@reverse-craft/ai-tools 1.0.3 → 1.0.5

package/dist/{tools/findJsvmpDispatcherTool.test.d.ts → __tests__/findJsvmpDispatcherTool.property.test.d.ts}

@@ -4,4 +4,4 @@
  * Tests the MCP tool's input validation and response format properties.
  */
 export {};
-//# sourceMappingURL=findJsvmpDispatcherTool.test.d.ts.map
+//# sourceMappingURL=findJsvmpDispatcherTool.property.test.d.ts.map

package/dist/__tests__/findJsvmpDispatcherTool.property.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"findJsvmpDispatcherTool.property.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/findJsvmpDispatcherTool.property.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG"}

package/dist/jsvmpDetector.d.ts

@@ -15,13 +15,37 @@ export interface FormattedCode {
 /**
  * Detection type for JSVMP patterns
  */
-export type DetectionType = "If-Else Dispatcher" | "Switch Dispatcher" | "Instruction Array" | "Stack Operation";
+export type DetectionType = "If-Else Dispatcher" | "Switch Dispatcher" | "Instruction Array";
 /**
  * Confidence level for detection results
  */
 export type ConfidenceLevel = "ultra_high" | "high" | "medium" | "low";
 /**
- * A detected region in the code
+ * VM Component variable identification
+ */
+export interface VMComponentVariable {
+    variable_name: string | null;
+    confidence: ConfidenceLevel;
+    reasoning: string;
+}
+/**
+ * VM Components for a JSVMP instance
+ */
+export interface VMComponents {
+    instruction_pointer: VMComponentVariable;
+    stack_pointer: VMComponentVariable;
+    virtual_stack: VMComponentVariable;
+    bytecode_array: VMComponentVariable;
+}
+/**
+ * Debugging entry point information
+ */
+export interface DebuggingEntryPoint {
+    line_number: number;
+    description: string;
+}
+/**
+ * A detected region in the code (enhanced with VM components)
  */
 export interface DetectionRegion {
     start: number;
@@ -29,12 +53,21 @@ export interface DetectionRegion {
     type: DetectionType;
     confidence: ConfidenceLevel;
     description: string;
+    vm_components?: VMComponents;
+    debugging_entry_point?: DebuggingEntryPoint;
+}
+/**
+ * Summary information for detection result
+ */
+export interface DetectionSummary {
+    overall_description: string;
+    debugging_recommendation: string;
 }
 /**
- * Complete detection result from LLM analysis
+ * Complete detection result from LLM analysis (enhanced)
  */
 export interface DetectionResult {
-    summary: string;
+    summary: string | DetectionSummary;
     regions: DetectionRegion[];
 }
 /**
@@ -120,8 +153,9 @@ export declare function createBatches(formattedLines: string[], maxTokensPerBatc
  * Validates:
  * - JSON is parseable
  * - Required fields exist: summary, regions
- * - Each region has required fields: start, end, type, confidence, description
+ * - Each region has required fields: start/start_line, end/end_line, type, confidence, description
  * - Enum values are valid
+ * - Supports both old and new JSON formats
  *
  * @param jsonString - JSON string from LLM response
  * @returns Parsed and validated DetectionResult

package/dist/jsvmpDetector.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jsvmpDetector.d.ts","sourceRoot":"","sources":["../src/jsvmpDetector.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAiC,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAG1E;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GACrB,oBAAoB,GACpB,mBAAmB,GACnB,mBAAmB,GACnB,iBAAiB,CAAC;AAEtB;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,YAAY,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEvE;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,aAAa,CAAC;IACpB,UAAU,EAAE,eAAe,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,eAAe,EAAE,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,eAAe,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAsBD;;;;;;;;;;;;;;;GAeG;AACH,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAY,GACtB,OAAO,CAAC,aAAa,CAAC,CAuDxB;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,gBAAgB,CACpC,QAAQ,EAAE,MAAM,EAChB,SAAS,GAAE,MAAY,GACtB,OAAO,CAAC,mBAAmB,CAAC,CAiD9B;AAcD;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAC3B,cAAc,EAAE,MAAM,EAAE,EACxB,iBAAiB,EAAE,MAAM,GACxB,SAAS,EAAE,CAgCb;AAoCD;;;;;;;;;;;;GAYG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,eAAe,CAoFxE;AAiCD;;;;;;;;;GASG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,eAAe,CA8DjF;AAiBD;;;;;;;;GAQG;AACH,wBAAsB,+BAA+B,CACnD,MAAM,EAAE,SAAS,EACjB,OAAO,EAAE,SAAS,EAAE,GACnB,OAAO,CAAC;IAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC,CAkB3D;AAED;;;;;;GAMG;AACH,wBAAsB,mBAAmB,CACvC,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CA+E/B"}
+{"version":3,"file":"jsvmpDetector.d.ts","sourceRoot":"","sources":["../src/jsvmpDetector.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAiC,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAG1E;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GACrB,oBAAoB,GACpB,mBAAmB,GACnB,mBAAmB,CAAC;AAExB;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,YAAY,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEvE;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,eAAe,CAAC;IAC5B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,mBAAmB,EAAE,mBAAmB,CAAC;IACzC,aAAa,EAAE,mBAAmB,CAAC;IACnC,aAAa,EAAE,mBAAmB,CAAC;IACnC,cAAc,EAAE,mBAAmB,CAAC;CACrC;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,aAAa,CAAC;IACpB,UAAU,EAAE,eAAe,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,YAAY,CAAC;IAC7B,qBAAqB,CAAC,EAAE,mBAAmB,CAAC;CAC7C;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,wBAAwB,EAAE,MAAM,CAAC;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,GAAG,gBAAgB,CAAC;IACnC,OAAO,EAAE,eAAe,EAAE,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,eAAe,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;CACpB;AAsBD;;;;;;;;;;;;;;;GAeG;AACH,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,SAAS,GAAE,MAAY,GACtB,OAAO,CAAC,aAAa,CAAC,CAuDxB;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAsB,gBAAgB,CACpC,QAAQ,EAAE,MAAM,EAChB,SAAS,GAAE,MAAY,GACtB,OAAO,CAAC,mBAAmB,CAAC,CAiD9B;AAcD;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAC3B,cAAc,EAAE,MAAM,EAAE,EACxB,iBAAiB,EAAE,MAAM,GACxB,SAAS,EAAE,CAgCb;AA4GD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,eAAe,CA2GxE;AA0ED;;;;;;;;;GASG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,eAAe,EAAE,GAAG,eAAe,CA8EjF;AAiBD;;;;;;;;GAQG;AACH,wBAAsB,+BAA+B,CACnD,MAAM,EAAE,SAAS,EACjB,OAAO,EAAE,SAAS,EAAE,GACnB,OAAO,CAAC;IAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CAAC,CAkB3D;AAED;;;;;;GAMG;AACH,wBAAsB,mBAAmB,CACvC,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,qBAAqB,GAC9B,OAAO,CAAC,oBAAoB,CAAC,CA+E/B"}

package/dist/llmConfig.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"llmConfig.d.ts","sourceRoot":"","sources":["../src/llmConfig.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AAExC;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,WAAW,GAAG,QAAQ,CAAC;AAE5D;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,WAAW,EAAE;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAIpE,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,WAAW,EAAE;IAClD,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAgBA,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,WAAW,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,WAAW,GAAG,IAAI,CAM9E;AAED;;;GAGG;AACH,wBAAgB,YAAY,IAAI,SAAS,GAAG,IAAI,CAoC/C;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB;;;;OAIG;IACH,YAAY,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACtD;AA6DD;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,SAAS,GAAG,aAAa,CAwBpE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,SAAS,GAAG,SAAS,CAyB5D"}
+{"version":3,"file":"llmConfig.d.ts","sourceRoot":"","sources":["../src/llmConfig.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AAExC;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,WAAW,GAAG,QAAQ,CAAC;AAE5D;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,WAAW,EAAE;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,CAIpE,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,WAAW,EAAE;IAClD,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAgBA,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,WAAW,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,WAAW,GAAG,IAAI,CAM9E;AAED;;;GAGG;AACH,wBAAgB,YAAY,IAAI,SAAS,GAAG,IAAI,CAoC/C;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB;;;;OAIG;IACH,YAAY,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CACtD;AAgGD;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,SAAS,GAAG,aAAa,CAwBpE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,SAAS,GAAG,SAAS,CAyB5D"}

package/dist/server.js

@@ -78,53 +78,83 @@ function buildJSVMPSystemPrompt() {
   return `You are a Senior JavaScript Reverse Engineer and De-obfuscation Expert. Your specialty is analyzing **JSVMP (JavaScript Virtual Machine Protection)**.
 
 **Context: What is JSVMP?**
-JSVMP is a protection technique where original JavaScript code is compiled into custom **bytecode** and executed by a custom **interpreter** (virtual machine) written in JavaScript.
+JSVMP is a protection technique where original JavaScript code is compiled into custom **bytecode** and executed by a custom **interpreter** (virtual machine) written in JavaScript. A single JavaScript file may contain **multiple, independent JSVMP instances**.
 
-Key components of JSVMP code include:
-1. **The Virtual Stack:** A central array used to store operands and results (e.g., \`stack[pointer++]\` or \`v[p--]\`).
-2. **The Dispatcher:** A control flow structure inside a loop that decides which instruction to execute next based on the current bytecode (opcode).
-   * *Common variants:* A massive \`switch\` statement, a deeply nested \`if-else\` chain (binary search style), or a function array mapping (\`handlers[opcode]()\`).
-3. **The Bytecode:** A large string or array of integers representing the program logic.
+Key components of each JSVMP instance include:
+1. **The Bytecode Array:** A large array of integers representing the program logic for that specific VM.
+2. **The Virtual Stack:** A central array used to store operands and results for that VM.
+3. **The Dispatcher:** A control flow structure (e.g., a \`while\` loop with a \`switch\` or \`if-else\` chain) that reads an opcode and executes the corresponding logic for that VM.
+4. **Key State Variables:** The "registers" of a specific VM, such as its **Instruction Pointer (IP/PC)** and **Stack Pointer (SP)**.
+5. **Debugging Entry Point:** The single most critical line number within a specific dispatcher loop to set a breakpoint for observing that VM's state.
 
 **Task:**
-Analyze the provided JavaScript code snippet to identify regions that match JSVMP structural patterns.
+Your primary task is to analyze the provided JavaScript code snippet to identify **all independent JSVMP instances** and produce a comprehensive report for each one. You are NOT creating or analyzing any Intermediate Representation (IR). Your goal is to provide the necessary information for a subsequent tool to analyze each VM instance separately and create its IR and mappings.
+
+Specifically, for **EACH** JSVMP instance you identify, you must:
+1. Define its location (**region**) and dispatcher type.
+2. Identify the specific **variables** that function as its core **Key State Variables** (Instruction Pointer, Stack Pointer, Virtual Stack, and Bytecode Array).
+3. Pinpoint the exact source code **line number** that serves as its optimal **Debugging Entry Point**.
+4. Summarize all findings in a single, structured JSON output.
 
 **Input Data Format:**
 The code is provided in a simplified format: \`LineNo SourceLoc Code\`.
 * **Example:** \`10 L234:56 var x = stack[p++];\`
-* **Instruction:** Focus on the **LineNo** (1st column) and **Code** (3rd column onwards). Ignore the \`SourceLoc\` (middle column).
-
-**Detection Rules & Confidence Levels:**
-Please assign confidence based on the following criteria:
-
-* **Ultra High:**
-  * A combination of a **Main Loop** + **Dispatcher** + **Stack Operations** appears in the same block.
-  * *Example:* A \`while(true)\` loop containing a huge \`if-else\` chain where branches perform \`stack[p++]\` operations.
+* **Instruction:** Focus on the **LineNo** (1st column) and **Code** (3rd column onwards).
 
-* **High:**
-  * Distinct **Dispatcher** structures found (e.g., a \`switch\` with >20 cases, or an \`if-else\` chain nested >10 levels deep checking integer values).
-  * Large arrays containing only function definitions (Instruction Handlers).
-
-* **Medium:**
-  * Isolated **Stack Operations** (e.g., \`v2[p2] = v2[p2 - 1]\`) without visible dispatchers nearby.
-  * Suspicious \`while\` loops iterating over a string/array.
-
-* **Low:**
-  * Generic obfuscation patterns (short variable names, comma operators) that *might* be part of a VM but lack specific structural proof.
+**Detection Rules:**
+* **Region Identification:** An individual JSVMP instance is often characterized by a self-contained block containing a **Main Loop** + **Dispatcher** + **Stack Operations**.
+* **Instruction Pointer (IP) Identification:**
+  * It is used as the **index for the Bytecode Array of its VM instance**.
+  * It is **predictably incremented** in almost every loop iteration.
+  * In some branches (jumps), it is **overwritten** with a new value.
+* **Stack Pointer (SP) Identification:**
+  * It is used as the **index for the Virtual Stack array of its VM instance**.
+  * Its value consistently **increments after a write** (push) and **decrements before a read** (pop).
+* **Debugging Entry Point Identification:**
+  * This is the line **inside a specific dispatcher loop** but **before its \`switch\` or \`if-else\` chain begins**. It is typically located right after the \`opcode\` is read from the bytecode array.
 
 **Output Format:**
 Return **ONLY valid JSON**. No markdown wrapper, no conversational text.
 
 **JSON Schema:**
 {
-  "summary": "Brief analysis of the code structure in chinese, shortly",
+  "summary": {
+    "overall_description": "\u5BF9\u5728\u6587\u4EF6\u4E2D\u53D1\u73B0\u7684JSVMP\u5B9E\u4F8B\u6570\u91CF\u548C\u7C7B\u578B\u7684\u7B80\u8981\u4E2D\u6587\u603B\u7ED3\u3002",
+    "debugging_recommendation": "\u4E3A\u4E0B\u4E00\u6B65\u5206\u6790\u63D0\u4F9B\u7684\u603B\u4F53\u4E2D\u6587\u5EFA\u8BAE\u3002\u4F8B\u5982\uFF1A'\u5DF2\u8BC6\u522B\u51FA N \u4E2A\u72EC\u7ACB\u7684JSVMP\u5B9E\u4F8B\u3002\u5EFA\u8BAE\u5BF9\u6BCF\u4E2A\u5B9E\u4F8B\u5206\u522B\u5728\u6307\u5B9A\u7684"\u8C03\u8BD5\u5165\u53E3\u70B9"\u8BBE\u7F6E\u6761\u4EF6\u65AD\u70B9\uFF0C\u5E76\u76D1\u63A7\u5176\u5404\u81EA\u7684\u7EC4\u4EF6\u53D8\u91CF\u3002'"
+  },
   "regions": [
     {
-      "start": <start_line>,
-      "end": <end_line>,
-      "type": "<If-Else Dispatcher | Switch Dispatcher | Instruction Array | Stack Operation>",
+      "start_line": "<start_line_integer>",
+      "end_line": "<end_line_integer>",
+      "type": "<If-Else Dispatcher | Switch Dispatcher | Instruction Array>",
       "confidence": "<ultra_high | high | medium | low>",
-      "description": "<Why you flagged this. Mention specific variables like 'v2', 'p2' or structures. in chinese, shortly>"
+      "description": "\u5BF9\u8FD9\u4E2A\u7279\u5B9AJSVMP\u5B9E\u4F8B\u7684\u7B80\u8981\u4E2D\u6587\u63CF\u8FF0\u3002",
+      "vm_components": {
+        "instruction_pointer": {
+          "variable_name": "<identified_variable_name | null>",
+          "confidence": "<high | medium | low>",
+          "reasoning": "Why this variable is the IP for THIS VM instance. E.g., 'Used as index for bytecode array _0x123 within this region.'"
+        },
+        "stack_pointer": {
+          "variable_name": "<identified_variable_name | null>",
+          "confidence": "<high | medium | low>",
+          "reasoning": "Why this variable is the SP for THIS VM instance. E.g., 'Used as index for stack array _0x456.'"
+        },
+        "virtual_stack": {
+          "variable_name": "<identified_array_name | null>",
+          "confidence": "<high | medium | low>",
+          "reasoning": "Why this array is the stack for THIS VM instance. E.g., 'Frequently accessed using its stack_pointer _0x789.'"
+        },
+        "bytecode_array": {
+          "variable_name": "<identified_array_name | null>",
+          "confidence": "<high | medium | low>",
+          "reasoning": "Why this array is the bytecode for THIS VM instance. E.g., 'A large, static array indexed by its instruction_pointer _0x123.'"
+        }
+      },
+      "debugging_entry_point": {
+        "line_number": "<line_number_integer>",
+        "description": "The optimal breakpoint line for THIS VM instance. E.g., 'This line is after the opcode is fetched and before this region's switch statement.'"
+      }
     }
   ]
 }`;
@@ -309,8 +339,7 @@ function createBatches(formattedLines, maxTokensPerBatch) {
 var VALID_DETECTION_TYPES = [
   "If-Else Dispatcher",
   "Switch Dispatcher",
-  "Instruction Array",
-  "Stack Operation"
+  "Instruction Array"
 ];
 var VALID_CONFIDENCE_LEVELS = [
   "ultra_high",
@@ -324,6 +353,57 @@ function isValidDetectionType(value) {
 function isValidConfidenceLevel(value) {
   return VALID_CONFIDENCE_LEVELS.includes(value);
 }
+function parseVMComponentVariable(obj, fieldName) {
+  const component = obj[fieldName];
+  if (!component || typeof component !== "object") {
+    return null;
+  }
+  const variableName = component.variable_name;
+  const confidence = component.confidence;
+  const reasoning = component.reasoning;
+  if (typeof confidence !== "string" || !isValidConfidenceLevel(confidence)) {
+    return null;
+  }
+  return {
+    variable_name: typeof variableName === "string" ? variableName : null,
+    confidence,
+    reasoning: typeof reasoning === "string" ? reasoning : ""
+  };
+}
+function parseVMComponents(obj) {
+  const vmComponents = obj.vm_components;
+  if (!vmComponents || typeof vmComponents !== "object") {
+    return void 0;
+  }
+  const ip = parseVMComponentVariable(vmComponents, "instruction_pointer");
+  const sp = parseVMComponentVariable(vmComponents, "stack_pointer");
+  const stack = parseVMComponentVariable(vmComponents, "virtual_stack");
+  const bytecode = parseVMComponentVariable(vmComponents, "bytecode_array");
+  if (!ip && !sp && !stack && !bytecode) {
+    return void 0;
+  }
+  return {
+    instruction_pointer: ip ?? { variable_name: null, confidence: "low", reasoning: "" },
+    stack_pointer: sp ?? { variable_name: null, confidence: "low", reasoning: "" },
+    virtual_stack: stack ?? { variable_name: null, confidence: "low", reasoning: "" },
+    bytecode_array: bytecode ?? { variable_name: null, confidence: "low", reasoning: "" }
+  };
+}
+function parseDebuggingEntryPoint(obj) {
+  const entryPoint = obj.debugging_entry_point;
+  if (!entryPoint || typeof entryPoint !== "object") {
+    return void 0;
+  }
+  const lineNumber = entryPoint.line_number;
+  const description = entryPoint.description;
+  if (typeof lineNumber !== "number") {
+    return void 0;
+  }
+  return {
+    line_number: lineNumber,
+    description: typeof description === "string" ? description : ""
+  };
+}
 function parseDetectionResult(jsonString) {
   let parsed;
   try {
@@ -335,7 +415,19 @@ function parseDetectionResult(jsonString) {
     throw new Error("LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0C\u671F\u671B\u5BF9\u8C61\u7C7B\u578B");
   }
   const obj = parsed;
-  if (typeof obj.summary !== "string") {
+  let summary;
+  if (typeof obj.summary === "string") {
+    summary = obj.summary;
+  } else if (typeof obj.summary === "object" && obj.summary !== null) {
+    const summaryObj = obj.summary;
+    if (typeof summaryObj.overall_description !== "string" || typeof summaryObj.debugging_recommendation !== "string") {
+      throw new Error("LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Csummary \u5BF9\u8C61\u7F3A\u5C11\u5FC5\u9700\u5B57\u6BB5");
+    }
+    summary = {
+      overall_description: summaryObj.overall_description,
+      debugging_recommendation: summaryObj.debugging_recommendation
+    };
+  } else {
     throw new Error("LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0C\u7F3A\u5C11\u5FC5\u9700\u5B57\u6BB5: summary");
   }
   if (!Array.isArray(obj.regions)) {
@@ -347,11 +439,13 @@ function parseDetectionResult(jsonString) {
     if (typeof region !== "object" || region === null) {
       throw new Error(`LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Cregions[${i}] \u4E0D\u662F\u5BF9\u8C61`);
     }
-    if (typeof region.start !== "number") {
-      throw new Error(`LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Cregions[${i}] \u7F3A\u5C11\u5FC5\u9700\u5B57\u6BB5: start`);
+    const startLine = region.start_line ?? region.start;
+    const endLine = region.end_line ?? region.end;
+    if (typeof startLine !== "number") {
+      throw new Error(`LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Cregions[${i}] \u7F3A\u5C11\u5FC5\u9700\u5B57\u6BB5: start_line \u6216 start`);
     }
-    if (typeof region.end !== "number") {
-      throw new Error(`LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Cregions[${i}] \u7F3A\u5C11\u5FC5\u9700\u5B57\u6BB5: end`);
+    if (typeof endLine !== "number") {
+      throw new Error(`LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Cregions[${i}] \u7F3A\u5C11\u5FC5\u9700\u5B57\u6BB5: end_line \u6216 end`);
     }
     if (typeof region.type !== "string") {
       throw new Error(`LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Cregions[${i}] \u7F3A\u5C11\u5FC5\u9700\u5B57\u6BB5: type`);
@@ -372,16 +466,20 @@ function parseDetectionResult(jsonString) {
         `LLM \u54CD\u5E94\u683C\u5F0F\u65E0\u6548\uFF0Cregions[${i}].confidence \u503C\u65E0\u6548: "${region.confidence}". \u6709\u6548\u503C: ${VALID_CONFIDENCE_LEVELS.join(", ")}`
       );
     }
+    const vmComponents = parseVMComponents(region);
+    const debuggingEntryPoint = parseDebuggingEntryPoint(region);
     validatedRegions.push({
-      start: region.start,
-      end: region.end,
+      start: startLine,
+      end: endLine,
       type: region.type,
       confidence: region.confidence,
-      description: region.description
+      description: region.description,
+      ...vmComponents && { vm_components: vmComponents },
+      ...debuggingEntryPoint && { debugging_entry_point: debuggingEntryPoint }
     });
   }
   return {
-    summary: obj.summary,
+    summary,
     regions: validatedRegions
   };
 }
@@ -390,13 +488,45 @@ function formatDetectionResultOutput(result, filePath, totalLines, batchCount) {
   lines.push("=== JSVMP Dispatcher Detection Result ===");
   lines.push(`File: ${filePath} (${totalLines} lines, ${batchCount} batch${batchCount > 1 ? "es" : ""})`);
   lines.push("");
-  lines.push(`Summary: ${result.summary}`);
+  if (typeof result.summary === "string") {
+    lines.push(`Summary: ${result.summary}`);
+  } else {
+    lines.push(`Summary: ${result.summary.overall_description}`);
+    lines.push(`Recommendation: ${result.summary.debugging_recommendation}`);
+  }
   lines.push("");
   if (result.regions.length > 0) {
-    lines.push("Detected Regions:");
-    for (const region of result.regions) {
+    lines.push(`Detected Regions (${result.regions.length} JSVMP instance${result.regions.length > 1 ? "s" : ""}):`);
+    lines.push("");
+    for (let i = 0; i < result.regions.length; i++) {
+      const region = result.regions[i];
+      lines.push(`--- Instance ${i + 1} ---`);
       lines.push(`[${region.confidence}] Lines ${region.start}-${region.end}: ${region.type}`);
       lines.push(`  ${region.description}`);
+      if (region.vm_components) {
+        lines.push("  VM Components:");
+        const { instruction_pointer, stack_pointer, virtual_stack, bytecode_array } = region.vm_components;
+        if (instruction_pointer.variable_name) {
+          lines.push(`    - Instruction Pointer: ${instruction_pointer.variable_name} [${instruction_pointer.confidence}]`);
+          lines.push(`      ${instruction_pointer.reasoning}`);
+        }
+        if (stack_pointer.variable_name) {
+          lines.push(`    - Stack Pointer: ${stack_pointer.variable_name} [${stack_pointer.confidence}]`);
+          lines.push(`      ${stack_pointer.reasoning}`);
+        }
+        if (virtual_stack.variable_name) {
+          lines.push(`    - Virtual Stack: ${virtual_stack.variable_name} [${virtual_stack.confidence}]`);
+          lines.push(`      ${virtual_stack.reasoning}`);
+        }
+        if (bytecode_array.variable_name) {
+          lines.push(`    - Bytecode Array: ${bytecode_array.variable_name} [${bytecode_array.confidence}]`);
+          lines.push(`      ${bytecode_array.reasoning}`);
+        }
+      }
+      if (region.debugging_entry_point) {
+        lines.push(`  Debugging Entry Point: Line ${region.debugging_entry_point.line_number}`);
+        lines.push(`    ${region.debugging_entry_point.description}`);
+      }
       lines.push("");
     }
   } else {
@@ -412,8 +542,20 @@ function mergeDetectionResults(results) {
     const sortedRegions = [...results[0].regions].sort((a, b) => a.start - b.start);
     return { summary: results[0].summary, regions: sortedRegions };
   }
-  const summaries = results.map((r, i) => `[Batch ${i + 1}] ${r.summary}`);
-  const combinedSummary = summaries.join("\n");
+  const summaryParts = [];
+  for (let i = 0; i < results.length; i++) {
+    const summary = results[i].summary;
+    if (typeof summary === "string") {
+      summaryParts.push(`[Batch ${i + 1}] ${summary}`);
+    } else {
+      summaryParts.push(`[Batch ${i + 1}] ${summary.overall_description}`);
+    }
+  }
+  const lastSummary = results[results.length - 1].summary;
+  const combinedSummary = {
+    overall_description: summaryParts.join("\n"),
+    debugging_recommendation: typeof lastSummary === "string" ? "\u8BF7\u53C2\u8003\u5404\u6279\u6B21\u7684\u5206\u6790\u7ED3\u679C\u8FDB\u884C\u8C03\u8BD5\u3002" : lastSummary.debugging_recommendation
+  };
   const allRegions = [];
   for (const result of results) {
     allRegions.push(...result.regions);
@@ -539,15 +681,16 @@ var findJsvmpDispatcherTool = defineTool({
   name: "find_jsvmp_dispatcher",
   description: `Detect JSVMP (JavaScript Virtual Machine Protection) patterns in code using LLM analysis.
 
-JSVMP is a code protection technique that converts JavaScript to bytecode executed by a virtual machine. This tool identifies:
-- If-Else Dispatchers: Nested if-else chains for instruction dispatch
-- Switch Dispatchers: Large switch statements (>20 cases) for opcode handling
-- Instruction Arrays: Arrays storing bytecode instructions
-- Stack Operations: Virtual stack push/pop patterns
+JSVMP is a code protection technique that converts JavaScript to bytecode executed by a virtual machine. A single file may contain multiple independent JSVMP instances.
 
-Automatically splits large files into batches based on token limits and merges results.
+This tool identifies for each JSVMP instance:
+- Region location and dispatcher type (If-Else Dispatcher, Switch Dispatcher, Instruction Array)
+- VM Components: Instruction Pointer (IP), Stack Pointer (SP), Virtual Stack, Bytecode Array
+- Debugging Entry Point: The optimal line number to set breakpoints
 
-Returns detection results with confidence levels (ultra_high, high, medium, low) and detailed descriptions.
+Detection confidence levels: ultra_high, high, medium, low
+
+Automatically splits large files into batches based on token limits and merges results.
 
 Requires OPENAI_API_KEY environment variable. Optional: OPENAI_BASE_URL, OPENAI_MODEL.`,
   schema: FindJsvmpDispatcherInputSchema,