@rexymayderio/sentinel 0.1.0

package/dist/mcp/server.js

@@ -0,0 +1,151 @@
+#!/usr/bin/env node
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { z } from 'zod';
+import { createDefaultSentinel } from '../factory.js';
+const server = new McpServer({
+    name: 'sentinel',
+    version: '0.1.0',
+});
+const sentinel = createDefaultSentinel();
+server.tool('verify_package', 'Verify an npm package for security risks', { name: z.string(), version: z.string().optional() }, async ({ name, version }) => {
+    const target = version ? `${name}@${version}` : name;
+    const report = await sentinel.verify('npm', target);
+    return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+});
+server.tool('verify_repository', 'Verify a GitHub repository for security risks', { owner: z.string(), repo: z.string() }, async ({ owner, repo }) => {
+    const report = await sentinel.verify('github', `${owner}/${repo}`);
+    return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+});
+server.tool('verify_skill', 'Verify a local AI skill directory or SKILL.md file', { path: z.string() }, async ({ path }) => {
+    const report = await sentinel.verify('skill', path);
+    return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+});
+server.tool('verify_mcp', 'Verify an MCP server (not yet implemented - returns error)', { name: z.string() }, async ({ name }) => {
+    try {
+        const report = await sentinel.verify('mcp', name);
+        return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+    }
+    catch (error) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: String(error) }) }] };
+    }
+});
+server.tool('verify_extension', 'Verify a VSCode extension (not yet implemented - returns error)', { name: z.string() }, async ({ name }) => {
+    try {
+        const report = await sentinel.verify('vscode', name);
+        return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+    }
+    catch (error) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: String(error) }) }] };
+    }
+});
+server.tool('verify_docker', 'Verify a Docker image (not yet implemented - returns error)', { image: z.string() }, async ({ image }) => {
+    try {
+        const report = await sentinel.verify('docker', image);
+        return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+    }
+    catch (error) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: String(error) }) }] };
+    }
+});
+server.tool('calculate_risk', 'Calculate risk score from findings for a target', { type: z.string(), target: z.string() }, async ({ type, target }) => {
+    const report = await sentinel.verify(type, target);
+    return {
+        content: [{
+                type: 'text',
+                text: JSON.stringify({
+                    score: report.risk.score,
+                    level: report.risk.level,
+                    confidence: report.risk.confidence,
+                    decision: report.policy.decision,
+                }),
+            }],
+    };
+});
+server.tool('generate_report', 'Generate a security report for a target', {
+    type: z.string(),
+    target: z.string(),
+    format: z.enum(['terminal', 'json', 'markdown']).optional(),
+}, async ({ type, target, format }) => {
+    const report = await sentinel.verify(type, target);
+    const reportFormat = (format ?? 'json');
+    return { content: [{ type: 'text', text: sentinel.generateReport(report, reportFormat) }] };
+});
+server.tool('scan_directory', 'Scan a local directory for security issues', { path: z.string() }, async ({ path }) => {
+    const report = await sentinel.verify('local', path);
+    return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+});
+server.tool('scan_archive', 'Scan a zip archive (not yet implemented - scans as local path)', { path: z.string() }, async ({ path }) => {
+    try {
+        const report = await sentinel.verify('zip', path);
+        return { content: [{ type: 'text', text: sentinel.generateReport(report, 'json') }] };
+    }
+    catch (error) {
+        return { content: [{ type: 'text', text: JSON.stringify({ error: String(error) }) }] };
+    }
+});
+server.tool('approve_install', 'Check if a target would be approved for installation', { type: z.string(), target: z.string() }, async ({ type, target }) => {
+    const report = await sentinel.verify(type, target);
+    const approvable = report.policy.decision !== 'BLOCK';
+    return {
+        content: [{
+                type: 'text',
+                text: JSON.stringify({
+                    approvable,
+                    decision: report.policy.decision,
+                    risk: report.risk,
+                    reasons: report.policy.reasons,
+                    dataAssessment: report.dataAssessment,
+                }),
+            }],
+    };
+});
+server.tool('install', 'Verify and install a target (requires explicit confirm flag)', {
+    type: z.string(),
+    target: z.string(),
+    confirm: z.boolean().describe('Must be true to proceed with installation'),
+}, async ({ type, target, confirm }) => {
+    if (!confirm) {
+        return {
+            content: [{
+                    type: 'text',
+                    text: JSON.stringify({
+                        success: false,
+                        message: 'Installation requires confirm=true. Run verify first, then install with confirm.',
+                    }),
+                }],
+        };
+    }
+    const result = await sentinel.install(type, target, { forceApprove: true });
+    if (result.report.policy.decision === 'BLOCK') {
+        return {
+            content: [{
+                    type: 'text',
+                    text: JSON.stringify({
+                        success: false,
+                        message: 'Installation BLOCKED by policy. Cannot override.',
+                        report: result.report,
+                    }),
+                }],
+        };
+    }
+    return {
+        content: [{
+                type: 'text',
+                text: JSON.stringify({
+                    success: result.success,
+                    message: result.message,
+                    report: result.report,
+                }),
+            }],
+    };
+});
+async function main() {
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+}
+main().catch((error) => {
+    console.error('Sentinel MCP server error:', error);
+    process.exit(1);
+});
+//# sourceMappingURL=server.js.map

package/dist/mcp/server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAGtD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,MAAM,QAAQ,GAAG,qBAAqB,EAAE,CAAC;AAEzC,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,0CAA0C,EAC1C,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,EACpD,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE;IAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IACrD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,+CAA+C,EAC/C,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACvC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE;IACxB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,IAAI,EAAE,CAAC,CAAC;IACnE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,cAAc,EACd,oDAAoD,EACpD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,YAAY,EACZ,4DAA4D,EAC5D,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAClD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,kBAAkB,EAClB,iEAAiE,EACjE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACrD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,eAAe,EACf,6DAA6D,EAC7D,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACrB,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;IAClB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,iDAAiD,EACjD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACxC,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU;oBAClC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;iBACjC,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,EACjB,yCAAyC,EACzC;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC5D,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE;IACjC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,YAAY,GAAG,CAAC,MAAM,IAAI,MAAM,CAAiB,CAAC;IACxD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,YAAY,CAAC,EAAE,CAAC,EAAE,CAAC;AACvG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,4CAA4C,EAC5C,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,cAAc,EACd,gEAAgE,EAChE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAClD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,EACjB,sDAAsD,EACtD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACxC,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,CAAC;IACtD,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,UAAU;oBACV,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;oBAChC,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;oBAC9B,cAAc,EAAE,MAAM,CAAC,cAAc;iBACtC,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,SAAS,EACT,8DAA8D,EAC9D;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC,2CAA2C,CAAC;CAC3E,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,EAAE;IAClC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,OAAO,EAAE,kFAAkF;qBAC5F,CAAC;iBACH,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAE5E,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QAC9C,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,OAAO,EAAE,kDAAkD;wBAC3D,MAAM,EAAE,MAAM,CAAC,MAAM;qBACtB,CAAC;iBACH,CAAC;SACH,CAAC;IACJ,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,MAAM,EAAE,MAAM,CAAC,MAAM;iBACtB,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;IACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/ports/approval-prompt.d.ts

@@ -0,0 +1,5 @@
+import type { VerificationReport } from '../domain/report.js';
+export interface ApprovalPrompt {
+    requestApproval(report: VerificationReport): Promise<boolean>;
+}
+//# sourceMappingURL=approval-prompt.d.ts.map

package/dist/ports/approval-prompt.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"approval-prompt.d.ts","sourceRoot":"","sources":["../../src/ports/approval-prompt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAE9D,MAAM,WAAW,cAAc;IAC7B,eAAe,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CAC/D"}

package/dist/ports/approval-prompt.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=approval-prompt.js.map

package/dist/ports/approval-prompt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"approval-prompt.js","sourceRoot":"","sources":["../../src/ports/approval-prompt.ts"],"names":[],"mappings":""}

package/dist/ports/clock.d.ts

@@ -0,0 +1,5 @@
+export interface Clock {
+    now(): Date;
+}
+export declare const systemClock: Clock;
+//# sourceMappingURL=clock.d.ts.map

package/dist/ports/clock.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"clock.d.ts","sourceRoot":"","sources":["../../src/ports/clock.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,KAAK;IACpB,GAAG,IAAI,IAAI,CAAC;CACb;AAED,eAAO,MAAM,WAAW,EAAE,KAEzB,CAAC"}

package/dist/ports/clock.js

@@ -0,0 +1,4 @@
+export const systemClock = {
+    now: () => new Date(),
+};
+//# sourceMappingURL=clock.js.map

package/dist/ports/clock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"clock.js","sourceRoot":"","sources":["../../src/ports/clock.ts"],"names":[],"mappings":"AAIA,MAAM,CAAC,MAAM,WAAW,GAAU;IAChC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE;CACtB,CAAC"}

package/dist/ports/index.d.ts

@@ -0,0 +1,6 @@
+export * from './registry-client.js';
+export * from './repo-client.js';
+export * from './process-runner.js';
+export * from './approval-prompt.js';
+export * from './clock.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/ports/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/ports/index.ts"],"names":[],"mappings":"AAAA,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,qBAAqB,CAAC;AACpC,cAAc,sBAAsB,CAAC;AACrC,cAAc,YAAY,CAAC"}

package/dist/ports/index.js

@@ -0,0 +1,6 @@
+export * from './registry-client.js';
+export * from './repo-client.js';
+export * from './process-runner.js';
+export * from './approval-prompt.js';
+export * from './clock.js';
+//# sourceMappingURL=index.js.map

package/dist/ports/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/ports/index.ts"],"names":[],"mappings":"AAAA,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,qBAAqB,CAAC;AACpC,cAAc,sBAAsB,CAAC;AACrC,cAAc,YAAY,CAAC"}

package/dist/ports/process-runner.d.ts

@@ -0,0 +1,12 @@
+export interface ProcessResult {
+    readonly exitCode: number;
+    readonly stdout: string;
+    readonly stderr: string;
+}
+export interface ProcessRunner {
+    run(command: string, args: string[], options?: {
+        cwd?: string;
+        env?: Record<string, string>;
+    }): Promise<ProcessResult>;
+}
+//# sourceMappingURL=process-runner.d.ts.map

package/dist/ports/process-runner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"process-runner.d.ts","sourceRoot":"","sources":["../../src/ports/process-runner.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,aAAa;IAC5B,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,EAAE;QAAE,GAAG,CAAC,EAAE,MAAM,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;KAAE,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;CACxH"}

package/dist/ports/process-runner.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=process-runner.js.map

package/dist/ports/process-runner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"process-runner.js","sourceRoot":"","sources":["../../src/ports/process-runner.ts"],"names":[],"mappings":""}

package/dist/ports/registry-client.d.ts

@@ -0,0 +1,14 @@
+import type { PackageMetadata } from '../domain/artifact.js';
+export interface NpmPackageInfo extends PackageMetadata {
+    readonly tarballUrl: string;
+}
+export interface OsvVulnerability {
+    readonly id: string;
+    readonly summary: string;
+    readonly severity?: string;
+}
+export interface RegistryClient {
+    getNpmPackage(name: string, version?: string): Promise<NpmPackageInfo>;
+    checkOsv(packageName: string, version: string, ecosystem: string): Promise<OsvVulnerability[]>;
+}
+//# sourceMappingURL=registry-client.d.ts.map

package/dist/ports/registry-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry-client.d.ts","sourceRoot":"","sources":["../../src/ports/registry-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAE7D,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,cAAc;IAC7B,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC;IACvE,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC;CAChG"}

package/dist/ports/registry-client.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=registry-client.js.map

package/dist/ports/registry-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry-client.js","sourceRoot":"","sources":["../../src/ports/registry-client.ts"],"names":[],"mappings":""}

package/dist/ports/repo-client.d.ts

@@ -0,0 +1,18 @@
+export interface RepoInfo {
+    readonly fullName: string;
+    readonly description?: string;
+    readonly stars: number;
+    readonly forks: number;
+    readonly defaultBranch: string;
+    readonly archived: boolean;
+    readonly createdAt: string;
+    readonly updatedAt: string;
+    readonly hasSecurityPolicy: boolean;
+    readonly tarballUrl: string;
+    readonly topics?: string[];
+}
+export interface RepoClient {
+    getRepo(owner: string, repo: string): Promise<RepoInfo>;
+    downloadTarball(url: string): Promise<Buffer>;
+}
+//# sourceMappingURL=repo-client.d.ts.map

package/dist/ports/repo-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"repo-client.d.ts","sourceRoot":"","sources":["../../src/ports/repo-client.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;IACpC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IACxD,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;CAC/C"}

package/dist/ports/repo-client.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=repo-client.js.map

package/dist/ports/repo-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"repo-client.js","sourceRoot":"","sources":["../../src/ports/repo-client.ts"],"names":[],"mappings":""}

package/dist/report/index.d.ts

@@ -0,0 +1,2 @@
+export * from './report-generator.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/report/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/report/index.ts"],"names":[],"mappings":"AAAA,cAAc,uBAAuB,CAAC"}

package/dist/report/index.js

@@ -0,0 +1,2 @@
+export * from './report-generator.js';
+//# sourceMappingURL=index.js.map

package/dist/report/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/report/index.ts"],"names":[],"mappings":"AAAA,cAAc,uBAAuB,CAAC"}

package/dist/report/report-generator.d.ts

@@ -0,0 +1,29 @@
+import type { VerificationReport } from '../domain/report.js';
+import type { ReportFormat } from '../domain/report.js';
+export interface ReportStrategy {
+    format: ReportFormat;
+    generate(report: VerificationReport): string;
+}
+export declare class TerminalReporter implements ReportStrategy {
+    readonly format: "terminal";
+    generate(report: VerificationReport): string;
+}
+export declare class JsonReporter implements ReportStrategy {
+    readonly format: "json";
+    generate(report: VerificationReport): string;
+}
+export declare class MarkdownReporter implements ReportStrategy {
+    readonly format: "markdown";
+    generate(report: VerificationReport): string;
+}
+export declare class StubReporter implements ReportStrategy {
+    readonly format: ReportFormat;
+    constructor(format: ReportFormat);
+    generate(_report: VerificationReport): string;
+}
+export declare class ReportGenerator {
+    private readonly strategies;
+    constructor();
+    generate(report: VerificationReport, format?: ReportFormat): string;
+}
+//# sourceMappingURL=report-generator.d.ts.map

package/dist/report/report-generator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"report-generator.d.ts","sourceRoot":"","sources":["../../src/report/report-generator.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGxD,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,YAAY,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,kBAAkB,GAAG,MAAM,CAAC;CAC9C;AAqBD,qBAAa,gBAAiB,YAAW,cAAc;IACrD,QAAQ,CAAC,MAAM,EAAG,UAAU,CAAU;IAEtC,QAAQ,CAAC,MAAM,EAAE,kBAAkB,GAAG,MAAM;CA4E7C;AAED,qBAAa,YAAa,YAAW,cAAc;IACjD,QAAQ,CAAC,MAAM,EAAG,MAAM,CAAU;IAElC,QAAQ,CAAC,MAAM,EAAE,kBAAkB,GAAG,MAAM;CAG7C;AAED,qBAAa,gBAAiB,YAAW,cAAc;IACrD,QAAQ,CAAC,MAAM,EAAG,UAAU,CAAU;IAEtC,QAAQ,CAAC,MAAM,EAAE,kBAAkB,GAAG,MAAM;CAyC7C;AAED,qBAAa,YAAa,YAAW,cAAc;IACrC,QAAQ,CAAC,MAAM,EAAE,YAAY;gBAApB,MAAM,EAAE,YAAY;IAEzC,QAAQ,CAAC,OAAO,EAAE,kBAAkB,GAAG,MAAM;CAG9C;AAED,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAoC;;IAa/D,QAAQ,CAAC,MAAM,EAAE,kBAAkB,EAAE,MAAM,GAAE,YAAyB,GAAG,MAAM;CAOhF"}

package/dist/report/report-generator.js

@@ -0,0 +1,167 @@
+import kleur from 'kleur';
+function riskColor(level) {
+    switch (level) {
+        case 'CRITICAL': return kleur.red().bold;
+        case 'HIGH': return kleur.red;
+        case 'MEDIUM': return kleur.yellow;
+        case 'LOW': return kleur.green;
+    }
+}
+function decisionColor(decision) {
+    switch (decision) {
+        case 'BLOCK': return kleur.red().bold;
+        case 'REQUIRE_APPROVAL': return kleur.yellow().bold;
+        case 'WARN': return kleur.yellow;
+        case 'AUTO_APPROVE': return kleur.green().bold;
+        default: return kleur.white;
+    }
+}
+export class TerminalReporter {
+    format = 'terminal';
+    generate(report) {
+        const lines = [];
+        const color = riskColor(report.risk.level);
+        lines.push('');
+        lines.push(kleur.bold().cyan('═══ Sentinel Security Report ═══'));
+        lines.push('');
+        lines.push(`  Target:     ${kleur.white(report.target.ecosystem)}:${kleur.cyan(report.target.name)}`);
+        lines.push(`  Risk:       ${color(report.risk.level)} (${report.risk.score}/100)`);
+        lines.push(`  Confidence: ${report.risk.confidence}%`);
+        lines.push(`  Decision:   ${decisionColor(report.policy.decision)(report.policy.decision)}`);
+        lines.push(`  Action:     ${report.recommendedAction}`);
+        lines.push('');
+        if (!report.dataAssessment.sufficient && report.dataAssessment.reasons.length > 0) {
+            lines.push(kleur.yellow().bold('  Limited data gathered - manual review recommended:'));
+            for (const reason of report.dataAssessment.reasons) {
+                lines.push(`    • ${reason}`);
+            }
+            lines.push('');
+        }
+        if (report.policy.reasons.length > 0) {
+            lines.push(kleur.bold('  Policy Reasons:'));
+            for (const reason of report.policy.reasons) {
+                lines.push(`    • ${reason}`);
+            }
+            lines.push('');
+        }
+        const critical = report.findings.filter((f) => f.severity === 'CRITICAL' && !f.positive);
+        const high = report.findings.filter((f) => f.severity === 'HIGH' && !f.positive);
+        const medium = report.findings.filter((f) => f.severity === 'MEDIUM' && !f.positive);
+        const low = report.findings.filter((f) => f.severity === 'LOW' && !f.positive);
+        const positive = report.findings.filter((f) => f.positive);
+        const testFindingCount = report.findings.filter((f) => f.isTest && !f.positive).length;
+        lines.push(kleur.bold('  Findings Summary:'));
+        lines.push(`    Critical: ${kleur.red(String(critical.length))}  High: ${kleur.red(String(high.length))}  Medium: ${kleur.yellow(String(medium.length))}  Low: ${kleur.green(String(low.length))}  Positive: ${kleur.green(String(positive.length))}`);
+        if (testFindingCount > 0) {
+            lines.push(kleur.dim(`    (${testFindingCount} finding(s) in test/fixture files, down-weighted in scoring)`));
+        }
+        lines.push('');
+        const displayFindings = [...critical, ...high, ...medium].slice(0, 20);
+        if (displayFindings.length > 0) {
+            lines.push(kleur.bold('  Top Findings:'));
+            for (const f of displayFindings) {
+                const sev = f.severity === 'CRITICAL' ? kleur.red('[CRITICAL]') :
+                    f.severity === 'HIGH' ? kleur.red('[HIGH]') :
+                        kleur.yellow(`[${f.severity}]`);
+                const loc = f.file ? ` (${f.file}${f.line ? `:${f.line}` : ''})` : '';
+                const testTag = f.isTest ? kleur.dim(' [test-file]') : '';
+                lines.push(`    ${sev} ${f.title}${loc}${testTag}`);
+                lines.push(`           ${kleur.dim(f.description)}`);
+                if (f.evidence) {
+                    lines.push(`           ${kleur.dim('>')} ${kleur.dim(f.evidence)}`);
+                }
+            }
+            lines.push('');
+        }
+        if (report.permissions.length > 0) {
+            lines.push(kleur.bold('  Permissions Requested:'));
+            for (const p of report.permissions) {
+                lines.push(`    • ${p.type}: ${p.description}`);
+            }
+            lines.push('');
+        }
+        lines.push(kleur.dim(`  Scanned at ${report.scannedAt} (${report.durationMs}ms)`));
+        lines.push('');
+        return lines.join('\n');
+    }
+}
+export class JsonReporter {
+    format = 'json';
+    generate(report) {
+        return JSON.stringify(report, null, 2);
+    }
+}
+export class MarkdownReporter {
+    format = 'markdown';
+    generate(report) {
+        const lines = [];
+        lines.push(`# Sentinel Security Report`);
+        lines.push('');
+        lines.push(`**Target:** ${report.target.ecosystem}:${report.target.name}`);
+        lines.push(`**Risk:** ${report.risk.level} (${report.risk.score}/100)`);
+        lines.push(`**Confidence:** ${report.risk.confidence}%`);
+        lines.push(`**Decision:** ${report.policy.decision}`);
+        lines.push(`**Recommended Action:** ${report.recommendedAction}`);
+        lines.push('');
+        if (!report.dataAssessment.sufficient && report.dataAssessment.reasons.length > 0) {
+            lines.push('> Limited data could be gathered for this target - manual review is recommended.');
+            lines.push('');
+            lines.push('## Data Limitations');
+            for (const reason of report.dataAssessment.reasons) {
+                lines.push(`- ${reason}`);
+            }
+            lines.push('');
+        }
+        lines.push('## Policy Reasons');
+        for (const reason of report.policy.reasons) {
+            lines.push(`- ${reason}`);
+        }
+        lines.push('');
+        lines.push('## Findings');
+        lines.push('| Severity | Category | Title | File | Line | Evidence |');
+        lines.push('|----------|----------|-------|------|------|----------|');
+        for (const f of report.findings.filter((f) => !f.positive)) {
+            const evidence = f.evidence ? `\`${f.evidence.replace(/\|/g, '\\|')}\`` : '-';
+            const file = f.file ? `${f.file}${f.isTest ? ' _(test)_' : ''}` : '-';
+            lines.push(`| ${f.severity} | ${f.category} | ${f.title} | ${file} | ${f.line ?? '-'} | ${evidence} |`);
+        }
+        if (report.permissions.length > 0) {
+            lines.push('');
+            lines.push('## Permissions');
+            for (const p of report.permissions) {
+                lines.push(`- **${p.type}**: ${p.description}`);
+            }
+        }
+        return lines.join('\n');
+    }
+}
+export class StubReporter {
+    format;
+    constructor(format) {
+        this.format = format;
+    }
+    generate(_report) {
+        return `[${this.format} report format not yet implemented in MVP]`;
+    }
+}
+export class ReportGenerator {
+    strategies;
+    constructor() {
+        this.strategies = new Map([
+            ['terminal', new TerminalReporter()],
+            ['json', new JsonReporter()],
+            ['markdown', new MarkdownReporter()],
+            ['sarif', new StubReporter('sarif')],
+            ['html', new StubReporter('html')],
+            ['pdf', new StubReporter('pdf')],
+        ]);
+    }
+    generate(report, format = 'terminal') {
+        const strategy = this.strategies.get(format);
+        if (!strategy) {
+            throw new Error(`Unsupported report format: ${format}`);
+        }
+        return strategy.generate(report);
+    }
+}
+//# sourceMappingURL=report-generator.js.map

package/dist/report/report-generator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"report-generator.js","sourceRoot":"","sources":["../../src/report/report-generator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAU1B,SAAS,SAAS,CAAC,KAAgB;IACjC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,UAAU,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;QACzC,KAAK,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC;QAC9B,KAAK,QAAQ,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC;QACnC,KAAK,KAAK,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC;IACjC,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB;IACrC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;QACtC,KAAK,kBAAkB,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC;QACpD,KAAK,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC;QACjC,KAAK,cAAc,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC;QAC/C,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC;IAC9B,CAAC;AACH,CAAC;AAED,MAAM,OAAO,gBAAgB;IAClB,MAAM,GAAG,UAAmB,CAAC;IAEtC,QAAQ,CAAC,MAA0B;QACjC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE3C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,CAAC;QAClE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtG,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,CAAC;QACnF,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CAAC,iBAAiB,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC7F,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC,CAAC;YACxF,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;gBACnD,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;YAChC,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;YAC5C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBAC3C,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;YAChC,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzF,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACjF,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACrF,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC/E,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAE3D,MAAM,gBAAgB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;QAEvF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,WAAW,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,aAAa,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,UAAU,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,eAAe,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;QACvP,IAAI,gBAAgB,GAAG,CAAC,EAAE,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,gBAAgB,8DAA8D,CAAC,CAAC,CAAC;QAChH,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,MAAM,eAAe,GAAG,CAAC,GAAG,QAAQ,EAAE,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;YAC1C,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;gBAChC,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;oBAC/D,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;wBAC7C,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC;gBAClC,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtE,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1D,KAAK,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,KAAK,GAAG,GAAG,GAAG,OAAO,EAAE,CAAC,CAAC;gBACpD,KAAK,CAAC,IAAI,CAAC,cAAc,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;gBACrD,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;oBACf,KAAK,CAAC,IAAI,CAAC,cAAc,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;YACnD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACnC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YAClD,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,SAAS,KAAK,MAAM,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC;QACnF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IACd,MAAM,GAAG,MAAe,CAAC;IAElC,QAAQ,CAAC,MAA0B;QACjC,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;CACF;AAED,MAAM,OAAO,gBAAgB;IAClB,MAAM,GAAG,UAAmB,CAAC;IAEtC,QAAQ,CAAC,MAA0B;QACjC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QACzC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3E,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,CAAC;QACxE,KAAK,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QACzD,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,2BAA2B,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;QAClE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClF,KAAK,CAAC,IAAI,CAAC,kFAAkF,CAAC,CAAC;YAC/F,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;YAClC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;gBACnD,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;YAC5B,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAChC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAC3C,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;QAC5B,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACvE,KAAK,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACvE,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3D,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;YAC9E,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;YACtE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,MAAM,CAAC,CAAC,QAAQ,MAAM,CAAC,CAAC,KAAK,MAAM,IAAI,MAAM,CAAC,CAAC,IAAI,IAAI,GAAG,MAAM,QAAQ,IAAI,CAAC,CAAC;QAC1G,CAAC;QACD,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC7B,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACnC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IACF;IAArB,YAAqB,MAAoB;QAApB,WAAM,GAAN,MAAM,CAAc;IAAG,CAAC;IAE7C,QAAQ,CAAC,OAA2B;QAClC,OAAO,IAAI,IAAI,CAAC,MAAM,4CAA4C,CAAC;IACrE,CAAC;CACF;AAED,MAAM,OAAO,eAAe;IACT,UAAU,CAAoC;IAE/D;QACE,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,CAA+B;YACtD,CAAC,UAAU,EAAE,IAAI,gBAAgB,EAAE,CAAC;YACpC,CAAC,MAAM,EAAE,IAAI,YAAY,EAAE,CAAC;YAC5B,CAAC,UAAU,EAAE,IAAI,gBAAgB,EAAE,CAAC;YACpC,CAAC,OAAO,EAAE,IAAI,YAAY,CAAC,OAAO,CAAC,CAAC;YACpC,CAAC,MAAM,EAAE,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;YAClC,CAAC,KAAK,EAAE,IAAI,YAAY,CAAC,KAAK,CAAC,CAAC;SACjC,CAAC,CAAC;IACL,CAAC;IAED,QAAQ,CAAC,MAA0B,EAAE,SAAuB,UAAU;QACpE,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,MAAM,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;CACF"}

package/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "@rexymayderio/sentinel",
+  "version": "0.1.0",
+  "description": "Universal Security Verification Framework for AI Agent Installations",
+  "type": "module",
+  "bin": {
+    "sentinel-mcp": "./dist/mcp/server.js",
+    "sentinel": "./dist/cli/index.js"
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist",
+    "skills"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsx src/cli/index.ts",
+    "start": "node dist/cli/index.js",
+    "mcp": "tsx src/mcp/server.ts",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "prepublishOnly": "npm run build"
+  },
+  "engines": {
+    "node": ">=20.0.0"
+  },
+  "keywords": [
+    "security",
+    "verification",
+    "ai-agent",
+    "supply-chain"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.29.0",
+    "commander": "^15.0.0",
+    "fast-glob": "^3.3.3",
+    "kleur": "^4.1.5",
+    "tar": "^7.4.3",
+    "zod": "^4.4.3"
+  },
+  "devDependencies": {
+    "@types/node": "^22.15.0",
+    "@types/tar": "^6.1.13",
+    "tsx": "^4.19.4",
+    "typescript": "^5.8.3",
+    "vitest": "^3.2.4"
+  }
+}