAAI,EAAE,kBAAkB;IACxB,KAAK,CACH,SAAiB,EACjB,MAA+B,EAC/B,OAA8B;QAE9B,MAAM,OAAO,GAA4B,EAAE,CAAC;QAC5C,wDAAwD;QACxD,MAAM,aAAa,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;QAEvF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,CAAC,EAAE,CAAC;gBACrF,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF,CAAC"}

package/dist/engine/runtime-security/checkers/dependency-vuln.d.ts

@@ -0,0 +1,4 @@
+import type { RuntimeSecurityChecker, RuntimeDependencyVulnerability } from '../../../types/index.js';
+export declare function checkDependencies(projectPath: string): RuntimeDependencyVulnerability[];
+export declare const dependencyVulnChecker: RuntimeSecurityChecker;
+//# sourceMappingURL=dependency-vuln.d.ts.map

package/dist/engine/runtime-security/checkers/dependency-vuln.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dependency-vuln.d.ts","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/dependency-vuln.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAEV,sBAAsB,EAGtB,8BAA8B,EAC/B,MAAM,yBAAyB,CAAC;AA4CjC,wBAAgB,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,8BAA8B,EAAE,CAmCvF;AAED,eAAO,MAAM,qBAAqB,EAAE,sBAqBnC,CAAC"}

package/dist/engine/runtime-security/checkers/dependency-vuln.js

@@ -0,0 +1,93 @@
+// engine/runtime-security/checkers/dependency-vuln.ts — SPEC-084 AC-13
+// Analyzes lockfiles against an offline CVE database.
+import { readFileSync, existsSync } from 'node:fs';
+import { resolve, dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
+const MODULE_DIR = dirname(fileURLToPath(import.meta.url));
+const CVE_DB_PATH = resolve(MODULE_DIR, '../../../config/known-cves.json');
+let cachedDb = null;
+function loadCveDatabase() {
+    if (cachedDb) {
+        return cachedDb;
+    }
+    try {
+        const raw = readFileSync(CVE_DB_PATH, 'utf-8');
+        cachedDb = JSON.parse(raw);
+        return cachedDb;
+    }
+    catch {
+        return { lastUpdated: '', vulnerabilities: [] };
+    }
+}
+const LOCKFILE_ECOSYSTEMS = {
+    'package-lock.json': 'npm',
+    'pnpm-lock.yaml': 'npm',
+    'yarn.lock': 'npm',
+    'Pipfile.lock': 'pip',
+    'poetry.lock': 'pip',
+    'go.sum': 'go',
+    'Cargo.lock': 'cargo',
+    'Gemfile.lock': 'gem',
+    'composer.lock': 'composer',
+    'packages.lock.json': 'nuget',
+};
+function findLockfiles(projectPath) {
+    const results = [];
+    for (const [filename, ecosystem] of Object.entries(LOCKFILE_ECOSYSTEMS)) {
+        const fullPath = resolve(projectPath, filename);
+        if (existsSync(fullPath)) {
+            results.push({ path: fullPath, ecosystem });
+        }
+    }
+    return results;
+}
+export function checkDependencies(projectPath) {
+    const db = loadCveDatabase();
+    const lockfiles = findLockfiles(projectPath);
+    const vulnerabilities = [];
+    for (const lockfile of lockfiles) {
+        const ecosystemCves = db.vulnerabilities.filter((cve) => cve.ecosystem === lockfile.ecosystem);
+        if (ecosystemCves.length === 0) {
+            continue;
+        }
+        try {
+            const content = readFileSync(lockfile.path, 'utf-8');
+            for (const cve of ecosystemCves) {
+                // Simple check: see if package name appears in lockfile
+                if (content.includes(cve.package)) {
+                    vulnerabilities.push({
+                        package: cve.package,
+                        version: 'detected',
+                        cveId: cve.cveId,
+                        severity: cve.severity,
+                        description: cve.description,
+                        fixVersion: cve.fixVersion,
+                        ecosystem: cve.ecosystem,
+                    });
+                }
+            }
+        }
+        catch {
+            // Can't read lockfile — skip
+        }
+    }
+    return vulnerabilities;
+}
+export const dependencyVulnChecker = {
+    type: 'dependency-vulnerability',
+    check(_toolName, inputs, _config) {
+        const projectPath = typeof inputs.projectPath === 'string' ? inputs.projectPath : null;
+        if (!projectPath) {
+            return [];
+        }
+        const vulns = checkDependencies(projectPath);
+        return vulns.map((v) => ({
+            type: 'dependency-vulnerability',
+            severity: v.severity,
+            message: `${v.package}: ${v.description} (${v.cveId})`,
+            field: 'projectPath',
+            pattern: v.cveId,
+        }));
+    },
+};
+//# sourceMappingURL=dependency-vuln.js.map

package/dist/engine/runtime-security/checkers/dependency-vuln.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dependency-vuln.js","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/dependency-vuln.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,sDAAsD;AAEtD,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AASzC,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3D,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,EAAE,iCAAiC,CAAC,CAAC;AAE3E,IAAI,QAAQ,GAAuB,IAAI,CAAC;AAExC,SAAS,eAAe;IACtB,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAC/C,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,CAAC;QAC1C,OAAO,QAAQ,CAAC;IAClB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,CAAC;IAClD,CAAC;AACH,CAAC;AAED,MAAM,mBAAmB,GAA2B;IAClD,mBAAmB,EAAE,KAAK;IAC1B,gBAAgB,EAAE,KAAK;IACvB,WAAW,EAAE,KAAK;IAClB,cAAc,EAAE,KAAK;IACrB,aAAa,EAAE,KAAK;IACpB,QAAQ,EAAE,IAAI;IACd,YAAY,EAAE,OAAO;IACrB,cAAc,EAAE,KAAK;IACrB,eAAe,EAAE,UAAU;IAC3B,oBAAoB,EAAE,OAAO;CAC9B,CAAC;AAEF,SAAS,aAAa,CAAC,WAAmB;IACxC,MAAM,OAAO,GAA0C,EAAE,CAAC;IAC1D,KAAK,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC;QACxE,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QAChD,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,WAAmB;IACnD,MAAM,EAAE,GAAG,eAAe,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;IAC7C,MAAM,eAAe,GAAqC,EAAE,CAAC;IAE7D,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,MAAM,aAAa,GAAG,EAAE,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,KAAK,QAAQ,CAAC,SAAS,CAAC,CAAC;QAE/F,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,SAAS;QACX,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAErD,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;gBAChC,wDAAwD;gBACxD,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;oBAClC,eAAe,CAAC,IAAI,CAAC;wBACnB,OAAO,EAAE,GAAG,CAAC,OAAO;wBACpB,OAAO,EAAE,UAAU;wBACnB,KAAK,EAAE,GAAG,CAAC,KAAK;wBAChB,QAAQ,EAAE,GAAG,CAAC,QAAQ;wBACtB,WAAW,EAAE,GAAG,CAAC,WAAW;wBAC5B,UAAU,EAAE,GAAG,CAAC,UAAU;wBAC1B,SAAS,EAAE,GAAG,CAAC,SAAS;qBACzB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,6BAA6B;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,MAAM,CAAC,MAAM,qBAAqB,GAA2B;IAC3D,IAAI,EAAE,0BAA0B;IAChC,KAAK,CACH,SAAiB,EACjB,MAA+B,EAC/B,OAA8B;QAE9B,MAAM,WAAW,GAAG,OAAO,MAAM,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC;QACvF,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,KAAK,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC;QAC7C,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvB,IAAI,EAAE,0BAAmC;YACzC,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,OAAO,EAAE,GAAG,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC,WAAW,KAAK,CAAC,CAAC,KAAK,GAAG;YACtD,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,CAAC,CAAC,KAAK;SACjB,CAAC,CAAC,CAAC;IACN,CAAC;CACF,CAAC"}

package/dist/engine/runtime-security/checkers/file-permissions.d.ts

@@ -0,0 +1,3 @@
+import type { RuntimeSecurityChecker } from '../../../types/index.js';
+export declare const filePermissionsChecker: RuntimeSecurityChecker;
+//# sourceMappingURL=file-permissions.d.ts.map

package/dist/engine/runtime-security/checkers/file-permissions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-permissions.d.ts","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/file-permissions.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EACV,sBAAsB,EAGvB,MAAM,yBAAyB,CAAC;AAwCjC,eAAO,MAAM,sBAAsB,EAAE,sBA6BpC,CAAC"}

package/dist/engine/runtime-security/checkers/file-permissions.js

@@ -0,0 +1,60 @@
+// engine/runtime-security/checkers/file-permissions.ts — SPEC-084 AC-09
+// Validates file operations stay within allowed directories.
+import path from 'node:path';
+import os from 'node:os';
+function getDefaultAllowedDirs(projectPath) {
+    const dirs = [os.tmpdir()];
+    if (projectPath) {
+        dirs.push(path.resolve(projectPath));
+    }
+    // data/ directory relative to process.cwd()
+    dirs.push(path.resolve(process.cwd(), 'data'));
+    return dirs;
+}
+function isPathAllowed(filePath, allowedDirs) {
+    const resolved = path.resolve(filePath);
+    return allowedDirs.some((dir) => resolved.startsWith(dir));
+}
+function extractPaths(inputs) {
+    const result = [];
+    const pathFields = ['projectPath', 'filePath', 'outputPath', 'configPath', 'targetPath'];
+    for (const [key, value] of Object.entries(inputs)) {
+        if (typeof value === 'string' &&
+            (pathFields.includes(key) || key.toLowerCase().includes('path'))) {
+            result.push({ field: key, path: value });
+        }
+        if (key === 'codeFiles' && Array.isArray(value)) {
+            for (const item of value) {
+                if (typeof item === 'string') {
+                    result.push({ field: key, path: item });
+                }
+            }
+        }
+    }
+    return result;
+}
+export const filePermissionsChecker = {
+    type: 'file-permission',
+    check(_toolName, inputs, config) {
+        const threats = [];
+        const projectPath = typeof inputs.projectPath === 'string' ? inputs.projectPath : undefined;
+        const defaultDirs = getDefaultAllowedDirs(projectPath);
+        const allowedDirs = [...defaultDirs, ...config.allowedDirectories.map((d) => path.resolve(d))];
+        const pathEntries = extractPaths(inputs);
+        for (const entry of pathEntries) {
+            if (!path.isAbsolute(entry.path)) {
+                continue;
+            } // Relative paths handled by path-traversal checker
+            if (!isPathAllowed(entry.path, allowedDirs)) {
+                threats.push({
+                    type: 'file-permission',
+                    severity: 'critical',
+                    message: `File operation outside allowed directories: ${entry.path}`,
+                    field: entry.field,
+                });
+            }
+        }
+        return threats;
+    },
+};
+//# sourceMappingURL=file-permissions.js.map

package/dist/engine/runtime-security/checkers/file-permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-permissions.js","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/file-permissions.ts"],"names":[],"mappings":"AAAA,wEAAwE;AACxE,6DAA6D;AAE7D,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAOzB,SAAS,qBAAqB,CAAC,WAA+B;IAC5D,MAAM,IAAI,GAAa,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC;IACrC,IAAI,WAAW,EAAE,CAAC;QAChB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;IACvC,CAAC;IACD,4CAA4C;IAC5C,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC,CAAC;IAC/C,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,WAAqB;IAC5D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACxC,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,SAAS,YAAY,CAAC,MAA+B;IACnD,MAAM,MAAM,GAAsC,EAAE,CAAC;IACrD,MAAM,UAAU,GAAG,CAAC,aAAa,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;IAEzF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IACE,OAAO,KAAK,KAAK,QAAQ;YACzB,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EAChE,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3C,CAAC;QACD,IAAI,GAAG,KAAK,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAChD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,MAAM,sBAAsB,GAA2B;IAC5D,IAAI,EAAE,iBAAiB;IACvB,KAAK,CACH,SAAiB,EACjB,MAA+B,EAC/B,MAA6B;QAE7B,MAAM,OAAO,GAA4B,EAAE,CAAC;QAC5C,MAAM,WAAW,GAAG,OAAO,MAAM,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;QAC5F,MAAM,WAAW,GAAG,qBAAqB,CAAC,WAAW,CAAC,CAAC;QACvD,MAAM,WAAW,GAAG,CAAC,GAAG,WAAW,EAAE,GAAG,MAAM,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/F,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEzC,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjC,SAAS;YACX,CAAC,CAAC,mDAAmD;YACrD,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,EAAE,WAAW,CAAC,EAAE,CAAC;gBAC5C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,+CAA+C,KAAK,CAAC,IAAI,EAAE;oBACpE,KAAK,EAAE,KAAK,CAAC,KAAK;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF,CAAC"}

package/dist/engine/runtime-security/checkers/input-sanitizer.d.ts

@@ -0,0 +1,4 @@
+import type { RuntimeSecurityChecker } from '../../../types/index.js';
+export declare function sanitizeString(value: string): string;
+export declare const inputSanitizerChecker: RuntimeSecurityChecker;
+//# sourceMappingURL=input-sanitizer.d.ts.map

package/dist/engine/runtime-security/checkers/input-sanitizer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-sanitizer.d.ts","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/input-sanitizer.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,sBAAsB,EAGvB,MAAM,yBAAyB,CAAC;AA8EjC,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEpD;AAED,eAAO,MAAM,qBAAqB,EAAE,sBAqCnC,CAAC"}

package/dist/engine/runtime-security/checkers/input-sanitizer.js

@@ -0,0 +1,101 @@
+// engine/runtime-security/checkers/input-sanitizer.ts — SPEC-084 AC-05
+// Validates lengths, formats, and strips control characters from inputs.
+const FIELD_MAX_LENGTHS = {
+    specId: 100,
+    content: 50_000,
+    projectPath: 500,
+    fileName: 255,
+    name: 255,
+    description: 10_000,
+};
+const DEFAULT_MAX_LENGTH = 10_000;
+// Control characters U+0000-U+001F except \n (0x0A) and \t (0x09)
+// eslint-disable-next-line no-control-regex -- intentionally detecting control chars for sanitization
+const CONTROL_CHARS = /[\u0000-\u0008\u000B\u000C\u000E-\u001F]/g;
+const SPEC_ID_PATTERN = /^SPEC-\d{3,4}$/;
+function getMaxLength(field) {
+    return FIELD_MAX_LENGTHS[field] ?? DEFAULT_MAX_LENGTH;
+}
+function checkFieldLength(field, value) {
+    const maxLen = getMaxLength(field);
+    if (value.length > maxLen) {
+        return {
+            type: 'input-validation',
+            severity: 'warning',
+            message: `Field "${field}" exceeds max length (${String(value.length)}/${String(maxLen)})`,
+            field,
+        };
+    }
+    return null;
+}
+function checkControlChars(field, value) {
+    if (CONTROL_CHARS.test(value)) {
+        return {
+            type: 'input-validation',
+            severity: 'warning',
+            message: `Control characters detected in field "${field}"`,
+            field,
+            pattern: 'control-chars',
+        };
+    }
+    return null;
+}
+function checkSpecIdFormat(field, value) {
+    if (field === 'specId' && !SPEC_ID_PATTERN.test(value)) {
+        return {
+            type: 'input-validation',
+            severity: 'warning',
+            message: `Invalid specId format: expected SPEC-NNN, got "${value}"`,
+            field,
+            pattern: 'specId-format',
+        };
+    }
+    return null;
+}
+function checkProjectPathFormat(field, value) {
+    if (field === 'projectPath') {
+        const isAbsolute = value.startsWith('/') || /^[A-Z]:\\/i.test(value);
+        if (!isAbsolute) {
+            return {
+                type: 'input-validation',
+                severity: 'warning',
+                message: `projectPath must be an absolute path, got: "${value}"`,
+                field,
+                pattern: 'absolute-path',
+            };
+        }
+    }
+    return null;
+}
+export function sanitizeString(value) {
+    return value.replace(CONTROL_CHARS, '');
+}
+export const inputSanitizerChecker = {
+    type: 'input-validation',
+    check(_toolName, inputs, _config) {
+        const threats = [];
+        for (const [key, value] of Object.entries(inputs)) {
+            if (typeof value !== 'string') {
+                continue;
+            }
+            const lengthThreat = checkFieldLength(key, value);
+            if (lengthThreat) {
+                threats.push(lengthThreat);
+            }
+            const controlThreat = checkControlChars(key, value);
+            if (controlThreat) {
+                threats.push(controlThreat);
+            }
+            const specIdThreat = checkSpecIdFormat(key, value);
+            if (specIdThreat) {
+                threats.push(specIdThreat);
+            }
+            const pathThreat = checkProjectPathFormat(key, value);
+            if (pathThreat) {
+                threats.push(pathThreat);
+            }
+        }
+        return threats;
+    },
+};
+//# sourceMappingURL=input-sanitizer.js.map

package/dist/engine/runtime-security/checkers/input-sanitizer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-sanitizer.js","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/input-sanitizer.ts"],"names":[],"mappings":"AAAA,uEAAuE;AACvE,yEAAyE;AAQzE,MAAM,iBAAiB,GAA2B;IAChD,MAAM,EAAE,GAAG;IACX,OAAO,EAAE,MAAM;IACf,WAAW,EAAE,GAAG;IAChB,QAAQ,EAAE,GAAG;IACb,IAAI,EAAE,GAAG;IACT,WAAW,EAAE,MAAM;CACpB,CAAC;AAEF,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAElC,kEAAkE;AAClE,sGAAsG;AACtG,MAAM,aAAa,GAAG,2CAA2C,CAAC;AAElE,MAAM,eAAe,GAAG,gBAAgB,CAAC;AAEzC,SAAS,YAAY,CAAC,KAAa;IACjC,OAAO,iBAAiB,CAAC,KAAK,CAAC,IAAI,kBAAkB,CAAC;AACxD,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa,EAAE,KAAa;IACpD,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IACnC,IAAI,KAAK,CAAC,MAAM,GAAG,MAAM,EAAE,CAAC;QAC1B,OAAO;YACL,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,UAAU,KAAK,yBAAyB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG;YAC1F,KAAK;SACN,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa,EAAE,KAAa;IACrD,IAAI,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9B,OAAO;YACL,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,yCAAyC,KAAK,GAAG;YAC1D,KAAK;YACL,OAAO,EAAE,eAAe;SACzB,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa,EAAE,KAAa;IACrD,IAAI,KAAK,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;QACvD,OAAO;YACL,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,SAAS;YACnB,OAAO,EAAE,kDAAkD,KAAK,GAAG;YACnE,KAAK;YACL,OAAO,EAAE,eAAe;SACzB,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAa,EAAE,KAAa;IAC1D,IAAI,KAAK,KAAK,aAAa,EAAE,CAAC;QAC5B,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrE,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO;gBACL,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,SAAS;gBACnB,OAAO,EAAE,+CAA+C,KAAK,GAAG;gBAChE,KAAK;gBACL,OAAO,EAAE,eAAe;aACzB,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,KAAa;IAC1C,OAAO,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;AAC1C,CAAC;AAED,MAAM,CAAC,MAAM,qBAAqB,GAA2B;IAC3D,IAAI,EAAE,kBAAkB;IACxB,KAAK,CACH,SAAiB,EACjB,MAA+B,EAC/B,OAA8B;QAE9B,MAAM,OAAO,GAA4B,EAAE,CAAC;QAE5C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,SAAS;YACX,CAAC;YAED,MAAM,YAAY,GAAG,gBAAgB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAClD,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC7B,CAAC;YAED,MAAM,aAAa,GAAG,iBAAiB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACpD,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAC9B,CAAC;YAED,MAAM,YAAY,GAAG,iBAAiB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnD,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC7B,CAAC;YAED,MAAM,UAAU,GAAG,sBAAsB,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACtD,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF,CAAC"}

package/dist/engine/runtime-security/checkers/path-traversal.d.ts

@@ -0,0 +1,3 @@
+import type { RuntimeSecurityChecker } from '../../../types/index.js';
+export declare const pathTraversalChecker: RuntimeSecurityChecker;
+//# sourceMappingURL=path-traversal.d.ts.map

package/dist/engine/runtime-security/checkers/path-traversal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"path-traversal.d.ts","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/path-traversal.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,sBAAsB,EAGvB,MAAM,yBAAyB,CAAC;AAgGjC,eAAO,MAAM,oBAAoB,EAAE,sBAyBlC,CAAC"}

package/dist/engine/runtime-security/checkers/path-traversal.js

@@ -0,0 +1,102 @@
+// engine/runtime-security/checkers/path-traversal.ts — SPEC-084 AC-02
+// Detects and blocks path traversal attempts in tool inputs.
+import path from 'node:path';
+const DANGEROUS_SEQUENCES = ['../', '..\\', '%2e%2e', '%2E%2E', '%00', '\0'];
+const SENSITIVE_DIRS_UNIX = ['/etc/', '/var/', '/usr/', '/bin/', '/sbin/', '/proc/', '/sys/'];
+const SENSITIVE_DIRS_WIN = ['C:\\Windows\\', 'C:\\Program Files\\', 'C:\\System32\\'];
+function isPotentialPath(value) {
+    if (typeof value !== 'string') {
+        return false;
+    }
+    return (value.includes('/') ||
+        value.includes('\\') ||
+        value.startsWith('~') ||
+        value.startsWith('.') ||
+        /^[A-Z]:/i.test(value));
+}
+function normalizePath(p) {
+    let decoded = p;
+    try {
+        decoded = decodeURIComponent(decoded);
+    }
+    catch {
+        // Already decoded or invalid encoding — keep as-is
+    }
+    return decoded.replace(/\\/g, '/');
+}
+function checkSinglePath(value, field, projectRoot) {
+    const threats = [];
+    const normalized = normalizePath(value);
+    // Check dangerous sequences
+    for (const seq of DANGEROUS_SEQUENCES) {
+        if (normalized.includes(seq) || value.includes(seq)) {
+            threats.push({
+                type: 'path-traversal',
+                severity: 'critical',
+                message: `Path traversal sequence detected: "${seq}"`,
+                field,
+                pattern: seq,
+            });
+        }
+    }
+    // Check home directory escape
+    if (normalized.startsWith('~/') || normalized.startsWith('~\\')) {
+        threats.push({
+            type: 'path-traversal',
+            severity: 'critical',
+            message: 'Home directory reference detected',
+            field,
+            pattern: '~/',
+        });
+    }
+    // Check sensitive system directories
+    const allSensitive = [...SENSITIVE_DIRS_UNIX, ...SENSITIVE_DIRS_WIN];
+    for (const dir of allSensitive) {
+        const normalizedDir = normalizePath(dir);
+        if (normalized.startsWith(normalizedDir) ||
+            normalized.toLowerCase().startsWith(normalizedDir.toLowerCase())) {
+            threats.push({
+                type: 'path-traversal',
+                severity: 'critical',
+                message: `Access to sensitive system directory: ${dir}`,
+                field,
+                pattern: dir,
+            });
+        }
+    }
+    // Check if resolved path escapes project root
+    if (projectRoot && path.isAbsolute(value)) {
+        const resolved = path.resolve(value);
+        const resolvedRoot = path.resolve(projectRoot);
+        if (!resolved.startsWith(resolvedRoot)) {
+            threats.push({
+                type: 'path-traversal',
+                severity: 'critical',
+                message: `Path resolves outside project root: ${resolved}`,
+                field,
+            });
+        }
+    }
+    return threats;
+}
+export const pathTraversalChecker = {
+    type: 'path-traversal',
+    check(_toolName, inputs, _config) {
+        const threats = [];
+        const projectRoot = typeof inputs.projectPath === 'string' ? inputs.projectPath : undefined;
+        for (const [key, value] of Object.entries(inputs)) {
+            if (isPotentialPath(value)) {
+                threats.push(...checkSinglePath(value, key, projectRoot));
+            }
+            if (Array.isArray(value)) {
+                for (const item of value) {
+                    if (isPotentialPath(item)) {
+                        threats.push(...checkSinglePath(item, key, projectRoot));
+                    }
+                }
+            }
+        }
+        return threats;
+    },
+};
+//# sourceMappingURL=path-traversal.js.map

package/dist/engine/runtime-security/checkers/path-traversal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"path-traversal.js","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/path-traversal.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,6DAA6D;AAE7D,OAAO,IAAI,MAAM,WAAW,CAAC;AAO7B,MAAM,mBAAmB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;AAC7E,MAAM,mBAAmB,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;AAC9F,MAAM,kBAAkB,GAAG,CAAC,eAAe,EAAE,qBAAqB,EAAE,gBAAgB,CAAC,CAAC;AAEtF,SAAS,eAAe,CAAC,KAAc;IACrC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,CACL,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;QACnB,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;QACpB,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC;QACrB,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC;QACrB,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CACvB,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,CAAS;IAC9B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,CAAC;QACH,OAAO,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,mDAAmD;IACrD,CAAC;IACD,OAAO,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACrC,CAAC;AAED,SAAS,eAAe,CACtB,KAAa,EACb,KAAa,EACb,WAA+B;IAE/B,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,MAAM,UAAU,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAExC,4BAA4B;IAC5B,KAAK,MAAM,GAAG,IAAI,mBAAmB,EAAE,CAAC;QACtC,IAAI,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACpD,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,UAAU;gBACpB,OAAO,EAAE,sCAAsC,GAAG,GAAG;gBACrD,KAAK;gBACL,OAAO,EAAE,GAAG;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;QAChE,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,UAAU;YACpB,OAAO,EAAE,mCAAmC;YAC5C,KAAK;YACL,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,MAAM,YAAY,GAAG,CAAC,GAAG,mBAAmB,EAAE,GAAG,kBAAkB,CAAC,CAAC;IACrE,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,MAAM,aAAa,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QACzC,IACE,UAAU,CAAC,UAAU,CAAC,aAAa,CAAC;YACpC,UAAU,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,WAAW,EAAE,CAAC,EAChE,CAAC;YACD,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,UAAU;gBACpB,OAAO,EAAE,yCAAyC,GAAG,EAAE;gBACvD,KAAK;gBACL,OAAO,EAAE,GAAG;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8CAA8C;IAC9C,IAAI,WAAW,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAC/C,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACvC,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,UAAU;gBACpB,OAAO,EAAE,uCAAuC,QAAQ,EAAE;gBAC1D,KAAK;aACN,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,CAAC,MAAM,oBAAoB,GAA2B;IAC1D,IAAI,EAAE,gBAAgB;IACtB,KAAK,CACH,SAAiB,EACjB,MAA+B,EAC/B,OAA8B;QAE9B,MAAM,OAAO,GAA4B,EAAE,CAAC;QAC5C,MAAM,WAAW,GAAG,OAAO,MAAM,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;QAE5F,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,eAAe,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3B,OAAO,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,KAAK,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;YAC5D,CAAC;YACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;oBACzB,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC1B,OAAO,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,IAAI,EAAE,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;oBAC3D,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF,CAAC"}

package/dist/engine/runtime-security/checkers/prompt-injection.d.ts

@@ -0,0 +1,7 @@
+import type { RuntimeSecurityChecker } from '../../../types/index.js';
+declare function loadPatterns(): string[];
+declare function computeInjectionScore(text: string, patterns: string[], customPatterns: string[]): number;
+export declare const promptInjectionChecker: RuntimeSecurityChecker;
+/** Exported for testing */
+export { computeInjectionScore, loadPatterns };
+//# sourceMappingURL=prompt-injection.d.ts.map

package/dist/engine/runtime-security/checkers/prompt-injection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt-injection.d.ts","sourceRoot":"","sources":["../../../../src/engine/runtime-security/checkers/prompt-injection.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAEV,sBAAsB,EAGvB,MAAM,yBAAyB,CAAC;AAOjC,iBAAS,YAAY,IAAI,MAAM,EAAE,CAYhC;AAkBD,iBAAS,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,cAAc,EAAE,MAAM,EAAE,GAAG,MAAM,CAyBjG;AAMD,eAAO,MAAM,sBAAsB,EAAE,sBA4CpC,CAAC;AAEF,2BAA2B;AAC3B,OAAO,EAAE,qBAAqB,EAAE,YAAY,EAAE,CAAC"}