@rexymayderio/sentinel 0.1.0

package/dist/analyzers/metadata-analyzer.js

@@ -0,0 +1,105 @@
+import { createFinding } from '../domain/finding.js';
+const MS_PER_DAY = 1000 * 60 * 60 * 24;
+const DAYS_PER_YEAR = 365;
+const NEW_PACKAGE_DAYS = 30;
+const RECENT_UPDATE_DAYS = 7;
+const ESTABLISHED_PACKAGE_DAYS = 365;
+const LOW_DOWNLOAD_THRESHOLD = 100;
+export class MetadataAnalyzer {
+    id = 'metadata';
+    supports() {
+        return true;
+    }
+    async analyze(ctx) {
+        const findings = [];
+        const { metadata } = ctx.artifact;
+        if (!metadata.name) {
+            findings.push(createFinding({
+                category: 'metadata',
+                severity: 'MEDIUM',
+                title: 'Missing package name',
+                description: 'No package name found in metadata',
+                ruleId: 'missing-name',
+            }));
+        }
+        if (!metadata.license) {
+            findings.push(createFinding({
+                category: 'metadata',
+                severity: 'LOW',
+                title: 'Missing license',
+                description: 'No license information found',
+                ruleId: 'missing-license',
+            }));
+        }
+        if (!metadata.repository) {
+            findings.push(createFinding({
+                category: 'metadata',
+                severity: 'LOW',
+                title: 'Missing repository',
+                description: 'No source repository linked',
+                ruleId: 'missing-repo',
+            }));
+        }
+        const firstPublish = metadata.firstPublishDate ?? metadata.publishDate;
+        const daysSinceFirstPublish = firstPublish
+            ? (Date.now() - new Date(firstPublish).getTime()) / MS_PER_DAY
+            : undefined;
+        const isNewPackage = daysSinceFirstPublish !== undefined && daysSinceFirstPublish < NEW_PACKAGE_DAYS;
+        if (daysSinceFirstPublish !== undefined) {
+            if (isNewPackage) {
+                findings.push(createFinding({
+                    category: 'metadata',
+                    severity: 'HIGH',
+                    title: 'Newly created package',
+                    description: `Package first published ${Math.round(daysSinceFirstPublish)} days ago - may be premature or impersonating`,
+                    ruleId: 'new-package',
+                }));
+            }
+            else if (daysSinceFirstPublish > ESTABLISHED_PACKAGE_DAYS) {
+                findings.push(createFinding({
+                    category: 'metadata',
+                    severity: 'INFO',
+                    title: 'Established package',
+                    description: `Package has existed for over ${Math.floor(daysSinceFirstPublish / DAYS_PER_YEAR)} year(s)`,
+                    ruleId: 'long-history',
+                    positive: true,
+                }));
+            }
+        }
+        // Flag a fresh release of an existing package separately: supply-chain
+        // attacks frequently ship malicious code in a new version of a trusted package.
+        if (metadata.publishDate && !isNewPackage) {
+            const daysSinceUpdate = (Date.now() - new Date(metadata.publishDate).getTime()) / MS_PER_DAY;
+            if (daysSinceUpdate < RECENT_UPDATE_DAYS) {
+                findings.push(createFinding({
+                    category: 'metadata',
+                    severity: 'LOW',
+                    title: 'Recently updated version',
+                    description: `Current version was published ${Math.round(daysSinceUpdate)} day(s) ago - review the latest changes for newly introduced code`,
+                    ruleId: 'recent-update',
+                }));
+            }
+        }
+        if (metadata.verifiedPublisher) {
+            findings.push(createFinding({
+                category: 'metadata',
+                severity: 'INFO',
+                title: 'Verified publisher',
+                description: 'Package has a verified publisher badge',
+                ruleId: 'verified-publisher',
+                positive: true,
+            }));
+        }
+        if (metadata.downloadCount !== undefined && metadata.downloadCount < LOW_DOWNLOAD_THRESHOLD) {
+            findings.push(createFinding({
+                category: 'metadata',
+                severity: 'MEDIUM',
+                title: 'Low download count',
+                description: `Only ${metadata.downloadCount} weekly downloads`,
+                ruleId: 'low-downloads',
+            }));
+        }
+        return findings;
+    }
+}
+//# sourceMappingURL=metadata-analyzer.js.map

package/dist/analyzers/metadata-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"metadata-analyzer.js","sourceRoot":"","sources":["../../src/analyzers/metadata-analyzer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAGrD,MAAM,UAAU,GAAG,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AACvC,MAAM,aAAa,GAAG,GAAG,CAAC;AAC1B,MAAM,gBAAgB,GAAG,EAAE,CAAC;AAC5B,MAAM,kBAAkB,GAAG,CAAC,CAAC;AAC7B,MAAM,wBAAwB,GAAG,GAAG,CAAC;AACrC,MAAM,sBAAsB,GAAG,GAAG,CAAC;AAEnC,MAAM,OAAO,gBAAgB;IAClB,EAAE,GAAG,UAAU,CAAC;IAEzB,QAAQ;QACN,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAoB;QAChC,MAAM,QAAQ,GAAG,EAAE,CAAC;QACpB,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC;QAElC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC1B,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,sBAAsB;gBAC7B,WAAW,EAAE,mCAAmC;gBAChD,MAAM,EAAE,cAAc;aACvB,CAAC,CAAC,CAAC;QACN,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC1B,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,iBAAiB;gBACxB,WAAW,EAAE,8BAA8B;gBAC3C,MAAM,EAAE,iBAAiB;aAC1B,CAAC,CAAC,CAAC;QACN,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;YACzB,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC1B,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,oBAAoB;gBAC3B,WAAW,EAAE,6BAA6B;gBAC1C,MAAM,EAAE,cAAc;aACvB,CAAC,CAAC,CAAC;QACN,CAAC;QAED,MAAM,YAAY,GAAG,QAAQ,CAAC,gBAAgB,IAAI,QAAQ,CAAC,WAAW,CAAC;QACvE,MAAM,qBAAqB,GAAG,YAAY;YACxC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,GAAG,UAAU;YAC9D,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,YAAY,GAAG,qBAAqB,KAAK,SAAS,IAAI,qBAAqB,GAAG,gBAAgB,CAAC;QAErG,IAAI,qBAAqB,KAAK,SAAS,EAAE,CAAC;YACxC,IAAI,YAAY,EAAE,CAAC;gBACjB,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;oBAC1B,QAAQ,EAAE,UAAU;oBACpB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,uBAAuB;oBAC9B,WAAW,EAAE,2BAA2B,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,+CAA+C;oBACxH,MAAM,EAAE,aAAa;iBACtB,CAAC,CAAC,CAAC;YACN,CAAC;iBAAM,IAAI,qBAAqB,GAAG,wBAAwB,EAAE,CAAC;gBAC5D,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;oBAC1B,QAAQ,EAAE,UAAU;oBACpB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,qBAAqB;oBAC5B,WAAW,EAAE,gCAAgC,IAAI,CAAC,KAAK,CAAC,qBAAqB,GAAG,aAAa,CAAC,UAAU;oBACxG,MAAM,EAAE,cAAc;oBACtB,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAC,CAAC;YACN,CAAC;QACH,CAAC;QAED,uEAAuE;QACvE,gFAAgF;QAChF,IAAI,QAAQ,CAAC,WAAW,IAAI,CAAC,YAAY,EAAE,CAAC;YAC1C,MAAM,eAAe,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,CAAC,GAAG,UAAU,CAAC;YAC7F,IAAI,eAAe,GAAG,kBAAkB,EAAE,CAAC;gBACzC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;oBAC1B,QAAQ,EAAE,UAAU;oBACpB,QAAQ,EAAE,KAAK;oBACf,KAAK,EAAE,0BAA0B;oBACjC,WAAW,EAAE,iCAAiC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,mEAAmE;oBAC5I,MAAM,EAAE,eAAe;iBACxB,CAAC,CAAC,CAAC;YACN,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,CAAC,iBAAiB,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC1B,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,oBAAoB;gBAC3B,WAAW,EAAE,wCAAwC;gBACrD,MAAM,EAAE,oBAAoB;gBAC5B,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC,CAAC;QACN,CAAC;QAED,IAAI,QAAQ,CAAC,aAAa,KAAK,SAAS,IAAI,QAAQ,CAAC,aAAa,GAAG,sBAAsB,EAAE,CAAC;YAC5F,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC1B,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,oBAAoB;gBAC3B,WAAW,EAAE,QAAQ,QAAQ,CAAC,aAAa,mBAAmB;gBAC9D,MAAM,EAAE,eAAe;aACxB,CAAC,CAAC,CAAC;QACN,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/analyzers/network-analyzer.d.ts

@@ -0,0 +1,7 @@
+import type { AnalysisContext, Analyzer } from './analyzer.js';
+export declare class NetworkAnalyzer implements Analyzer {
+    readonly id = "network";
+    supports(): boolean;
+    analyze(ctx: AnalysisContext): Promise<import("../domain/finding.js").Finding[]>;
+}
+//# sourceMappingURL=network-analyzer.d.ts.map

package/dist/analyzers/network-analyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-analyzer.d.ts","sourceRoot":"","sources":["../../src/analyzers/network-analyzer.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAM/D,qBAAa,eAAgB,YAAW,QAAQ;IAC9C,QAAQ,CAAC,EAAE,aAAa;IAExB,QAAQ,IAAI,OAAO;IAIb,OAAO,CAAC,GAAG,EAAE,eAAe;CAuCnC"}

package/dist/analyzers/network-analyzer.js

@@ -0,0 +1,47 @@
+import { createFinding } from '../domain/finding.js';
+import { findMatchingLine } from './match-evidence.js';
+import { NETWORK_RULES } from './rules/index.js';
+const PRIVATE_IP_PATTERN = /\b(?:10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(?:1[6-9]|2\d|3[01])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3})\b/g;
+export class NetworkAnalyzer {
+    id = 'network';
+    supports() {
+        return true;
+    }
+    async analyze(ctx) {
+        const findings = [];
+        for (const file of ctx.artifact.files) {
+            for (const rule of NETWORK_RULES) {
+                rule.pattern.lastIndex = 0;
+                if (rule.pattern.test(file.content)) {
+                    const match = findMatchingLine(file.content, rule.pattern);
+                    findings.push(createFinding({
+                        category: 'network',
+                        severity: rule.severity,
+                        title: rule.title,
+                        description: rule.description,
+                        ruleId: rule.id,
+                        file: file.path,
+                        line: match?.line,
+                        evidence: match?.evidence,
+                    }));
+                }
+            }
+            PRIVATE_IP_PATTERN.lastIndex = 0;
+            if (PRIVATE_IP_PATTERN.test(file.content) && !file.path.includes('test')) {
+                const match = findMatchingLine(file.content, PRIVATE_IP_PATTERN);
+                findings.push(createFinding({
+                    category: 'network',
+                    severity: 'LOW',
+                    title: 'Private IP reference',
+                    description: `Private/local IP address found in ${file.path}`,
+                    ruleId: 'private-ip',
+                    file: file.path,
+                    line: match?.line,
+                    evidence: match?.evidence,
+                }));
+            }
+        }
+        return findings;
+    }
+}
+//# sourceMappingURL=network-analyzer.js.map

package/dist/analyzers/network-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-analyzer.js","sourceRoot":"","sources":["../../src/analyzers/network-analyzer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEjD,MAAM,kBAAkB,GAAG,8IAA8I,CAAC;AAE1K,MAAM,OAAO,eAAe;IACjB,EAAE,GAAG,SAAS,CAAC;IAExB,QAAQ;QACN,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAoB;QAChC,MAAM,QAAQ,GAAG,EAAE,CAAC;QAEpB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACtC,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;gBACjC,IAAI,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBAC3B,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACpC,MAAM,KAAK,GAAG,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;oBAC3D,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;wBAC1B,QAAQ,EAAE,SAAS;wBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,WAAW,EAAE,IAAI,CAAC,WAAW;wBAC7B,MAAM,EAAE,IAAI,CAAC,EAAE;wBACf,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,IAAI,EAAE,KAAK,EAAE,IAAI;wBACjB,QAAQ,EAAE,KAAK,EAAE,QAAQ;qBAC1B,CAAC,CAAC,CAAC;gBACN,CAAC;YACH,CAAC;YAED,kBAAkB,CAAC,SAAS,GAAG,CAAC,CAAC;YACjC,IAAI,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACzE,MAAM,KAAK,GAAG,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;gBACjE,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;oBAC1B,QAAQ,EAAE,SAAS;oBACnB,QAAQ,EAAE,KAAK;oBACf,KAAK,EAAE,sBAAsB;oBAC7B,WAAW,EAAE,qCAAqC,IAAI,CAAC,IAAI,EAAE;oBAC7D,MAAM,EAAE,YAAY;oBACpB,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,IAAI,EAAE,KAAK,EAAE,IAAI;oBACjB,QAAQ,EAAE,KAAK,EAAE,QAAQ;iBAC1B,CAAC,CAAC,CAAC;YACN,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/analyzers/rules/index.d.ts

@@ -0,0 +1,19 @@
+import type { Severity } from '../../domain/finding.js';
+export interface Rule {
+    readonly id: string;
+    readonly pattern: RegExp;
+    readonly severity: Severity;
+    readonly title: string;
+    readonly description: string;
+    readonly languages?: string[];
+}
+export declare const DANGEROUS_API_RULES: Rule[];
+export declare const SECRET_RULES: Rule[];
+export declare const NETWORK_RULES: Rule[];
+export declare const OBFUSCATION_RULES: Rule[];
+export declare const AI_INJECTION_RULES: Rule[];
+export declare const ZERO_WIDTH_CHARS: RegExp;
+export declare const INVISIBLE_UNICODE: RegExp;
+export declare const POPULAR_NPM_PACKAGES: string[];
+export declare const SUSPICIOUS_TLDS: string[];
+//# sourceMappingURL=index.d.ts.map

package/dist/analyzers/rules/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analyzers/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAExD,MAAM,WAAW,IAAI;IACnB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AAED,eAAO,MAAM,mBAAmB,EAAE,IAAI,EAoBrC,CAAC;AAEF,eAAO,MAAM,YAAY,EAAE,IAAI,EAW9B,CAAC;AAEF,eAAO,MAAM,aAAa,EAAE,IAAI,EAU/B,CAAC;AAEF,eAAO,MAAM,iBAAiB,EAAE,IAAI,EAInC,CAAC;AAEF,eAAO,MAAM,kBAAkB,EAAE,IAAI,EAWpC,CAAC;AAEF,eAAO,MAAM,gBAAgB,QAA4C,CAAC;AAC1E,eAAO,MAAM,iBAAiB,QAA4E,CAAC;AAE3G,eAAO,MAAM,oBAAoB,UAIhC,CAAC;AAEF,eAAO,MAAM,eAAe,UAAyE,CAAC"}

package/dist/analyzers/rules/index.js

@@ -0,0 +1,70 @@
+export const DANGEROUS_API_RULES = [
+    { id: 'eval', pattern: /\beval\s*\(/g, severity: 'CRITICAL', title: 'eval() usage', description: 'Dynamic code execution via eval()' },
+    { id: 'function-constructor', pattern: /\bnew\s+Function\s*\(/g, severity: 'CRITICAL', title: 'Function constructor', description: 'Dynamic code execution via Function constructor' },
+    { id: 'exec', pattern: /(?<![.\w])exec\s*\(/g, severity: 'CRITICAL', title: 'exec() usage', description: 'Shell command execution via child_process exec()' },
+    { id: 'exec-sync-file', pattern: /\bexec(?:Sync|File|FileSync)\s*\(/g, severity: 'CRITICAL', title: 'execSync/execFile usage', description: 'Shell command execution via child_process execSync/execFile()' },
+    { id: 'spawn', pattern: /\bspawn\s*\(/g, severity: 'HIGH', title: 'spawn() usage', description: 'Process spawning detected' },
+    { id: 'child-process', pattern: /child_process/g, severity: 'HIGH', title: 'child_process module', description: 'Node.js child_process module usage' },
+    { id: 'os-system', pattern: /os\.system\s*\(/g, severity: 'CRITICAL', title: 'os.system()', description: 'Python os.system() shell execution' },
+    { id: 'subprocess', pattern: /subprocess\.(run|call|Popen|check_output)/g, severity: 'HIGH', title: 'subprocess usage', description: 'Python subprocess module usage' },
+    { id: 'powershell', pattern: /powershell(?:\.exe)?/gi, severity: 'HIGH', title: 'PowerShell invocation', description: 'PowerShell command execution' },
+    { id: 'dynamic-import', pattern: /import\s*\(/g, severity: 'MEDIUM', title: 'Dynamic import', description: 'Dynamic module import detected' },
+    { id: 'require-dynamic', pattern: /require\s*\(\s*[`'"][^`'"]+[`'"]\s*\+/g, severity: 'HIGH', title: 'Dynamic require', description: 'Dynamic require with string concatenation' },
+    { id: 'curl-pipe', pattern: /curl\s+[^|]+\|\s*(?:bash|sh)/g, severity: 'CRITICAL', title: 'curl pipe to shell', description: 'Remote script execution via curl piped to shell' },
+    { id: 'wget-pipe', pattern: /wget\s+[^|]+\|\s*(?:bash|sh)/g, severity: 'CRITICAL', title: 'wget pipe to shell', description: 'Remote script execution via wget piped to shell' },
+    { id: 'chmod-x', pattern: /chmod\s+\+x/g, severity: 'MEDIUM', title: 'chmod +x', description: 'Making file executable' },
+    { id: 'rm-rf', pattern: /rm\s+-rf/g, severity: 'HIGH', title: 'rm -rf', description: 'Recursive force delete' },
+    { id: 'sudo', pattern: /\bsudo\s+/g, severity: 'HIGH', title: 'sudo usage', description: 'Elevated privilege execution' },
+    { id: 'registry-edit', pattern: /reg\s+(add|delete|import)/gi, severity: 'HIGH', title: 'Windows registry edit', description: 'Windows registry modification' },
+    { id: 'cron', pattern: /crontab|\/etc\/cron/g, severity: 'HIGH', title: 'Cron persistence', description: 'Cron job or scheduled task modification' },
+    { id: 'startup-folder', pattern: /Startup|LaunchAgents|LaunchDaemons/g, severity: 'HIGH', title: 'Startup persistence', description: 'Startup folder or launch agent modification' },
+];
+export const SECRET_RULES = [
+    { id: 'aws-key', pattern: /AKIA[0-9A-Z]{16}/g, severity: 'CRITICAL', title: 'AWS Access Key', description: 'AWS access key ID detected' },
+    { id: 'aws-secret', pattern: /aws[_-]?secret[_-]?access[_-]?key\s*[=:]\s*['"]?[A-Za-z0-9/+=]{40}/gi, severity: 'CRITICAL', title: 'AWS Secret Key', description: 'AWS secret access key detected' },
+    { id: 'gcp-key', pattern: /"type"\s*:\s*"service_account"/g, severity: 'CRITICAL', title: 'GCP Service Account', description: 'GCP service account key detected' },
+    { id: 'azure-key', pattern: /[a-z0-9]{32}\.[a-z0-9]{16}/g, severity: 'HIGH', title: 'Azure Key', description: 'Possible Azure storage key' },
+    { id: 'openai-key', pattern: /sk-[a-zA-Z0-9]{20,}/g, severity: 'CRITICAL', title: 'OpenAI API Key', description: 'OpenAI API key detected' },
+    { id: 'anthropic-key', pattern: /sk-ant-[a-zA-Z0-9-]{20,}/g, severity: 'CRITICAL', title: 'Anthropic API Key', description: 'Anthropic API key detected' },
+    { id: 'jwt', pattern: /eyJ[a-zA-Z0-9_-]+\.eyJ[a-zA-Z0-9_-]+\.[a-zA-Z0-9_-]+/g, severity: 'HIGH', title: 'JWT Token', description: 'JSON Web Token detected' },
+    { id: 'private-key', pattern: /-----BEGIN (?:RSA |EC |OPENSSH )?PRIVATE KEY-----/g, severity: 'CRITICAL', title: 'Private Key', description: 'Private key material detected' },
+    { id: 'github-token', pattern: /ghp_[a-zA-Z0-9]{36}/g, severity: 'CRITICAL', title: 'GitHub Token', description: 'GitHub personal access token detected' },
+    { id: 'generic-api-key', pattern: /(?:api[_-]?key|apikey|secret[_-]?key)\s*[=:]\s*['"]?[a-zA-Z0-9_\-]{16,}/gi, severity: 'HIGH', title: 'Generic API Key', description: 'Generic API key or secret detected' },
+];
+export const NETWORK_RULES = [
+    { id: 'hardcoded-ip', pattern: /\b(?:\d{1,3}\.){3}\d{1,3}\b/g, severity: 'MEDIUM', title: 'Hardcoded IP', description: 'Hardcoded IP address detected' },
+    { id: 'discord-webhook', pattern: /discord(?:app)?\.com\/api\/webhooks\//gi, severity: 'HIGH', title: 'Discord Webhook', description: 'Discord webhook URL detected' },
+    { id: 'telegram-bot', pattern: /api\.telegram\.org\/bot/gi, severity: 'HIGH', title: 'Telegram Bot API', description: 'Telegram bot API endpoint detected' },
+    { id: 'pastebin', pattern: /pastebin\.com/gi, severity: 'HIGH', title: 'Pastebin', description: 'Pastebin URL detected - possible data exfiltration' },
+    { id: 'ngrok', pattern: /ngrok\.io|ngrok-free\.app/gi, severity: 'HIGH', title: 'ngrok Tunnel', description: 'ngrok tunnel URL detected' },
+    { id: 'cloudflare-tunnel', pattern: /trycloudflare\.com|cloudflared/gi, severity: 'HIGH', title: 'Cloudflare Tunnel', description: 'Cloudflare tunnel detected' },
+    { id: 'tor', pattern: /\.onion\b/gi, severity: 'HIGH', title: 'Tor Hidden Service', description: 'Tor .onion address detected' },
+    { id: 'crypto-miner', pattern: /coinhive|cryptonight|minero|xmrig|stratum\+tcp/gi, severity: 'CRITICAL', title: 'Crypto Miner', description: 'Cryptocurrency mining indicator detected' },
+    { id: 'dynamic-dns', pattern: /no-ip\.com|dyndns\.org|duckdns\.org/gi, severity: 'MEDIUM', title: 'Dynamic DNS', description: 'Dynamic DNS service detected' },
+];
+export const OBFUSCATION_RULES = [
+    { id: 'base64-blob', pattern: /[A-Za-z0-9+/]{200,}={0,2}/g, severity: 'MEDIUM', title: 'Large Base64 blob', description: 'Large base64-encoded data detected' },
+    { id: 'hex-blob', pattern: /(?:0x)?[0-9a-fA-F]{200,}/g, severity: 'MEDIUM', title: 'Large hex blob', description: 'Large hex-encoded data detected' },
+    { id: 'packed-upx', pattern: /UPX!\d/g, severity: 'HIGH', title: 'UPX packed', description: 'UPX packed executable detected' },
+];
+export const AI_INJECTION_RULES = [
+    { id: 'ignore-instructions', pattern: /ignore\s+(?:all\s+)?(?:previous|prior|above)\s+instructions/gi, severity: 'CRITICAL', title: 'Prompt injection', description: 'Instruction to ignore previous instructions' },
+    { id: 'system-prompt-extract', pattern: /(?:reveal|show|print|output|display)\s+(?:your\s+)?(?:system\s+)?prompt/gi, severity: 'HIGH', title: 'System prompt extraction', description: 'Attempt to extract system prompt' },
+    { id: 'tool-escalation', pattern: /(?:use|call|invoke|execute)\s+(?:all|every|any)\s+(?:available\s+)?tools/gi, severity: 'HIGH', title: 'Tool escalation', description: 'Attempt to escalate tool usage' },
+    { id: 'memory-poison', pattern: /(?:remember|store|save)\s+(?:this|the following)\s+(?:in\s+)?(?:memory|context)/gi, severity: 'HIGH', title: 'Memory poisoning', description: 'Attempt to poison agent memory' },
+    { id: 'self-update', pattern: /(?:update|modify|rewrite)\s+(?:your|the)\s+(?:own\s+)?(?:instructions|prompt|rules)/gi, severity: 'CRITICAL', title: 'Self-updating prompt', description: 'Attempt to self-modify agent instructions' },
+    { id: 'hidden-goal', pattern: /(?:secretly|covertly|without\s+telling|do\s+not\s+(?:mention|reveal|tell))/gi, severity: 'HIGH', title: 'Hidden goal', description: 'Covert or hidden objective detected' },
+    { id: 'jailbreak', pattern: /\b(?:do\s+anything\s+now|jailbreak(?:ing)?|bypass\s+(?:safety|restrictions|filters)|(?:you\s+are|act\s+as|pretend\s+to\s+be|enable)\s+DAN|DAN\s+mode)\b/gi, severity: 'CRITICAL', title: 'Jailbreak attempt', description: 'Jailbreak or safety bypass attempt' },
+    { id: 'recursive-agent', pattern: /(?:spawn|create|delegate\s+to)\s+(?:another|a\s+new)\s+agent/gi, severity: 'HIGH', title: 'Recursive agent delegation', description: 'Recursive agent spawning detected' },
+    { id: 'fake-success', pattern: /(?:pretend|act\s+as\s+if|report)\s+(?:that\s+)?(?:it\s+)?(?:succeeded|completed|worked)/gi, severity: 'HIGH', title: 'Fake success message', description: 'Instruction to fake success' },
+    { id: 'activation-phrase', pattern: /(?:when\s+(?:the\s+)?user\s+says|trigger\s+phrase|activation\s+phrase)/gi, severity: 'MEDIUM', title: 'Hidden activation phrase', description: 'Hidden activation trigger detected' },
+];
+export const ZERO_WIDTH_CHARS = /[\u200B\u200C\u200D\uFEFF\u2060\u180E]/g;
+export const INVISIBLE_UNICODE = /[\u00AD\u034F\u061C\u115F\u1160\u17B4\u17B5\u2061-\u2064\u206A-\u206F]/g;
+export const POPULAR_NPM_PACKAGES = [
+    'express', 'lodash', 'react', 'axios', 'webpack', 'typescript',
+    'request', 'chalk', 'commander', 'moment', 'debug', 'uuid',
+    'dotenv', 'cors', 'mongoose', 'jest', 'eslint', 'prettier',
+];
+export const SUSPICIOUS_TLDS = ['.tk', '.ml', '.ga', '.cf', '.gq', '.xyz', '.top', '.work', '.click'];
+//# sourceMappingURL=index.js.map

package/dist/analyzers/rules/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyzers/rules/index.ts"],"names":[],"mappings":"AAWA,MAAM,CAAC,MAAM,mBAAmB,GAAW;IACzC,EAAE,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,mCAAmC,EAAE;IACtI,EAAE,EAAE,EAAE,sBAAsB,EAAE,OAAO,EAAE,wBAAwB,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,sBAAsB,EAAE,WAAW,EAAE,iDAAiD,EAAE;IACtL,EAAE,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,kDAAkD,EAAE;IAC7J,EAAE,EAAE,EAAE,gBAAgB,EAAE,OAAO,EAAE,oCAAoC,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,yBAAyB,EAAE,WAAW,EAAE,+DAA+D,EAAE;IAC7M,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,2BAA2B,EAAE;IAC7H,EAAE,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,sBAAsB,EAAE,WAAW,EAAE,oCAAoC,EAAE;IACtJ,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,oCAAoC,EAAE;IAC/I,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,4CAA4C,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,gCAAgC,EAAE;IACvK,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,wBAAwB,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,uBAAuB,EAAE,WAAW,EAAE,8BAA8B,EAAE;IACtJ,EAAE,EAAE,EAAE,gBAAgB,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,gCAAgC,EAAE;IAC7I,EAAE,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,2CAA2C,EAAE;IAClL,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,iDAAiD,EAAE;IAChL,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,iDAAiD,EAAE;IAChL,EAAE,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,wBAAwB,EAAE;IACxH,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,wBAAwB,EAAE;IAC/G,EAAE,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,8BAA8B,EAAE;IACzH,EAAE,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,uBAAuB,EAAE,WAAW,EAAE,+BAA+B,EAAE;IAC/J,EAAE,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,yCAAyC,EAAE;IACpJ,EAAE,EAAE,EAAE,gBAAgB,EAAE,OAAO,EAAE,qCAAqC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,qBAAqB,EAAE,WAAW,EAAE,6CAA6C,EAAE;CACrL,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAW;IAClC,EAAE,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,4BAA4B,EAAE;IACzI,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,sEAAsE,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,gCAAgC,EAAE;IACnM,EAAE,EAAE,EAAE,SAAS,EAAE,OAAO,EAAE,iCAAiC,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,qBAAqB,EAAE,WAAW,EAAE,kCAAkC,EAAE;IAClK,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAC5I,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC5I,EAAE,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,mBAAmB,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAC1J,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,uDAAuD,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC7J,EAAE,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,oDAAoD,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,+BAA+B,EAAE;IAC9K,EAAE,EAAE,EAAE,cAAc,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,uCAAuC,EAAE;IAC1J,EAAE,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAE,2EAA2E,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,oCAAoC,EAAE;CAC/M,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAW;IACnC,EAAE,EAAE,EAAE,cAAc,EAAE,OAAO,EAAE,8BAA8B,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,+BAA+B,EAAE;IACxJ,EAAE,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAE,yCAAyC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,8BAA8B,EAAE;IACtK,EAAE,EAAE,EAAE,cAAc,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,oCAAoC,EAAE;IAC5J,EAAE,EAAE,EAAE,UAAU,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,oDAAoD,EAAE;IACtJ,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,6BAA6B,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,2BAA2B,EAAE;IAC1I,EAAE,EAAE,EAAE,mBAAmB,EAAE,OAAO,EAAE,kCAAkC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,mBAAmB,EAAE,WAAW,EAAE,4BAA4B,EAAE;IACjK,EAAE,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,oBAAoB,EAAE,WAAW,EAAE,6BAA6B,EAAE;IAChI,EAAE,EAAE,EAAE,cAAc,EAAE,OAAO,EAAE,kDAAkD,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,0CAA0C,EAAE;IACzL,EAAE,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,uCAAuC,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,8BAA8B,EAAE;CAC/J,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAW;IACvC,EAAE,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,4BAA4B,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,mBAAmB,EAAE,WAAW,EAAE,oCAAoC,EAAE;IAC/J,EAAE,EAAE,EAAE,UAAU,EAAE,OAAO,EAAE,2BAA2B,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,iCAAiC,EAAE;IACrJ,EAAE,EAAE,EAAE,YAAY,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,WAAW,EAAE,gCAAgC,EAAE;CAC/H,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAW;IACxC,EAAE,EAAE,EAAE,qBAAqB,EAAE,OAAO,EAAE,+DAA+D,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,6CAA6C,EAAE;IACpN,EAAE,EAAE,EAAE,uBAAuB,EAAE,OAAO,EAAE,2EAA2E,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,0BAA0B,EAAE,WAAW,EAAE,kCAAkC,EAAE;IAC3N,EAAE,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAE,4EAA4E,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,WAAW,EAAE,gCAAgC,EAAE;IAC3M,EAAE,EAAE,EAAE,eAAe,EAAE,OAAO,EAAE,mFAAmF,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,WAAW,EAAE,gCAAgC,EAAE;IACjN,EAAE,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,uFAAuF,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,sBAAsB,EAAE,WAAW,EAAE,2CAA2C,EAAE;IACtO,EAAE,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,8EAA8E,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,qCAAqC,EAAE;IAC1M,EAAE,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,2JAA2J,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,mBAAmB,EAAE,WAAW,EAAE,oCAAoC,EAAE;IAC9R,EAAE,EAAE,EAAE,iBAAiB,EAAE,OAAO,EAAE,gEAAgE,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,4BAA4B,EAAE,WAAW,EAAE,mCAAmC,EAAE;IAC7M,EAAE,EAAE,EAAE,cAAc,EAAE,OAAO,EAAE,2FAA2F,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,sBAAsB,EAAE,WAAW,EAAE,6BAA6B,EAAE;IACzN,EAAE,EAAE,EAAE,mBAAmB,EAAE,OAAO,EAAE,0EAA0E,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,0BAA0B,EAAE,WAAW,EAAE,oCAAoC,EAAE;CAC3N,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,yCAAyC,CAAC;AAC1E,MAAM,CAAC,MAAM,iBAAiB,GAAG,yEAAyE,CAAC;AAE3G,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,YAAY;IAC9D,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM;IAC1D,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU;CAC3D,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC"}

package/dist/analyzers/secret-analyzer.d.ts

@@ -0,0 +1,7 @@
+import type { AnalysisContext, Analyzer } from './analyzer.js';
+export declare class SecretAnalyzer implements Analyzer {
+    readonly id = "secret";
+    supports(): boolean;
+    analyze(ctx: AnalysisContext): Promise<import("../domain/finding.js").Finding[]>;
+}
+//# sourceMappingURL=secret-analyzer.d.ts.map

package/dist/analyzers/secret-analyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-analyzer.d.ts","sourceRoot":"","sources":["../../src/analyzers/secret-analyzer.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAG/D,qBAAa,cAAe,YAAW,QAAQ;IAC7C,QAAQ,CAAC,EAAE,YAAY;IAEvB,QAAQ,IAAI,OAAO;IAIb,OAAO,CAAC,GAAG,EAAE,eAAe;CA0BnC"}

package/dist/analyzers/secret-analyzer.js

@@ -0,0 +1,33 @@
+import { createFinding } from '../domain/finding.js';
+import { SECRET_RULES } from './rules/index.js';
+export class SecretAnalyzer {
+    id = 'secret';
+    supports() {
+        return true;
+    }
+    async analyze(ctx) {
+        const findings = [];
+        for (const file of ctx.artifact.files) {
+            if (file.path.includes('.env.example') || file.path.includes('.env.sample'))
+                continue;
+            for (const rule of SECRET_RULES) {
+                rule.pattern.lastIndex = 0;
+                const match = rule.pattern.exec(file.content);
+                if (match) {
+                    const masked = match[0].slice(0, 4) + '****' + match[0].slice(-4);
+                    findings.push(createFinding({
+                        category: 'secret',
+                        severity: rule.severity,
+                        title: rule.title,
+                        description: rule.description,
+                        ruleId: rule.id,
+                        file: file.path,
+                        evidence: masked,
+                    }));
+                }
+            }
+        }
+        return findings;
+    }
+}
+//# sourceMappingURL=secret-analyzer.js.map

package/dist/analyzers/secret-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-analyzer.js","sourceRoot":"","sources":["../../src/analyzers/secret-analyzer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEhD,MAAM,OAAO,cAAc;IAChB,EAAE,GAAG,QAAQ,CAAC;IAEvB,QAAQ;QACN,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAoB;QAChC,MAAM,QAAQ,GAAG,EAAE,CAAC;QAEpB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;YACtC,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAAE,SAAS;YAEtF,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;gBAChC,IAAI,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC9C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;oBAClE,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;wBAC1B,QAAQ,EAAE,QAAQ;wBAClB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,WAAW,EAAE,IAAI,CAAC,WAAW;wBAC7B,MAAM,EAAE,IAAI,CAAC,EAAE;wBACf,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,QAAQ,EAAE,MAAM;qBACjB,CAAC,CAAC,CAAC;gBACN,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/analyzers/source-analyzer.d.ts

@@ -0,0 +1,7 @@
+import type { AnalysisContext, Analyzer } from './analyzer.js';
+export declare class SourceAnalyzer implements Analyzer {
+    readonly id = "source";
+    supports(): boolean;
+    analyze(ctx: AnalysisContext): Promise<import("../domain/finding.js").Finding[]>;
+}
+//# sourceMappingURL=source-analyzer.d.ts.map

package/dist/analyzers/source-analyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"source-analyzer.d.ts","sourceRoot":"","sources":["../../src/analyzers/source-analyzer.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAiB/D,qBAAa,cAAe,YAAW,QAAQ;IAC7C,QAAQ,CAAC,EAAE,YAAY;IAEvB,QAAQ,IAAI,OAAO;IAIb,OAAO,CAAC,GAAG,EAAE,eAAe;CAsDnC"}

package/dist/analyzers/source-analyzer.js

@@ -0,0 +1,73 @@
+import { createFinding } from '../domain/finding.js';
+import { POPULAR_NPM_PACKAGES, SUSPICIOUS_TLDS } from './rules/index.js';
+function levenshtein(a, b) {
+    const matrix = [];
+    for (let i = 0; i <= b.length; i++)
+        matrix[i] = [i];
+    for (let j = 0; j <= a.length; j++)
+        matrix[0][j] = j;
+    for (let i = 1; i <= b.length; i++) {
+        for (let j = 1; j <= a.length; j++) {
+            matrix[i][j] = b[i - 1] === a[j - 1]
+                ? matrix[i - 1][j - 1]
+                : Math.min(matrix[i - 1][j - 1] + 1, matrix[i][j - 1] + 1, matrix[i - 1][j] + 1);
+        }
+    }
+    return matrix[b.length][a.length];
+}
+export class SourceAnalyzer {
+    id = 'source';
+    supports() {
+        return true;
+    }
+    async analyze(ctx) {
+        const findings = [];
+        const { metadata, target } = ctx.artifact;
+        const sourceUrl = metadata.sourceUrl ?? metadata.repository ?? metadata.homepage;
+        if (sourceUrl) {
+            const isLocalPath = sourceUrl.startsWith('/') || sourceUrl.startsWith('.') || /^[a-zA-Z]:\\/.test(sourceUrl);
+            if (!isLocalPath && !sourceUrl.startsWith('https://')) {
+                findings.push(createFinding({
+                    category: 'source',
+                    severity: 'HIGH',
+                    title: 'Non-HTTPS source',
+                    description: `Source URL does not use HTTPS: ${sourceUrl}`,
+                    ruleId: 'non-https',
+                }));
+            }
+            if (!isLocalPath) {
+                for (const tld of SUSPICIOUS_TLDS) {
+                    if (sourceUrl.includes(tld)) {
+                        findings.push(createFinding({
+                            category: 'source',
+                            severity: 'HIGH',
+                            title: 'Suspicious TLD',
+                            description: `Source uses suspicious top-level domain: ${tld}`,
+                            ruleId: 'suspicious-tld',
+                            evidence: sourceUrl,
+                        }));
+                    }
+                }
+            }
+        }
+        if (target.ecosystem === 'npm' && metadata.name) {
+            const pkgName = metadata.name.toLowerCase();
+            for (const popular of POPULAR_NPM_PACKAGES) {
+                if (pkgName !== popular) {
+                    const distance = levenshtein(pkgName, popular);
+                    if (distance > 0 && distance <= 2) {
+                        findings.push(createFinding({
+                            category: 'source',
+                            severity: 'CRITICAL',
+                            title: 'Possible typosquatting',
+                            description: `Package name "${pkgName}" is similar to popular package "${popular}" (distance: ${distance})`,
+                            ruleId: 'typosquatting',
+                        }));
+                    }
+                }
+            }
+        }
+        return findings;
+    }
+}
+//# sourceMappingURL=source-analyzer.js.map

package/dist/analyzers/source-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"source-analyzer.js","sourceRoot":"","sources":["../../src/analyzers/source-analyzer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,OAAO,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAEzE,SAAS,WAAW,CAAC,CAAS,EAAE,CAAS;IACvC,MAAM,MAAM,GAAe,EAAE,CAAC;IAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACpD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACnC,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBACnC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC,CAAC,GAAG,CAAC,CAAE;gBACxB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC,CAAC,GAAG,CAAC,CAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC,CAAE,CAAC,CAAC,GAAG,CAAC,CAAE,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,CAAC;QAC3F,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAE,CAAC,CAAC,CAAC,MAAM,CAAE,CAAC;AACtC,CAAC;AAED,MAAM,OAAO,cAAc;IAChB,EAAE,GAAG,QAAQ,CAAC;IAEvB,QAAQ;QACN,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAoB;QAChC,MAAM,QAAQ,GAAG,EAAE,CAAC;QACpB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC,QAAQ,CAAC;QAC1C,MAAM,SAAS,GAAG,QAAQ,CAAC,SAAS,IAAI,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,QAAQ,CAAC;QAEjF,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,WAAW,GAAG,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAE7G,IAAI,CAAC,WAAW,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtD,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;oBAC1B,QAAQ,EAAE,QAAQ;oBAClB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,kBAAkB;oBACzB,WAAW,EAAE,kCAAkC,SAAS,EAAE;oBAC1D,MAAM,EAAE,WAAW;iBACpB,CAAC,CAAC,CAAC;YACN,CAAC;YAED,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;oBAClC,IAAI,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;wBAC5B,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;4BAC1B,QAAQ,EAAE,QAAQ;4BAClB,QAAQ,EAAE,MAAM;4BAChB,KAAK,EAAE,gBAAgB;4BACvB,WAAW,EAAE,4CAA4C,GAAG,EAAE;4BAC9D,MAAM,EAAE,gBAAgB;4BACxB,QAAQ,EAAE,SAAS;yBACpB,CAAC,CAAC,CAAC;oBACN,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,KAAK,KAAK,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAChD,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YAC5C,KAAK,MAAM,OAAO,IAAI,oBAAoB,EAAE,CAAC;gBAC3C,IAAI,OAAO,KAAK,OAAO,EAAE,CAAC;oBACxB,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;oBAC/C,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,IAAI,CAAC,EAAE,CAAC;wBAClC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;4BAC1B,QAAQ,EAAE,QAAQ;4BAClB,QAAQ,EAAE,UAAU;4BACpB,KAAK,EAAE,wBAAwB;4BAC/B,WAAW,EAAE,iBAAiB,OAAO,oCAAoC,OAAO,gBAAgB,QAAQ,GAAG;4BAC3G,MAAM,EAAE,eAAe;yBACxB,CAAC,CAAC,CAAC;oBACN,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/analyzers/static-code-analyzer.d.ts

@@ -0,0 +1,7 @@
+import type { AnalysisContext, Analyzer } from './analyzer.js';
+export declare class StaticCodeAnalyzer implements Analyzer {
+    readonly id = "static-code";
+    supports(ctx: AnalysisContext): boolean;
+    analyze(ctx: AnalysisContext): Promise<import("../domain/finding.js").Finding[]>;
+}
+//# sourceMappingURL=static-code-analyzer.d.ts.map

package/dist/analyzers/static-code-analyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"static-code-analyzer.d.ts","sourceRoot":"","sources":["../../src/analyzers/static-code-analyzer.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAmB/D,qBAAa,kBAAmB,YAAW,QAAQ;IACjD,QAAQ,CAAC,EAAE,iBAAiB;IAE5B,QAAQ,CAAC,GAAG,EAAE,eAAe,GAAG,OAAO;IAIjC,OAAO,CAAC,GAAG,EAAE,eAAe;CAmDnC"}

package/dist/analyzers/static-code-analyzer.js

@@ -0,0 +1,67 @@
+import { createFinding } from '../domain/finding.js';
+import { findMatchingLine } from './match-evidence.js';
+import { DANGEROUS_API_RULES, OBFUSCATION_RULES } from './rules/index.js';
+const CODE_EXTENSIONS = ['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs', '.py', '.go', '.rs', '.sh', '.bash', '.lua'];
+function calculateEntropy(content) {
+    const freq = new Map();
+    for (const char of content) {
+        freq.set(char, (freq.get(char) ?? 0) + 1);
+    }
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const p = count / content.length;
+        entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+export class StaticCodeAnalyzer {
+    id = 'static-code';
+    supports(ctx) {
+        return ctx.artifact.files.some((f) => CODE_EXTENSIONS.some((ext) => f.path.endsWith(ext)));
+    }
+    async analyze(ctx) {
+        const findings = [];
+        const codeFiles = ctx.artifact.files.filter((f) => CODE_EXTENSIONS.some((ext) => f.path.endsWith(ext)));
+        for (const file of codeFiles) {
+            for (const rule of [...DANGEROUS_API_RULES, ...OBFUSCATION_RULES]) {
+                rule.pattern.lastIndex = 0;
+                if (rule.pattern.test(file.content)) {
+                    const match = findMatchingLine(file.content, rule.pattern);
+                    findings.push(createFinding({
+                        category: 'static-code',
+                        severity: rule.severity,
+                        title: rule.title,
+                        description: rule.description,
+                        ruleId: rule.id,
+                        file: file.path,
+                        line: match?.line,
+                        evidence: match?.evidence,
+                    }));
+                }
+            }
+            if (file.size > 500_000 && file.content.split('\n').length < 10) {
+                findings.push(createFinding({
+                    category: 'static-code',
+                    severity: 'MEDIUM',
+                    title: 'Large minified file',
+                    description: `File ${file.path} appears minified (${file.size} bytes, few lines)`,
+                    ruleId: 'minified',
+                    file: file.path,
+                }));
+            }
+            const entropy = calculateEntropy(file.content.slice(0, 10000));
+            if (entropy > 5.5 && file.size > 1000) {
+                findings.push(createFinding({
+                    category: 'static-code',
+                    severity: 'MEDIUM',
+                    title: 'High entropy content',
+                    description: `File ${file.path} has high entropy (${entropy.toFixed(2)}) suggesting obfuscation`,
+                    ruleId: 'high-entropy',
+                    file: file.path,
+                }));
+            }
+        }
+        return findings;
+    }
+}
+//# sourceMappingURL=static-code-analyzer.js.map

package/dist/analyzers/static-code-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"static-code-analyzer.js","sourceRoot":"","sources":["../../src/analyzers/static-code-analyzer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAErD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AACvD,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAE1E,MAAM,eAAe,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AAEpH,SAAS,gBAAgB,CAAC,OAAe;IACvC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC;QACjC,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,OAAO,kBAAkB;IACpB,EAAE,GAAG,aAAa,CAAC;IAE5B,QAAQ,CAAC,GAAoB;QAC3B,OAAO,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAC7F,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAoB;QAChC,MAAM,QAAQ,GAAG,EAAE,CAAC;QACpB,MAAM,SAAS,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAChD,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CACpD,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,mBAAmB,EAAE,GAAG,iBAAiB,CAAC,EAAE,CAAC;gBAClE,IAAI,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBAC3B,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACpC,MAAM,KAAK,GAAG,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;oBAE3D,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;wBAC1B,QAAQ,EAAE,aAAa;wBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,WAAW,EAAE,IAAI,CAAC,WAAW;wBAC7B,MAAM,EAAE,IAAI,CAAC,EAAE;wBACf,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,IAAI,EAAE,KAAK,EAAE,IAAI;wBACjB,QAAQ,EAAE,KAAK,EAAE,QAAQ;qBAC1B,CAAC,CAAC,CAAC;gBACN,CAAC;YACH,CAAC;YAED,IAAI,IAAI,CAAC,IAAI,GAAG,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBAChE,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;oBAC1B,QAAQ,EAAE,aAAa;oBACvB,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,qBAAqB;oBAC5B,WAAW,EAAE,QAAQ,IAAI,CAAC,IAAI,sBAAsB,IAAI,CAAC,IAAI,oBAAoB;oBACjF,MAAM,EAAE,UAAU;oBAClB,IAAI,EAAE,IAAI,CAAC,IAAI;iBAChB,CAAC,CAAC,CAAC;YACN,CAAC;YAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;YAC/D,IAAI,OAAO,GAAG,GAAG,IAAI,IAAI,CAAC,IAAI,GAAG,IAAI,EAAE,CAAC;gBACtC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC;oBAC1B,QAAQ,EAAE,aAAa;oBACvB,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,sBAAsB;oBAC7B,WAAW,EAAE,QAAQ,IAAI,CAAC,IAAI,sBAAsB,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,0BAA0B;oBAChG,MAAM,EAAE,cAAc;oBACtB,IAAI,EAAE,IAAI,CAAC,IAAI;iBAChB,CAAC,CAAC,CAAC;YACN,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/analyzers/test-path.d.ts

@@ -0,0 +1,2 @@
+export declare function isTestPath(filePath: string): boolean;
+//# sourceMappingURL=test-path.d.ts.map

package/dist/analyzers/test-path.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"test-path.d.ts","sourceRoot":"","sources":["../../src/analyzers/test-path.ts"],"names":[],"mappings":"AAwBA,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAYpD"}

package/dist/analyzers/test-path.js

@@ -0,0 +1,32 @@
+const TEST_DIR_SEGMENTS = new Set([
+    'test',
+    'tests',
+    '__tests__',
+    '__mocks__',
+    '__fixtures__',
+    'fixtures',
+    'fixture',
+    'spec',
+    'specs',
+    'e2e',
+    'mocks',
+    'testdata',
+]);
+function isTestFileName(name) {
+    const lower = name.toLowerCase();
+    return (/\.(?:test|spec)\.[cm]?[jt]sx?$/.test(lower) ||
+        /_test\.(?:py|go)$/.test(lower) ||
+        /^test_.+\.py$/.test(lower));
+}
+export function isTestPath(filePath) {
+    const normalized = filePath.replace(/\\/g, '/');
+    const segments = normalized.split('/').filter(Boolean);
+    const fileName = segments[segments.length - 1] ?? '';
+    if (isTestFileName(fileName)) {
+        return true;
+    }
+    return segments
+        .slice(0, -1)
+        .some((segment) => TEST_DIR_SEGMENTS.has(segment.toLowerCase()));
+}
+//# sourceMappingURL=test-path.js.map

package/dist/analyzers/test-path.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"test-path.js","sourceRoot":"","sources":["../../src/analyzers/test-path.ts"],"names":[],"mappings":"AAAA,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,MAAM;IACN,OAAO;IACP,WAAW;IACX,WAAW;IACX,cAAc;IACd,UAAU;IACV,SAAS;IACT,MAAM;IACN,OAAO;IACP,KAAK;IACL,OAAO;IACP,UAAU;CACX,CAAC,CAAC;AAEH,SAAS,cAAc,CAAC,IAAY;IAClC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,OAAO,CACL,gCAAgC,CAAC,IAAI,CAAC,KAAK,CAAC;QAC5C,mBAAmB,CAAC,IAAI,CAAC,KAAK,CAAC;QAC/B,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAC5B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,QAAgB;IACzC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAChD,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAErD,IAAI,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,QAAQ;SACZ,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;SACZ,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AACrE,CAAC"}

package/dist/cli/index.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/cli/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":""}