@remnux/mcp-server 0.1.0

package/dist/response.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Standardized JSON response envelope for all MCP tool handlers.
+ *
+ * Every tool returns { success, tool, data, metadata } so callers
+ * get a predictable shape regardless of which tool was invoked.
+ */
+import type { ErrorCategory } from "./errors/remnux-error.js";
+import { REMnuxError } from "./errors/remnux-error.js";
+export interface ToolResponse {
+    success: boolean;
+    tool: string;
+    data: Record<string, unknown>;
+    error?: string;
+    error_code?: string;
+    error_category?: ErrorCategory;
+    remediation?: string;
+    metadata: {
+        elapsed_ms: number;
+    };
+}
+/**
+ * Build a success response envelope.
+ */
+export declare function formatResponse(tool: string, data: Record<string, unknown>, startTime: number): {
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+    isError?: boolean;
+};
+/**
+ * Build an error response envelope. Sets `isError: true` on the MCP result.
+ *
+ * When `error` is a REMnuxError, the envelope includes structured fields:
+ * error_code, error_category, and remediation.
+ */
+export declare function formatError(tool: string, error: string | REMnuxError, startTime: number): {
+    content: Array<{
+        type: "text";
+        text: string;
+    }>;
+    isError: true;
+};
+//# sourceMappingURL=response.d.ts.map

package/dist/response.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"response.d.ts","sourceRoot":"","sources":["../src/response.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAC9D,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,aAAa,CAAC;IAC/B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE;QACR,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;CACH;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,SAAS,EAAE,MAAM,GAChB;IAAE,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAAC,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,CAUvE;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CACzB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,GAAG,WAAW,EAC3B,SAAS,EAAE,MAAM,GAChB;IAAE,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAAC,OAAO,EAAE,IAAI,CAAA;CAAE,CAqBnE"}

package/dist/response.js

@@ -0,0 +1,48 @@
+/**
+ * Standardized JSON response envelope for all MCP tool handlers.
+ *
+ * Every tool returns { success, tool, data, metadata } so callers
+ * get a predictable shape regardless of which tool was invoked.
+ */
+import { REMnuxError } from "./errors/remnux-error.js";
+/**
+ * Build a success response envelope.
+ */
+export function formatResponse(tool, data, startTime) {
+    const envelope = {
+        success: true,
+        tool,
+        data,
+        metadata: { elapsed_ms: Date.now() - startTime },
+    };
+    return {
+        content: [{ type: "text", text: JSON.stringify(envelope, null, 2) }],
+    };
+}
+/**
+ * Build an error response envelope. Sets `isError: true` on the MCP result.
+ *
+ * When `error` is a REMnuxError, the envelope includes structured fields:
+ * error_code, error_category, and remediation.
+ */
+export function formatError(tool, error, startTime) {
+    const envelope = {
+        success: false,
+        tool,
+        data: {},
+        error: error instanceof REMnuxError ? error.message : error,
+        metadata: { elapsed_ms: Date.now() - startTime },
+    };
+    if (error instanceof REMnuxError) {
+        envelope.error_code = error.code;
+        envelope.error_category = error.category;
+        if (error.remediation) {
+            envelope.remediation = error.remediation;
+        }
+    }
+    return {
+        content: [{ type: "text", text: JSON.stringify(envelope, null, 2) }],
+        isError: true,
+    };
+}
+//# sourceMappingURL=response.js.map

package/dist/response.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"response.js","sourceRoot":"","sources":["../src/response.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAevD;;GAEG;AACH,MAAM,UAAU,cAAc,CAC5B,IAAY,EACZ,IAA6B,EAC7B,SAAiB;IAEjB,MAAM,QAAQ,GAAiB;QAC7B,OAAO,EAAE,IAAI;QACb,IAAI;QACJ,IAAI;QACJ,QAAQ,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,EAAE;KACjD,CAAC;IACF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACrE,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CACzB,IAAY,EACZ,KAA2B,EAC3B,SAAiB;IAEjB,MAAM,QAAQ,GAAiB;QAC7B,OAAO,EAAE,KAAK;QACd,IAAI;QACJ,IAAI,EAAE,EAAE;QACR,KAAK,EAAE,KAAK,YAAY,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK;QAC3D,QAAQ,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,EAAE;KACjD,CAAC;IAEF,IAAI,KAAK,YAAY,WAAW,EAAE,CAAC;QACjC,QAAQ,CAAC,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC;QACjC,QAAQ,CAAC,cAAc,GAAG,KAAK,CAAC,QAAQ,CAAC;QACzC,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;YACtB,QAAQ,CAAC,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;QACpE,OAAO,EAAE,IAAI;KACd,CAAC;AACJ,CAAC"}

package/dist/schemas/tools.d.ts

@@ -0,0 +1,135 @@
+import { z } from "zod";
+export declare const runToolSchema: z.ZodObject<{
+    command: z.ZodString;
+    input_file: z.ZodOptional<z.ZodString>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    command: string;
+    timeout?: number | undefined;
+    input_file?: string | undefined;
+}, {
+    command: string;
+    timeout?: number | undefined;
+    input_file?: string | undefined;
+}>;
+export type RunToolArgs = z.infer<typeof runToolSchema>;
+export declare const getFileInfoSchema: z.ZodObject<{
+    file: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    file: string;
+}, {
+    file: string;
+}>;
+export type GetFileInfoArgs = z.infer<typeof getFileInfoSchema>;
+export declare const listFilesSchema: z.ZodObject<{
+    directory: z.ZodDefault<z.ZodEnum<["samples", "output"]>>;
+}, "strip", z.ZodTypeAny, {
+    directory: "samples" | "output";
+}, {
+    directory?: "samples" | "output" | undefined;
+}>;
+export type ListFilesArgs = z.infer<typeof listFilesSchema>;
+export declare const extractArchiveSchema: z.ZodObject<{
+    archive_file: z.ZodString;
+    password: z.ZodOptional<z.ZodString>;
+    output_subdir: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    archive_file: string;
+    password?: string | undefined;
+    output_subdir?: string | undefined;
+}, {
+    archive_file: string;
+    password?: string | undefined;
+    output_subdir?: string | undefined;
+}>;
+export type ExtractArchiveArgs = z.infer<typeof extractArchiveSchema>;
+export declare const uploadFromHostSchema: z.ZodObject<{
+    host_path: z.ZodString;
+    filename: z.ZodOptional<z.ZodString>;
+    overwrite: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, "strip", z.ZodTypeAny, {
+    host_path: string;
+    overwrite: boolean;
+    filename?: string | undefined;
+}, {
+    host_path: string;
+    filename?: string | undefined;
+    overwrite?: boolean | undefined;
+}>;
+export type UploadFromHostArgs = z.infer<typeof uploadFromHostSchema>;
+export declare const downloadFileSchema: z.ZodObject<{
+    file_path: z.ZodString;
+    output_path: z.ZodString;
+    archive: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, "strip", z.ZodTypeAny, {
+    file_path: string;
+    output_path: string;
+    archive: boolean;
+}, {
+    file_path: string;
+    output_path: string;
+    archive?: boolean | undefined;
+}>;
+export type DownloadFileArgs = z.input<typeof downloadFileSchema>;
+export declare const analyzeFileSchema: z.ZodObject<{
+    file: z.ZodString;
+    timeout_per_tool: z.ZodOptional<z.ZodNumber>;
+    depth: z.ZodDefault<z.ZodOptional<z.ZodEnum<["quick", "standard", "deep"]>>>;
+}, "strip", z.ZodTypeAny, {
+    file: string;
+    depth: "quick" | "standard" | "deep";
+    timeout_per_tool?: number | undefined;
+}, {
+    file: string;
+    timeout_per_tool?: number | undefined;
+    depth?: "quick" | "standard" | "deep" | undefined;
+}>;
+export type AnalyzeFileArgs = z.input<typeof analyzeFileSchema>;
+export declare const checkToolsSchema: z.ZodObject<{}, "strip", z.ZodTypeAny, {}, {}>;
+export type CheckToolsArgs = z.infer<typeof checkToolsSchema>;
+export declare const suggestToolsSchema: z.ZodObject<{
+    file: z.ZodString;
+    depth: z.ZodDefault<z.ZodOptional<z.ZodEnum<["quick", "standard", "deep"]>>>;
+}, "strip", z.ZodTypeAny, {
+    file: string;
+    depth: "quick" | "standard" | "deep";
+}, {
+    file: string;
+    depth?: "quick" | "standard" | "deep" | undefined;
+}>;
+export type SuggestToolsArgs = z.input<typeof suggestToolsSchema>;
+export declare const downloadFromUrlSchema: z.ZodObject<{
+    url: z.ZodString;
+    filename: z.ZodOptional<z.ZodString>;
+    headers: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    method: z.ZodDefault<z.ZodOptional<z.ZodEnum<["curl", "thug"]>>>;
+    overwrite: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+    timeout: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    overwrite: boolean;
+    url: string;
+    method: "curl" | "thug";
+    timeout?: number | undefined;
+    filename?: string | undefined;
+    headers?: string[] | undefined;
+}, {
+    url: string;
+    timeout?: number | undefined;
+    filename?: string | undefined;
+    overwrite?: boolean | undefined;
+    headers?: string[] | undefined;
+    method?: "curl" | "thug" | undefined;
+}>;
+export type DownloadFromUrlArgs = z.input<typeof downloadFromUrlSchema>;
+export declare const extractIOCsSchema: z.ZodObject<{
+    text: z.ZodString;
+    include_noise: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+}, "strip", z.ZodTypeAny, {
+    text: string;
+    include_noise: boolean;
+}, {
+    text: string;
+    include_noise?: boolean | undefined;
+}>;
+export type ExtractIOCsArgs = z.infer<typeof extractIOCsSchema>;
+//# sourceMappingURL=tools.d.ts.map

package/dist/schemas/tools.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tools.d.ts","sourceRoot":"","sources":["../../src/schemas/tools.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,aAAa;;;;;;;;;;;;EAIxB,CAAC;AACH,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,aAAa,CAAC,CAAC;AAExD,eAAO,MAAM,iBAAiB;;;;;;EAE5B,CAAC;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAEhE,eAAO,MAAM,eAAe;;;;;;EAE1B,CAAC;AACH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAC;AAE5D,eAAO,MAAM,oBAAoB;;;;;;;;;;;;EAI/B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAEtE,eAAO,MAAM,oBAAoB;;;;;;;;;;;;EAI/B,CAAC;AACH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAEtE,eAAO,MAAM,kBAAkB;;;;;;;;;;;;EAO7B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAElE,eAAO,MAAM,iBAAiB;;;;;;;;;;;;EAM5B,CAAC;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC;AAEhE,eAAO,MAAM,gBAAgB,gDAAe,CAAC;AAC7C,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE9D,eAAO,MAAM,kBAAkB;;;;;;;;;EAK7B,CAAC;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAElE,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;EAmBhC,CAAC;AACH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC;AAExE,eAAO,MAAM,iBAAiB;;;;;;;;;EAG5B,CAAC;AACH,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAC"}

package/dist/schemas/tools.js

@@ -0,0 +1,53 @@
+import { z } from "zod";
+export const runToolSchema = z.object({
+    command: z.string().describe("Command to execute (can include pipes, e.g., 'strings sample.exe | grep -i password')"),
+    input_file: z.string().optional().describe("Input file path (relative to samples dir) - appended to command"),
+    timeout: z.number().optional().describe("Timeout in seconds (default: 300)"),
+});
+export const getFileInfoSchema = z.object({
+    file: z.string().describe("File path relative to samples directory"),
+});
+export const listFilesSchema = z.object({
+    directory: z.enum(["samples", "output"]).default("samples").describe("Which directory to list"),
+});
+export const extractArchiveSchema = z.object({
+    archive_file: z.string().describe("Path to archive file relative to samples directory (e.g., 'sample.zip')"),
+    password: z.string().optional().describe("Optional password to try first. If not provided, tries common passwords from built-in list."),
+    output_subdir: z.string().optional().describe("Optional subdirectory name for extracted files. Defaults to archive filename without extension."),
+});
+export const uploadFromHostSchema = z.object({
+    host_path: z.string().describe("Absolute path on the host filesystem to the file to upload"),
+    filename: z.string().optional().describe("Override filename in samples dir (defaults to basename of host_path)"),
+    overwrite: z.boolean().optional().default(false).describe("Whether to overwrite if file exists. Default: false"),
+});
+export const downloadFileSchema = z.object({
+    file_path: z.string().describe("File path relative to the output directory"),
+    output_path: z.string().describe("Directory on host to save the downloaded file"),
+    archive: z.boolean().optional().default(true).describe("Wrap the file in a password-protected archive before transfer (default: true). " +
+        "Protects against AV/EDR triggers on the host. Pass false for harmless files like text reports."),
+});
+export const analyzeFileSchema = z.object({
+    file: z.string().describe("Filename relative to samples directory"),
+    timeout_per_tool: z.number().optional().describe("Timeout per tool in seconds (default: 60)"),
+    depth: z.enum(["quick", "standard", "deep"]).optional().default("standard").describe("Analysis depth: 'quick' (fast triage tools only), 'standard' (default, all category tools), 'deep' (standard + expensive tools like full decompilation)"),
+});
+export const checkToolsSchema = z.object({});
+export const suggestToolsSchema = z.object({
+    file: z.string().describe("Filename relative to samples directory"),
+    depth: z.enum(["quick", "standard", "deep"]).optional().default("standard").describe("Filter recommendations by depth tier: 'quick' (triage only), 'standard' (default), 'deep' (all tools)"),
+});
+export const downloadFromUrlSchema = z.object({
+    url: z.string().url().describe("URL to download (http or https only)"),
+    filename: z.string().optional().describe("Override filename in samples dir. If omitted, derived from URL path."),
+    headers: z.array(z.string()).optional().describe("Custom HTTP headers as 'Name: value' strings. " +
+        "Example: ['User-Agent: Mozilla/5.0', 'X-Auth-Token: abc123']"),
+    method: z.enum(["curl", "thug"]).optional().default("curl").describe("Download method. 'curl' (default) for direct HTTP download. " +
+        "'thug' for sites requiring JavaScript execution (uses thug honeyclient)."),
+    overwrite: z.boolean().optional().default(false).describe("Whether to overwrite if file exists. Default: false"),
+    timeout: z.number().optional().describe("Download timeout in seconds (default: server timeout)"),
+});
+export const extractIOCsSchema = z.object({
+    text: z.string().describe("Text to extract IOCs from (e.g., output from run_tool or analyze_file)"),
+    include_noise: z.boolean().optional().default(false).describe("Include low-confidence known-good IOCs"),
+});
+//# sourceMappingURL=tools.js.map

package/dist/schemas/tools.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tools.js","sourceRoot":"","sources":["../../src/schemas/tools.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,uFAAuF,CAAC;IACrH,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iEAAiE,CAAC;IAC7G,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC;CAC7E,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACxC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,yCAAyC,CAAC;CACrE,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,yBAAyB,CAAC;CAChG,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,yEAAyE,CAAC;IAC5G,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,6FAA6F,CAAC;IACvI,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iGAAiG,CAAC;CACjJ,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC3C,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,4DAA4D,CAAC;IAC5F,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,sEAAsE,CAAC;IAChH,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,qDAAqD,CAAC;CACjH,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IAC5E,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,+CAA+C,CAAC;IACjF,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CACpD,iFAAiF;QACjF,gGAAgG,CACjG;CACF,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACxC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wCAAwC,CAAC;IACnE,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,2CAA2C,CAAC;IAC7F,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAClF,yJAAyJ,CAC1J;CACF,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AAG7C,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wCAAwC,CAAC;IACnE,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAClF,uGAAuG,CACxG;CACF,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,sCAAsC,CAAC;IACtE,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CACtC,sEAAsE,CACvE;IACD,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAC9C,gDAAgD;QAChD,8DAA8D,CAC/D;IACD,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,QAAQ,CAClE,8DAA8D;QAC9D,0EAA0E,CAC3E;IACD,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CACvD,qDAAqD,CACtD;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CACrC,uDAAuD,CACxD;CACF,CAAC,CAAC;AAGH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACxC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,wEAAwE,CAAC;IACnG,aAAa,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,wCAAwC,CAAC;CACxG,CAAC,CAAC"}

package/dist/security/blocklist.d.ts

@@ -0,0 +1,69 @@
+/**
+ * Security configuration for REMnux MCP server
+ *
+ * Threat model: All three modes (docker, ssh, local) execute commands inside a
+ * disposable REMnux VM or container. Container/VM isolation is the security
+ * boundary — not this module.
+ *
+ * This module prevents:
+ * 1. Shell injection — malware output containing prompt injection could trick
+ *    the AI into executing arbitrary code via eval, $(), backticks, etc.
+ * 2. Dangerous pipes — pipes to interpreters (| bash, | python) blocked.
+ *
+ * Path sandboxing (isPathSafe, validateFilePath) is available as an opt-in
+ * workflow aid via --sandbox, not as a security control.
+ */
+/**
+ * Blocked command patterns
+ * Commands matching these patterns will be rejected regardless of tool
+ */
+export interface BlockedPattern {
+    pattern: RegExp;
+    category: string;
+}
+export declare const BLOCKED_PATTERNS: BlockedPattern[];
+/**
+ * Validate that a path is safe (within allowed directories)
+ * @param path - The path to validate (relative to baseDir)
+ * @param baseDir - The base directory that the path should be contained within
+ * @returns true if the path is safe, false otherwise
+ */
+export declare function isPathSafe(path: string, baseDir: string): boolean;
+/**
+ * Check if a path is a symlink
+ *
+ * @param filePath - The full path to check (already resolved)
+ * @returns true if the path is a symlink, false otherwise
+ * @throws Error if the path doesn't exist
+ */
+export declare function isSymlink(filePath: string): boolean;
+/**
+ * Validate a file path for safe execution
+ * Checks path safety (no traversal, no special chars, stays within baseDir)
+ *
+ * @param relativePath - Relative path from baseDir
+ * @param baseDir - Base directory
+ * @returns { safe: boolean, error?: string }
+ */
+export declare function validateFilePath(relativePath: string, baseDir: string): {
+    safe: boolean;
+    error?: string;
+};
+/**
+ * Dangerous pipe patterns - commands piped to interpreters that could execute code
+ * These are checked separately to allow safe pipes (e.g., grep, head, sort)
+ * while blocking dangerous ones (e.g., | bash, | python)
+ */
+export declare const DANGEROUS_PIPE_PATTERNS: BlockedPattern[];
+/**
+ * Check if a command string is safe to execute
+ * Validates against both BLOCKED_PATTERNS and DANGEROUS_PIPE_PATTERNS
+ *
+ * @param command - The full command string to validate
+ * @returns { safe: boolean, error?: string }
+ */
+export declare function isCommandSafe(command: string): {
+    safe: boolean;
+    error?: string;
+};
+//# sourceMappingURL=blocklist.d.ts.map

package/dist/security/blocklist.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"blocklist.d.ts","sourceRoot":"","sources":["../../src/security/blocklist.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAKH;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,eAAO,MAAM,gBAAgB,EAAE,cAAc,EAuB5C,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAmCjE;AAED;;;;;;GAMG;AACH,wBAAgB,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAOnD;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAC9B,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,GACd;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAMnC;AAED;;;;GAIG;AACH,eAAO,MAAM,uBAAuB,EAAE,cAAc,EAWnD,CAAC;AAEF;;;;;;GAMG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,CAqBhF"}

package/dist/security/blocklist.js

@@ -0,0 +1,148 @@
+/**
+ * Security configuration for REMnux MCP server
+ *
+ * Threat model: All three modes (docker, ssh, local) execute commands inside a
+ * disposable REMnux VM or container. Container/VM isolation is the security
+ * boundary — not this module.
+ *
+ * This module prevents:
+ * 1. Shell injection — malware output containing prompt injection could trick
+ *    the AI into executing arbitrary code via eval, $(), backticks, etc.
+ * 2. Dangerous pipes — pipes to interpreters (| bash, | python) blocked.
+ *
+ * Path sandboxing (isPathSafe, validateFilePath) is available as an opt-in
+ * workflow aid via --sandbox, not as a security control.
+ */
+import { normalize, isAbsolute, resolve } from "path";
+import { lstatSync, existsSync } from "fs";
+export const BLOCKED_PATTERNS = [
+    // CRITICAL: Newline and control character injection
+    { pattern: /[\n\r\x00]/, category: "control character injection" },
+    // Shell escape / code execution — prevents prompt injection from triggering arbitrary code
+    { pattern: /\beval\b/i, category: "shell escape" },
+    { pattern: /\bexec\b/i, category: "shell escape" },
+    { pattern: /`[^`]+`/, category: "shell escape (backtick)" },
+    { pattern: /\$\([^)]+\)/, category: "shell escape (command substitution)" },
+    { pattern: /\$\{[^}]+\}/, category: "shell escape (variable expansion)" },
+    { pattern: /\$[A-Za-z_][A-Za-z0-9_]*/, category: "shell escape (variable expansion)" },
+    // Process substitution
+    { pattern: /[<>]\s*\(/, category: "process substitution" },
+    // Shell sourcing
+    { pattern: /\bsource\b/i, category: "shell escape" },
+    // Catastrophic command guard — prevents AI from accidentally destroying the analysis session
+    // Only blocks root-level wipes (rm -rf /), not targeted deletes (rm -rf subdir/)
+    { pattern: /rm\s+-[rR].*\s\/\s*$/, category: "catastrophic command (root wipe)" },
+    { pattern: /rm\s+-[rR].*\s\/\*/, category: "catastrophic command (root wipe)" },
+    { pattern: /\bmkfs\b/, category: "catastrophic command (format filesystem)" },
+];
+/**
+ * Validate that a path is safe (within allowed directories)
+ * @param path - The path to validate (relative to baseDir)
+ * @param baseDir - The base directory that the path should be contained within
+ * @returns true if the path is safe, false otherwise
+ */
+export function isPathSafe(path, baseDir) {
+    // Reject empty string (resolves to baseDir itself)
+    if (path === "")
+        return false;
+    // Reject null bytes (can truncate paths in C-based functions)
+    if (path.includes("\0"))
+        return false;
+    // Reject absolute paths
+    if (isAbsolute(path))
+        return false;
+    // Reject path traversal (check before normalization)
+    if (path.includes(".."))
+        return false;
+    // Reject special characters that might cause shell issues
+    if (/[;&|`$\n\r'"]/.test(path))
+        return false;
+    // Reject home directory references
+    if (path.startsWith("~"))
+        return false;
+    // Normalize the path to handle unicode normalization attacks
+    const normalizedPath = normalize(path);
+    // After normalization, check again for traversal (handles cases like "foo/../..")
+    if (normalizedPath.includes("..") || normalizedPath.startsWith(".."))
+        return false;
+    // Verify the resolved path stays within baseDir
+    const resolvedPath = resolve(baseDir, normalizedPath);
+    const normalizedBase = resolve(baseDir);
+    // The resolved path must start with the base directory
+    if (!resolvedPath.startsWith(normalizedBase + "/") && resolvedPath !== normalizedBase) {
+        return false;
+    }
+    return true;
+}
+/**
+ * Check if a path is a symlink
+ *
+ * @param filePath - The full path to check (already resolved)
+ * @returns true if the path is a symlink, false otherwise
+ * @throws Error if the path doesn't exist
+ */
+export function isSymlink(filePath) {
+    if (!existsSync(filePath)) {
+        throw new Error(`Path does not exist: ${filePath}`);
+    }
+    const stats = lstatSync(filePath);
+    return stats.isSymbolicLink();
+}
+/**
+ * Validate a file path for safe execution
+ * Checks path safety (no traversal, no special chars, stays within baseDir)
+ *
+ * @param relativePath - Relative path from baseDir
+ * @param baseDir - Base directory
+ * @returns { safe: boolean, error?: string }
+ */
+export function validateFilePath(relativePath, baseDir) {
+    if (!isPathSafe(relativePath, baseDir)) {
+        return { safe: false, error: "Invalid file path" };
+    }
+    return { safe: true };
+}
+/**
+ * Dangerous pipe patterns - commands piped to interpreters that could execute code
+ * These are checked separately to allow safe pipes (e.g., grep, head, sort)
+ * while blocking dangerous ones (e.g., | bash, | python)
+ */
+export const DANGEROUS_PIPE_PATTERNS = [
+    // Pipe to code interpreters — prevents prompt injection from executing arbitrary code
+    { pattern: /\|\s*(ba)?sh\b/i, category: "pipe to shell" },
+    { pattern: /\|\s*zsh\b/i, category: "pipe to shell" },
+    { pattern: /\|\s*fish\b/i, category: "pipe to shell" },
+    { pattern: /\|\s*python[23]?\b/i, category: "pipe to interpreter" },
+    { pattern: /\|\s*perl\b/i, category: "pipe to interpreter" },
+    { pattern: /\|\s*ruby\b/i, category: "pipe to interpreter" },
+    { pattern: /\|\s*node\b/i, category: "pipe to interpreter" },
+    { pattern: /\|\s*php\b/i, category: "pipe to interpreter" },
+    { pattern: /\|\s*lua\b/i, category: "pipe to interpreter" },
+];
+/**
+ * Check if a command string is safe to execute
+ * Validates against both BLOCKED_PATTERNS and DANGEROUS_PIPE_PATTERNS
+ *
+ * @param command - The full command string to validate
+ * @returns { safe: boolean, error?: string }
+ */
+export function isCommandSafe(command) {
+    // Reject empty or whitespace-only commands
+    if (!command || command.trim() === "") {
+        return { safe: false, error: "Empty command" };
+    }
+    // Check against blocked patterns
+    for (const { pattern, category } of BLOCKED_PATTERNS) {
+        if (pattern.test(command)) {
+            return { safe: false, error: `Command blocked: ${category}` };
+        }
+    }
+    // Check against dangerous pipe patterns
+    for (const { pattern, category } of DANGEROUS_PIPE_PATTERNS) {
+        if (pattern.test(command)) {
+            return { safe: false, error: `Command blocked: ${category}` };
+        }
+    }
+    return { safe: true };
+}
+//# sourceMappingURL=blocklist.js.map

package/dist/security/blocklist.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"blocklist.js","sourceRoot":"","sources":["../../src/security/blocklist.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACtD,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAW3C,MAAM,CAAC,MAAM,gBAAgB,GAAqB;IAChD,oDAAoD;IACpD,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,6BAA6B,EAAE;IAElE,2FAA2F;IAC3F,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,EAAE;IAClD,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,EAAE;IAClD,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,yBAAyB,EAAE;IAC3D,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,qCAAqC,EAAE;IAC3E,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,mCAAmC,EAAE;IACzE,EAAE,OAAO,EAAE,0BAA0B,EAAE,QAAQ,EAAE,mCAAmC,EAAE;IAEtF,uBAAuB;IACvB,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,sBAAsB,EAAE;IAE1D,iBAAiB;IACjB,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,cAAc,EAAE;IAEpD,6FAA6F;IAC7F,iFAAiF;IACjF,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,kCAAkC,EAAE;IACjF,EAAE,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,kCAAkC,EAAE;IAC/E,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,0CAA0C,EAAE;CAC9E,CAAC;AAEF;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,IAAY,EAAE,OAAe;IACtD,mDAAmD;IACnD,IAAI,IAAI,KAAK,EAAE;QAAE,OAAO,KAAK,CAAC;IAE9B,8DAA8D;IAC9D,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAEtC,wBAAwB;IACxB,IAAI,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAEnC,qDAAqD;IACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAEtC,0DAA0D;IAC1D,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAE7C,mCAAmC;IACnC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAEvC,6DAA6D;IAC7D,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAEvC,kFAAkF;IAClF,IAAI,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAEnF,gDAAgD;IAChD,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IACtD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAExC,uDAAuD;IACvD,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,cAAc,GAAG,GAAG,CAAC,IAAI,YAAY,KAAK,cAAc,EAAE,CAAC;QACtF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,SAAS,CAAC,QAAgB;IACxC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,KAAK,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;IAClC,OAAO,KAAK,CAAC,cAAc,EAAE,CAAC;AAChC,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAC9B,YAAoB,EACpB,OAAe;IAEf,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE,OAAO,CAAC,EAAE,CAAC;QACvC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,mBAAmB,EAAE,CAAC;IACrD,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAqB;IACvD,sFAAsF;IACtF,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,eAAe,EAAE;IACzD,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,eAAe,EAAE;IACrD,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,eAAe,EAAE;IACtD,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,qBAAqB,EAAE;IACnE,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,qBAAqB,EAAE;IAC5D,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,qBAAqB,EAAE;IAC5D,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,qBAAqB,EAAE;IAC5D,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,qBAAqB,EAAE;IAC3D,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,qBAAqB,EAAE;CAC5D,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,UAAU,aAAa,CAAC,OAAe;IAC3C,2CAA2C;IAC3C,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QACtC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;IACjD,CAAC;IAED,iCAAiC;IACjC,KAAK,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,gBAAgB,EAAE,CAAC;QACrD,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,QAAQ,EAAE,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;IAED,wCAAwC;IACxC,KAAK,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,uBAAuB,EAAE,CAAC;QAC5D,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC1B,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,QAAQ,EAAE,EAAE,CAAC;QAChE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC"}

package/dist/state/session.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Session-level state for tracking archive metadata across tool calls.
+ *
+ * When extract_archive succeeds, we store the format and password used.
+ * When download_file runs with archive: true, we look up matching metadata
+ * to re-use the same format and password for the download archive.
+ */
+export declare const DEFAULT_ARCHIVE_PASSWORD = "infected";
+export declare const DEFAULT_ARCHIVE_FORMAT: "zip";
+export interface ArchiveMetadata {
+    format: "zip" | "7z" | "rar";
+    password: string;
+}
+export declare class SessionState {
+    /**
+     * Maps sample filenames to the archive metadata from their extraction.
+     * Keys include both the archive filename and each extracted filename.
+     */
+    private archiveInfo;
+    /**
+     * Store archive metadata after a successful extraction.
+     *
+     * @param archiveFile - The archive filename (e.g., "sample.zip")
+     * @param extractedFiles - List of extracted filenames
+     * @param format - Archive format used
+     * @param password - Password that worked (empty string if none)
+     */
+    storeArchiveInfo(archiveFile: string, extractedFiles: string[], format: ArchiveMetadata["format"], password: string): void;
+    /**
+     * Look up archive metadata for a given filename.
+     * Returns undefined if no metadata was stored for this file.
+     */
+    getArchiveInfo(filename: string): ArchiveMetadata | undefined;
+}
+//# sourceMappingURL=session.d.ts.map

package/dist/state/session.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../../src/state/session.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,eAAO,MAAM,wBAAwB,aAAa,CAAC;AACnD,eAAO,MAAM,sBAAsB,EAAG,KAAc,CAAC;AAErD,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,KAAK,GAAG,IAAI,GAAG,KAAK,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,YAAY;IACvB;;;OAGG;IACH,OAAO,CAAC,WAAW,CAAsC;IAEzD;;;;;;;OAOG;IACH,gBAAgB,CACd,WAAW,EAAE,MAAM,EACnB,cAAc,EAAE,MAAM,EAAE,EACxB,MAAM,EAAE,eAAe,CAAC,QAAQ,CAAC,EACjC,QAAQ,EAAE,MAAM,GACf,IAAI;IAaP;;;OAGG;IACH,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS;CAG9D"}

package/dist/state/session.js

@@ -0,0 +1,45 @@
+/**
+ * Session-level state for tracking archive metadata across tool calls.
+ *
+ * When extract_archive succeeds, we store the format and password used.
+ * When download_file runs with archive: true, we look up matching metadata
+ * to re-use the same format and password for the download archive.
+ */
+import { basename } from "path";
+export const DEFAULT_ARCHIVE_PASSWORD = "infected";
+export const DEFAULT_ARCHIVE_FORMAT = "zip";
+export class SessionState {
+    /**
+     * Maps sample filenames to the archive metadata from their extraction.
+     * Keys include both the archive filename and each extracted filename.
+     */
+    archiveInfo = new Map();
+    /**
+     * Store archive metadata after a successful extraction.
+     *
+     * @param archiveFile - The archive filename (e.g., "sample.zip")
+     * @param extractedFiles - List of extracted filenames
+     * @param format - Archive format used
+     * @param password - Password that worked (empty string if none)
+     */
+    storeArchiveInfo(archiveFile, extractedFiles, format, password) {
+        const meta = { format, password };
+        this.archiveInfo.set(archiveFile, meta);
+        for (const file of extractedFiles) {
+            this.archiveInfo.set(file, meta);
+            // Also store by basename so download_file can look up by basename(file_path)
+            const base = basename(file);
+            if (base !== file) {
+                this.archiveInfo.set(base, meta);
+            }
+        }
+    }
+    /**
+     * Look up archive metadata for a given filename.
+     * Returns undefined if no metadata was stored for this file.
+     */
+    getArchiveInfo(filename) {
+        return this.archiveInfo.get(filename);
+    }
+}
+//# sourceMappingURL=session.js.map

package/dist/state/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/state/session.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,MAAM,CAAC;AAEhC,MAAM,CAAC,MAAM,wBAAwB,GAAG,UAAU,CAAC;AACnD,MAAM,CAAC,MAAM,sBAAsB,GAAG,KAAc,CAAC;AAOrD,MAAM,OAAO,YAAY;IACvB;;;OAGG;IACK,WAAW,GAAG,IAAI,GAAG,EAA2B,CAAC;IAEzD;;;;;;;OAOG;IACH,gBAAgB,CACd,WAAmB,EACnB,cAAwB,EACxB,MAAiC,EACjC,QAAgB;QAEhB,MAAM,IAAI,GAAoB,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;QACnD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QACxC,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;YAClC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACjC,6EAA6E;YAC7E,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC5B,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAClB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,cAAc,CAAC,QAAgB;QAC7B,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;CACF"}

package/dist/tools/definitions.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Static tool definitions for all REMnux analysis tools.
+ *
+ * Each entry normalizes how a tool is invoked so the invoker doesn't need
+ * to know CLI quirks. Descriptions sourced from REMnux docs.
+ */
+import type { ToolDefinition } from "./registry.js";
+export declare const TOOL_DEFINITIONS: ToolDefinition[];
+//# sourceMappingURL=definitions.d.ts.map

package/dist/tools/definitions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"definitions.d.ts","sourceRoot":"","sources":["../../src/tools/definitions.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAEpD,eAAO,MAAM,gBAAgB,EAAE,cAAc,EA+sB5C,CAAC"}