@shiftleftpt/sbd-toe-mcp 0.1.0

package/dist/tools/generate-document.js

@@ -0,0 +1,392 @@
+const VALID_DOCUMENT_TYPES = [
+    "classification-template",
+    "threat-model-template",
+    "checklist",
+    "training-plan",
+    "secure-config"
+];
+const VALID_RISK_LEVELS = ["L1", "L2", "L3"];
+function isValidDocumentType(value) {
+    return (typeof value === "string" &&
+        VALID_DOCUMENT_TYPES.includes(value));
+}
+function isValidRiskLevel(value) {
+    return (typeof value === "string" &&
+        VALID_RISK_LEVELS.includes(value));
+}
+function makeRpcError(message, data) {
+    return Object.assign(new Error(message), {
+        rpcError: { code: -32602, message, data: data ?? null }
+    });
+}
+// ---------------------------------------------------------------------------
+// Document structure definitions
+// ---------------------------------------------------------------------------
+function buildClassificationTemplate(riskLevel) {
+    const base = [
+        {
+            name: "Identificação",
+            mandatory: true,
+            fields: [
+                { name: "Nome da Aplicação", required: "mandatory", guidance: "Identificador único e nome oficial da aplicação." },
+                { name: "Proprietário / Equipa", required: "mandatory", guidance: "Nome da equipa ou pessoa responsável." },
+                { name: "Descrição Funcional", required: "mandatory", guidance: "Resumo do propósito e funcionalidades principais." }
+            ]
+        },
+        {
+            name: "Dados Processados",
+            mandatory: true,
+            fields: [
+                { name: "Tipos de Dados", required: "mandatory", guidance: "Listar categorias de dados (ex: PII, financeiros, operacionais)." },
+                { name: "Volume Estimado", required: "conditional", guidance: "Preencher se relevante para a classificação de risco." },
+                { name: "Retenção e Eliminação", required: "optional", guidance: "Política de retenção aplicável." }
+            ]
+        },
+        {
+            name: "Nível de Risco",
+            mandatory: true,
+            fields: [
+                { name: "Classificação Determinada", required: "mandatory", guidance: "Indicar L1, L2 ou L3 com justificação baseada nos critérios SbD-ToE." },
+                { name: "Critérios Aplicados", required: "mandatory", guidance: "Listar os critérios que levaram à classificação." }
+            ]
+        }
+    ];
+    if (riskLevel === "L2" || riskLevel === "L3") {
+        base.push({
+            name: "Ameaças Identificadas",
+            mandatory: true,
+            fields: [
+                { name: "Principais Ameaças", required: "mandatory", guidance: "Listar as ameaças identificadas no contexto da aplicação." },
+                { name: "Impacto Estimado", required: "mandatory", guidance: "Para cada ameaça, descrever o impacto potencial." },
+                { name: "Probabilidade", required: "conditional", guidance: "Estimativa de probabilidade para cada ameaça (alta/média/baixa)." }
+            ]
+        });
+    }
+    if (riskLevel === "L3") {
+        base.push({
+            name: "Plano de Remediação",
+            mandatory: true,
+            fields: [
+                { name: "Acções de Mitigação", required: "mandatory", guidance: "Para cada ameaça L3, descrever as acções de mitigação concretas." },
+                { name: "Responsáveis", required: "mandatory", guidance: "Assignar responsáveis por cada acção." },
+                { name: "Prazo de Implementação", required: "mandatory", guidance: "Data limite para cada acção de remediação." },
+                { name: "Evidências de Validação", required: "conditional", guidance: "Artefactos que comprovam a implementação das mitigações." }
+            ]
+        });
+    }
+    return base;
+}
+function buildThreatModelTemplate(riskLevel) {
+    const base = [
+        {
+            name: "Âmbito",
+            mandatory: true,
+            fields: [
+                { name: "Sistema em Análise", required: "mandatory", guidance: "Identificar os componentes e boundaries do sistema." },
+                { name: "Pressupostos", required: "mandatory", guidance: "Listar os pressupostos de segurança assumidos." },
+                { name: "Exclusões", required: "optional", guidance: "Componentes fora do âmbito e justificação." }
+            ]
+        },
+        {
+            name: "Actores",
+            mandatory: true,
+            fields: [
+                { name: "Actores Legítimos", required: "mandatory", guidance: "Identificar utilizadores e sistemas que interagem com o sistema." },
+                { name: "Actores Adversariais", required: "mandatory", guidance: "Perfis de atacante relevantes para o contexto." },
+                { name: "Nível de Confiança por Actor", required: "conditional", guidance: "Descrever o nível de confiança atribuído a cada actor." }
+            ]
+        },
+        {
+            name: "Superfície de Ataque",
+            mandatory: true,
+            fields: [
+                { name: "Entry Points", required: "mandatory", guidance: "Listar todos os pontos de entrada no sistema (APIs, UI, ficheiros, etc.)." },
+                { name: "Assets Críticos", required: "mandatory", guidance: "Identificar os assets que precisam de protecção." },
+                { name: "Trust Boundaries", required: "conditional", guidance: "Desenhar os limites de confiança entre componentes." }
+            ]
+        }
+    ];
+    if (riskLevel === "L2" || riskLevel === "L3") {
+        base.push({
+            name: "Árvores de Ameaça",
+            mandatory: true,
+            fields: [
+                { name: "Ameaças STRIDE", required: "mandatory", guidance: "Identificar ameaças usando a metodologia STRIDE por componente." },
+                { name: "Cenários de Ataque", required: "mandatory", guidance: "Descrever cenários de ataque realistas para as ameaças identificadas." },
+                { name: "Priorização", required: "conditional", guidance: "Priorizar ameaças por impacto e probabilidade." }
+            ]
+        }, {
+            name: "Controlos",
+            mandatory: true,
+            fields: [
+                { name: "Controlos Existentes", required: "mandatory", guidance: "Listar controlos de segurança já implementados." },
+                { name: "Controlos Propostos", required: "mandatory", guidance: "Descrever novos controlos a implementar por cada ameaça." },
+                { name: "Referências SbD-ToE", required: "optional", guidance: "Citar os CTRL-* relevantes do manual SbD-ToE." }
+            ]
+        });
+    }
+    if (riskLevel === "L3") {
+        base.push({
+            name: "Análise de Residual Risk",
+            mandatory: true,
+            fields: [
+                { name: "Risco Residual por Ameaça", required: "mandatory", guidance: "Após mitigações, documentar o risco residual aceite para cada ameaça." },
+                { name: "Aprovação Formal", required: "mandatory", guidance: "Registo de aprovação do risco residual pela entidade responsável." },
+                { name: "Plano de Revisão", required: "conditional", guidance: "Periodicidade de revisão do threat model." }
+            ]
+        });
+    }
+    return base;
+}
+function buildChecklist(riskLevel) {
+    const base = [
+        {
+            name: "Requisitos Mínimos L1",
+            mandatory: true,
+            fields: [
+                { name: "Autenticação Básica", required: "mandatory", guidance: "Verificar se autenticação está implementada e configurada correctamente." },
+                { name: "Gestão de Segredos", required: "mandatory", guidance: "Confirmar que secrets não estão hardcoded no código ou versionados." },
+                { name: "Logging de Eventos de Segurança", required: "mandatory", guidance: "Verificar que eventos relevantes de segurança são registados." },
+                { name: "Dependências Actualizadas", required: "conditional", guidance: "Confirmar ausência de dependências com vulnerabilidades conhecidas críticas." }
+            ]
+        }
+    ];
+    if (riskLevel === "L2" || riskLevel === "L3") {
+        base.push({
+            name: "Requisitos Adicionais L2",
+            mandatory: true,
+            fields: [
+                { name: "Testes de Segurança Automatizados", required: "mandatory", guidance: "SAST/DAST integrados no pipeline CI/CD sem findings críticos." },
+                { name: "Revisão de Código com Foco em Segurança", required: "mandatory", guidance: "Processo de code review inclui verificação de aspectos de segurança." },
+                { name: "Gestão de Incidentes", required: "mandatory", guidance: "Processo documentado de resposta a incidentes de segurança." },
+                { name: "Monitorização Activa", required: "conditional", guidance: "Alertas configurados para eventos de segurança anómalos." }
+            ]
+        });
+    }
+    if (riskLevel === "L3") {
+        base.push({
+            name: "Requisitos Regulatórios L3",
+            mandatory: true,
+            fields: [
+                { name: "Conformidade Normativa", required: "mandatory", guidance: "Identificar e documentar conformidade com normas aplicáveis (GDPR, NIS2, etc.)." },
+                { name: "Auditoria e Rastreabilidade", required: "mandatory", guidance: "Logs de auditoria com retenção conforme requisitos legais." },
+                { name: "Relatório de Segurança Periódico", required: "mandatory", guidance: "Frequência e formato do relatório de segurança exigido." },
+                { name: "Aprovações de Terceiros", required: "conditional", guidance: "Auditorias externas ou certificações necessárias." }
+            ]
+        });
+    }
+    return base;
+}
+function buildTrainingPlan(riskLevel) {
+    const base = [
+        {
+            name: "Objectivos",
+            mandatory: true,
+            fields: [
+                { name: "Objectivos de Aprendizagem", required: "mandatory", guidance: "Listar os conhecimentos e competências a adquirir." },
+                { name: "Resultados Esperados", required: "mandatory", guidance: "Descrever o estado de preparação da equipa após a formação." }
+            ]
+        },
+        {
+            name: "Audiência",
+            mandatory: true,
+            fields: [
+                { name: "Perfis Alvo", required: "mandatory", guidance: "Identificar os papéis que devem participar na formação." },
+                { name: "Pré-requisitos", required: "conditional", guidance: "Conhecimentos mínimos esperados dos participantes." }
+            ]
+        },
+        {
+            name: "Módulos Base",
+            mandatory: true,
+            fields: [
+                { name: "Fundamentos SbD-ToE", required: "mandatory", guidance: "Conceitos base do manual, níveis de risco e estrutura de capítulos." },
+                { name: "Práticas de Segurança no Ciclo de Desenvolvimento", required: "mandatory", guidance: "Como integrar segurança nas fases de design, dev e deploy." },
+                { name: "Uso das Tools MCP SbD-ToE", required: "conditional", guidance: "Demonstração prática das tools disponíveis no servidor MCP." }
+            ]
+        }
+    ];
+    if (riskLevel === "L2" || riskLevel === "L3") {
+        base.push({
+            name: "Exercícios Práticos",
+            mandatory: true,
+            fields: [
+                { name: "Cenários de Ameaça", required: "mandatory", guidance: "Exercícios baseados em cenários reais de ameaça do contexto da equipa." },
+                { name: "Hands-on Threat Modeling", required: "mandatory", guidance: "Exercício prático de threat modeling com metodologia SbD-ToE." },
+                { name: "Simulação de Incident Response", required: "conditional", guidance: "Exercício de resposta a incidente de segurança simulado." }
+            ]
+        });
+    }
+    if (riskLevel === "L3") {
+        base.push({
+            name: "Avaliação e Certificação",
+            mandatory: true,
+            fields: [
+                { name: "Critérios de Avaliação", required: "mandatory", guidance: "Definir os critérios e limites de aprovação." },
+                { name: "Formato da Avaliação", required: "mandatory", guidance: "Descrever o método de avaliação (teste, projecto, demonstração)." },
+                { name: "Registo de Conclusão", required: "mandatory", guidance: "Documento comprovativo de conclusão e aprovação da formação." },
+                { name: "Periodicidade de Renovação", required: "conditional", guidance: "Frequência com que a formação deve ser repetida ou actualizada." }
+            ]
+        });
+    }
+    return base;
+}
+function buildSecureConfig(riskLevel) {
+    const base = [
+        {
+            name: "Hardening Base",
+            mandatory: true,
+            fields: [
+                { name: "Configuração Mínima de Sistema", required: "mandatory", guidance: "Listar as configurações de sistema operativo/runtime aplicadas para reduzir superfície de ataque." },
+                { name: "Portos e Serviços Expostos", required: "mandatory", guidance: "Inventariar todos os portos e serviços activos, justificando cada um." },
+                { name: "Actualizações e Patches", required: "mandatory", guidance: "Política de aplicação de patches de segurança." }
+            ]
+        },
+        {
+            name: "Segredos",
+            mandatory: true,
+            fields: [
+                { name: "Inventário de Segredos", required: "mandatory", guidance: "Listar todos os segredos usados (API keys, passwords, certificados)." },
+                { name: "Mecanismo de Armazenamento", required: "mandatory", guidance: "Descrever o vault ou mecanismo seguro de armazenamento de segredos." },
+                { name: "Rotação de Segredos", required: "conditional", guidance: "Política de rotação periódica de segredos." }
+            ]
+        },
+        {
+            name: "Logging",
+            mandatory: true,
+            fields: [
+                { name: "Eventos Registados", required: "mandatory", guidance: "Listar os eventos de segurança que devem ser logados." },
+                { name: "Formato e Destino dos Logs", required: "mandatory", guidance: "Formato estruturado e destino seguro dos logs." },
+                { name: "Retenção", required: "conditional", guidance: "Período de retenção dos logs de segurança." }
+            ]
+        }
+    ];
+    if (riskLevel === "L2" || riskLevel === "L3") {
+        base.push({
+            name: "Network Segmentation",
+            mandatory: true,
+            fields: [
+                { name: "Segmentação de Rede", required: "mandatory", guidance: "Descrever a segmentação de rede aplicada (VLANs, security groups, etc.)." },
+                { name: "Firewall Rules", required: "mandatory", guidance: "Inventariar e justificar as regras de firewall activas." },
+                { name: "Ingress/Egress Control", required: "conditional", guidance: "Políticas de controlo de tráfego de entrada e saída." }
+            ]
+        }, {
+            name: "mTLS",
+            mandatory: true,
+            fields: [
+                { name: "Serviços com mTLS", required: "mandatory", guidance: "Identificar os serviços que requerem mTLS e o estado de implementação." },
+                { name: "Gestão de Certificados", required: "mandatory", guidance: "Processo de emissão, renovação e revogação de certificados." },
+                { name: "Certificate Pinning", required: "optional", guidance: "Avaliação da necessidade de certificate pinning para clientes móveis." }
+            ]
+        });
+    }
+    if (riskLevel === "L3") {
+        base.push({
+            name: "Auditoria Contínua",
+            mandatory: true,
+            fields: [
+                { name: "Ferramentas de Auditoria", required: "mandatory", guidance: "Listar as ferramentas de auditoria contínua activas (CSPM, SIEM, etc.)." },
+                { name: "Frequência de Revisão", required: "mandatory", guidance: "Periodicidade das revisões de segurança automatizadas e manuais." },
+                { name: "Alertas Críticos", required: "mandatory", guidance: "Definir os alertas que requerem resposta imediata." }
+            ]
+        }, {
+            name: "Conformidade",
+            mandatory: true,
+            fields: [
+                { name: "Frameworks Aplicáveis", required: "mandatory", guidance: "Listar os frameworks regulatórios e normativos aplicáveis (GDPR, NIS2, ISO 27001, etc.)." },
+                { name: "Controlos de Conformidade", required: "mandatory", guidance: "Mapear controlos de segurança implementados para cada requisito normativo." },
+                { name: "Evidências de Conformidade", required: "mandatory", guidance: "Documentar as evidências disponíveis para auditoria externa." },
+                { name: "Plano de Melhoria", required: "conditional", guidance: "Acções planeadas para fechar gaps de conformidade identificados." }
+            ]
+        });
+    }
+    return base;
+}
+// ---------------------------------------------------------------------------
+// Acceptance criteria per type
+// ---------------------------------------------------------------------------
+const ACCEPTANCE_CRITERIA = {
+    "classification-template": [
+        "Todas as secções obrigatórias preenchidas.",
+        "Classificação de risco justificada com critérios documentados.",
+        "Dados processados inventariados e categorizados.",
+        "Documento revisto e aprovado pelo responsável de segurança."
+    ],
+    "threat-model-template": [
+        "Âmbito e actores completamente identificados.",
+        "Superfície de ataque mapeada com entry points e assets.",
+        "Para L2+: todas as ameaças STRIDE endereçadas com controlos.",
+        "Para L3: risco residual documentado e aprovado formalmente."
+    ],
+    "checklist": [
+        "Todos os items marcados como cumpridos ou com justificação de não aplicabilidade.",
+        "Evidências recolhidas para cada item obrigatório.",
+        "Checklist revista e assinada antes do release.",
+        "Para L3: conformidade normativa verificada e documentada."
+    ],
+    "training-plan": [
+        "Todos os módulos base completados pela audiência alvo.",
+        "Exercícios práticos realizados e documentados.",
+        "Para L3: avaliação realizada com aprovação acima do threshold definido.",
+        "Registo de conclusão arquivado."
+    ],
+    "secure-config": [
+        "Hardening base aplicado e verificado em todos os ambientes.",
+        "Segredos em vault — zero segredos em código ou configuração versionada.",
+        "Logging de eventos de segurança activo e testado.",
+        "Para L2+: segmentação de rede e mTLS implementados e documentados.",
+        "Para L3: conformidade auditada e evidências recolhidas."
+    ]
+};
+// ---------------------------------------------------------------------------
+// Relevant bundles per type
+// ---------------------------------------------------------------------------
+const RELEVANT_BUNDLES = {
+    "classification-template": ["01-classificacao-aplicacoes", "02-requisitos-seguranca", "14-governanca-contratacao"],
+    "threat-model-template": ["03-threat-modeling", "04-arquitetura-segura", "02-requisitos-seguranca"],
+    "checklist": ["02-requisitos-seguranca", "06-desenvolvimento-seguro", "10-testes-seguranca"],
+    "training-plan": ["13-formacao-onboarding", "14-governanca-contratacao"],
+    "secure-config": ["04-arquitetura-segura", "08-iac-infraestrutura", "09-containers-imagens", "07-cicd-seguro"]
+};
+// ---------------------------------------------------------------------------
+// Handler
+// ---------------------------------------------------------------------------
+export function handleGenerateDocument(args) {
+    const typeArg = args["type"];
+    if (!isValidDocumentType(typeArg)) {
+        throw makeRpcError(`Tipo de documento inválido: "${String(typeArg)}". Valores permitidos: ${VALID_DOCUMENT_TYPES.join(", ")}.`, { invalidValue: typeArg });
+    }
+    const documentType = typeArg;
+    const riskLevelArg = args["riskLevel"];
+    if (!isValidRiskLevel(riskLevelArg)) {
+        throw makeRpcError(`riskLevel inválido: "${String(riskLevelArg)}". Valores permitidos: L1, L2, L3.`, { invalidValue: riskLevelArg });
+    }
+    const riskLevel = riskLevelArg;
+    // context is accepted but not used in structure logic (reserved for future use)
+    // sanitized: not forwarded to any external system
+    let sections;
+    switch (documentType) {
+        case "classification-template":
+            sections = buildClassificationTemplate(riskLevel);
+            break;
+        case "threat-model-template":
+            sections = buildThreatModelTemplate(riskLevel);
+            break;
+        case "checklist":
+            sections = buildChecklist(riskLevel);
+            break;
+        case "training-plan":
+            sections = buildTrainingPlan(riskLevel);
+            break;
+        case "secure-config":
+            sections = buildSecureConfig(riskLevel);
+            break;
+    }
+    return {
+        documentType,
+        riskLevel,
+        sections,
+        acceptanceCriteria: ACCEPTANCE_CRITERIA[documentType],
+        relevantBundles: RELEVANT_BUNDLES[documentType]
+    };
+}
+//# sourceMappingURL=generate-document.js.map

package/dist/tools/generate-document.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate-document.js","sourceRoot":"","sources":["../../src/tools/generate-document.ts"],"names":[],"mappings":"AAAA,MAAM,oBAAoB,GAAG;IAC3B,yBAAyB;IACzB,uBAAuB;IACvB,WAAW;IACX,eAAe;IACf,eAAe;CACP,CAAC;AAIX,MAAM,iBAAiB,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAU,CAAC;AAyBtD,SAAS,mBAAmB,CAAC,KAAc;IACzC,OAAO,CACL,OAAO,KAAK,KAAK,QAAQ;QACxB,oBAA0C,CAAC,QAAQ,CAAC,KAAK,CAAC,CAC5D,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAc;IACtC,OAAO,CACL,OAAO,KAAK,KAAK,QAAQ;QACxB,iBAAuC,CAAC,QAAQ,CAAC,KAAK,CAAC,CACzD,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,OAAe,EAAE,IAAc;IACnD,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE;QACvC,QAAQ,EAAE,EAAE,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,IAAI,IAAI,EAAE;KACxD,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,iCAAiC;AACjC,8EAA8E;AAE9E,SAAS,2BAA2B,CAAC,SAAoB;IACvD,MAAM,IAAI,GAAc;QACtB;YACE,IAAI,EAAE,eAAe;YACrB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kDAAkD,EAAE;gBAClH,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,uCAAuC,EAAE;gBAC3G,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,mDAAmD,EAAE;aACtH;SACF;QACD;YACE,IAAI,EAAE,mBAAmB;YACzB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kEAAkE,EAAE;gBAC/H,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,uDAAuD,EAAE;gBACvH,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,iCAAiC,EAAE;aACrG;SACF;QACD;YACE,IAAI,EAAE,gBAAgB;YACtB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,sEAAsE,EAAE;gBAC9I,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kDAAkD,EAAE;aACrH;SACF;KACF,CAAC;IAEF,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,uBAAuB;YAC7B,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,2DAA2D,EAAE;gBAC5H,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kDAAkD,EAAE;gBACjH,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,kEAAkE,EAAE;aACjI;SACF,CAAC,CAAC;IACL,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,qBAAqB;YAC3B,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kEAAkE,EAAE;gBACpI,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,uCAAuC,EAAE;gBAClG,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,4CAA4C,EAAE;gBACjH,EAAE,IAAI,EAAE,yBAAyB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,0DAA0D,EAAE;aACnI;SACF,CAAC,CAAC;IACL,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,wBAAwB,CAAC,SAAoB;IACpD,MAAM,IAAI,GAAc;QACtB;YACE,IAAI,EAAE,QAAQ;YACd,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,qDAAqD,EAAE;gBACtH,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,gDAAgD,EAAE;gBAC3G,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,4CAA4C,EAAE;aACpG;SACF;QACD;YACE,IAAI,EAAE,SAAS;YACf,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kEAAkE,EAAE;gBAClI,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,gDAAgD,EAAE;gBACnH,EAAE,IAAI,EAAE,8BAA8B,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,wDAAwD,EAAE;aACtI;SACF;QACD;YACE,IAAI,EAAE,sBAAsB;YAC5B,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,2EAA2E,EAAE;gBACtI,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kDAAkD,EAAE;gBAChH,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,qDAAqD,EAAE;aACvH;SACF;KACF,CAAC;IAEF,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,IAAI,CACP;YACE,IAAI,EAAE,mBAAmB;YACzB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,iEAAiE,EAAE;gBAC9H,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,uEAAuE,EAAE;gBACxI,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,gDAAgD,EAAE;aAC7G;SACF,EACD;YACE,IAAI,EAAE,WAAW;YACjB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,iDAAiD,EAAE;gBACpH,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,0DAA0D,EAAE;gBAC5H,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,+CAA+C,EAAE;aACjH;SACF,CACF,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,0BAA0B;YAChC,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,uEAAuE,EAAE;gBAC/I,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,mEAAmE,EAAE;gBAClI,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,2CAA2C,EAAE;aAC7G;SACF,CAAC,CAAC;IACL,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,cAAc,CAAC,SAAoB;IAC1C,MAAM,IAAI,GAAc;QACtB;YACE,IAAI,EAAE,uBAAuB;YAC7B,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,0EAA0E,EAAE;gBAC5I,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,qEAAqE,EAAE;gBACtI,EAAE,IAAI,EAAE,iCAAiC,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,+DAA+D,EAAE;gBAC7I,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,8EAA8E,EAAE;aACzJ;SACF;KACF,CAAC;IAEF,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,0BAA0B;YAChC,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,mCAAmC,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,+DAA+D,EAAE;gBAC/I,EAAE,IAAI,EAAE,yCAAyC,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,sEAAsE,EAAE;gBAC5J,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,6DAA6D,EAAE;gBAChI,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,0DAA0D,EAAE;aAChI;SACF,CAAC,CAAC;IACL,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,4BAA4B;YAClC,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,iFAAiF,EAAE;gBACtJ,EAAE,IAAI,EAAE,6BAA6B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,4DAA4D,EAAE;gBACtI,EAAE,IAAI,EAAE,kCAAkC,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,yDAAyD,EAAE;gBACxI,EAAE,IAAI,EAAE,yBAAyB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,mDAAmD,EAAE;aAC5H;SACF,CAAC,CAAC;IACL,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAoB;IAC7C,MAAM,IAAI,GAAc;QACtB;YACE,IAAI,EAAE,YAAY;YAClB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,oDAAoD,EAAE;gBAC7H,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,6DAA6D,EAAE;aACjI;SACF;QACD;YACE,IAAI,EAAE,WAAW;YACjB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,yDAAyD,EAAE;gBACnH,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,oDAAoD,EAAE;aACpH;SACF;QACD;YACE,IAAI,EAAE,cAAc;YACpB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,qEAAqE,EAAE;gBACvI,EAAE,IAAI,EAAE,mDAAmD,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,4DAA4D,EAAE;gBAC5J,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,6DAA6D,EAAE;aACxI;SACF;KACF,CAAC;IAEF,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,qBAAqB;YAC3B,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,wEAAwE,EAAE;gBACzI,EAAE,IAAI,EAAE,0BAA0B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,+DAA+D,EAAE;gBACtI,EAAE,IAAI,EAAE,gCAAgC,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,0DAA0D,EAAE;aAC1I;SACF,CAAC,CAAC;IACL,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,0BAA0B;YAChC,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,8CAA8C,EAAE;gBACnH,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kEAAkE,EAAE;gBACrI,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,8DAA8D,EAAE;gBACjI,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,iEAAiE,EAAE;aAC7I;SACF,CAAC,CAAC;IACL,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAoB;IAC7C,MAAM,IAAI,GAAc;QACtB;YACE,IAAI,EAAE,gBAAgB;YACtB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,gCAAgC,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,mGAAmG,EAAE;gBAChL,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,uEAAuE,EAAE;gBAChJ,EAAE,IAAI,EAAE,yBAAyB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,gDAAgD,EAAE;aACvH;SACF;QACD;YACE,IAAI,EAAE,UAAU;YAChB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,sEAAsE,EAAE;gBAC3I,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,qEAAqE,EAAE;gBAC9I,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,4CAA4C,EAAE;aACjH;SACF;QACD;YACE,IAAI,EAAE,SAAS;YACf,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,uDAAuD,EAAE;gBACxH,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,gDAAgD,EAAE;gBACzH,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,4CAA4C,EAAE;aACtG;SACF;KACF,CAAC;IAEF,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,IAAI,CACP;YACE,IAAI,EAAE,sBAAsB;YAC5B,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,0EAA0E,EAAE;gBAC5I,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,yDAAyD,EAAE;gBACtH,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,sDAAsD,EAAE;aAC9H;SACF,EACD;YACE,IAAI,EAAE,MAAM;YACZ,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,wEAAwE,EAAE;gBACxI,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,6DAA6D,EAAE;gBAClI,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,uEAAuE,EAAE;aACzI;SACF,CACF,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,CACP;YACE,IAAI,EAAE,oBAAoB;YAC1B,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,0BAA0B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,yEAAyE,EAAE;gBAChJ,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,kEAAkE,EAAE;gBACtI,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,oDAAoD,EAAE;aACpH;SACF,EACD;YACE,IAAI,EAAE,cAAc;YACpB,SAAS,EAAE,IAAI;YACf,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,0FAA0F,EAAE;gBAC9J,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,4EAA4E,EAAE;gBACpJ,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,8DAA8D,EAAE;gBACvI,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,kEAAkE,EAAE;aACrI;SACF,CACF,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,8EAA8E;AAC9E,+BAA+B;AAC/B,8EAA8E;AAE9E,MAAM,mBAAmB,GAAmC;IAC1D,yBAAyB,EAAE;QACzB,4CAA4C;QAC5C,gEAAgE;QAChE,kDAAkD;QAClD,6DAA6D;KAC9D;IACD,uBAAuB,EAAE;QACvB,+CAA+C;QAC/C,yDAAyD;QACzD,8DAA8D;QAC9D,6DAA6D;KAC9D;IACD,WAAW,EAAE;QACX,mFAAmF;QACnF,mDAAmD;QACnD,gDAAgD;QAChD,2DAA2D;KAC5D;IACD,eAAe,EAAE;QACf,wDAAwD;QACxD,gDAAgD;QAChD,yEAAyE;QACzE,iCAAiC;KAClC;IACD,eAAe,EAAE;QACf,6DAA6D;QAC7D,yEAAyE;QACzE,mDAAmD;QACnD,oEAAoE;QACpE,yDAAyD;KAC1D;CACF,CAAC;AAEF,8EAA8E;AAC9E,4BAA4B;AAC5B,8EAA8E;AAE9E,MAAM,gBAAgB,GAAmC;IACvD,yBAAyB,EAAE,CAAC,6BAA6B,EAAE,yBAAyB,EAAE,2BAA2B,CAAC;IAClH,uBAAuB,EAAI,CAAC,oBAAoB,EAAE,uBAAuB,EAAE,yBAAyB,CAAC;IACrG,WAAW,EAAgB,CAAC,yBAAyB,EAAE,2BAA2B,EAAE,qBAAqB,CAAC;IAC1G,eAAe,EAAY,CAAC,wBAAwB,EAAE,2BAA2B,CAAC;IAClF,eAAe,EAAY,CAAC,uBAAuB,EAAE,uBAAuB,EAAE,uBAAuB,EAAE,gBAAgB,CAAC;CACzH,CAAC;AAEF,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,MAAM,UAAU,sBAAsB,CAAC,IAA6B;IAClE,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC7B,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,MAAM,YAAY,CAChB,gCAAgC,MAAM,CAAC,OAAO,CAAC,0BAA0B,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAC3G,EAAE,YAAY,EAAE,OAAO,EAAE,CAC1B,CAAC;IACJ,CAAC;IACD,MAAM,YAAY,GAAG,OAAO,CAAC;IAE7B,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;IACvC,IAAI,CAAC,gBAAgB,CAAC,YAAY,CAAC,EAAE,CAAC;QACpC,MAAM,YAAY,CAChB,wBAAwB,MAAM,CAAC,YAAY,CAAC,oCAAoC,EAChF,EAAE,YAAY,EAAE,YAAY,EAAE,CAC/B,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,YAAY,CAAC;IAE/B,gFAAgF;IAChF,kDAAkD;IAElD,IAAI,QAAmB,CAAC;IACxB,QAAQ,YAAY,EAAE,CAAC;QACrB,KAAK,yBAAyB;YAC5B,QAAQ,GAAG,2BAA2B,CAAC,SAAS,CAAC,CAAC;YAClD,MAAM;QACR,KAAK,uBAAuB;YAC1B,QAAQ,GAAG,wBAAwB,CAAC,SAAS,CAAC,CAAC;YAC/C,MAAM;QACR,KAAK,WAAW;YACd,QAAQ,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;YACrC,MAAM;QACR,KAAK,eAAe;YAClB,QAAQ,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;YACxC,MAAM;QACR,KAAK,eAAe;YAClB,QAAQ,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;YACxC,MAAM;IACV,CAAC;IAED,OAAO;QACL,YAAY;QACZ,SAAS;QACT,QAAQ;QACR,kBAAkB,EAAE,mBAAmB,CAAC,YAAY,CAAC;QACrD,eAAe,EAAE,gBAAgB,CAAC,YAAY,CAAC;KAChD,CAAC;AACJ,CAAC"}

package/dist/tools/generate-document.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/tools/generate-document.test.js

@@ -0,0 +1,189 @@
+import { describe, it, expect } from "vitest";
+import { handleGenerateDocument } from "./generate-document.js";
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function call(args) {
+    return handleGenerateDocument(args);
+}
+// ---------------------------------------------------------------------------
+// Validation
+// ---------------------------------------------------------------------------
+describe("handleGenerateDocument — validation", () => {
+    it("throws rpcError -32602 for invalid type", () => {
+        let err;
+        try {
+            call({ type: "invalid-type", riskLevel: "L1" });
+        }
+        catch (e) {
+            err = e;
+        }
+        expect(err).toBeInstanceOf(Error);
+        expect(err.rpcError?.code).toBe(-32602);
+        expect(err.message).toContain("invalid-type");
+    });
+    it("throws rpcError -32602 for invalid riskLevel", () => {
+        let err;
+        try {
+            call({ type: "checklist", riskLevel: "L4" });
+        }
+        catch (e) {
+            err = e;
+        }
+        expect(err).toBeInstanceOf(Error);
+        expect(err.rpcError?.code).toBe(-32602);
+        expect(err.message).toContain("L4");
+    });
+    it("throws rpcError -32602 when type is missing", () => {
+        let err;
+        try {
+            call({ riskLevel: "L1" });
+        }
+        catch (e) {
+            err = e;
+        }
+        expect(err).toBeInstanceOf(Error);
+        expect(err.rpcError?.code).toBe(-32602);
+    });
+    it("throws rpcError -32602 when riskLevel is missing", () => {
+        let err;
+        try {
+            call({ type: "checklist" });
+        }
+        catch (e) {
+            err = e;
+        }
+        expect(err).toBeInstanceOf(Error);
+        expect(err.rpcError?.code).toBe(-32602);
+    });
+});
+// ---------------------------------------------------------------------------
+// Output structure
+// ---------------------------------------------------------------------------
+describe("handleGenerateDocument — output structure", () => {
+    it("returns required fields for all 5 types at L1", () => {
+        const types = [
+            "classification-template",
+            "threat-model-template",
+            "checklist",
+            "training-plan",
+            "secure-config"
+        ];
+        for (const type of types) {
+            const result = call({ type, riskLevel: "L1" });
+            expect(result.documentType).toBe(type);
+            expect(result.riskLevel).toBe("L1");
+            expect(result.sections.length).toBeGreaterThan(0);
+            expect(result.acceptanceCriteria.length).toBeGreaterThan(0);
+            expect(result.relevantBundles.length).toBeGreaterThan(0);
+        }
+    });
+    it("context field is accepted but does not change output structure", () => {
+        const withContext = call({
+            type: "checklist",
+            riskLevel: "L1",
+            context: { projectName: "Test", team: "Dev" }
+        });
+        const withoutContext = call({
+            type: "checklist",
+            riskLevel: "L1"
+        });
+        expect(withContext.sections).toEqual(withoutContext.sections);
+    });
+});
+// ---------------------------------------------------------------------------
+// L1/L2/L3 progression
+// ---------------------------------------------------------------------------
+describe("handleGenerateDocument — risk level progression", () => {
+    it("L3 has more sections than L1 for classification-template", () => {
+        const l1 = call({ type: "classification-template", riskLevel: "L1" });
+        const l3 = call({ type: "classification-template", riskLevel: "L3" });
+        expect(l3.sections.length).toBeGreaterThan(l1.sections.length);
+    });
+    it("L3 has more sections than L2 for threat-model-template", () => {
+        const l2 = call({ type: "threat-model-template", riskLevel: "L2" });
+        const l3 = call({ type: "threat-model-template", riskLevel: "L3" });
+        expect(l3.sections.length).toBeGreaterThanOrEqual(l2.sections.length);
+    });
+    it("L2 has more sections than L1 for secure-config", () => {
+        const l1 = call({ type: "secure-config", riskLevel: "L1" });
+        const l2 = call({ type: "secure-config", riskLevel: "L2" });
+        expect(l2.sections.length).toBeGreaterThan(l1.sections.length);
+    });
+    it("all types produce sections at all risk levels", () => {
+        const types = [
+            "classification-template",
+            "threat-model-template",
+            "checklist",
+            "training-plan",
+            "secure-config"
+        ];
+        const levels = ["L1", "L2", "L3"];
+        for (const type of types) {
+            for (const riskLevel of levels) {
+                const result = call({ type, riskLevel });
+                expect(result.sections.length).toBeGreaterThan(0);
+            }
+        }
+    });
+});
+// ---------------------------------------------------------------------------
+// relevantBundles
+// ---------------------------------------------------------------------------
+describe("handleGenerateDocument — relevantBundles", () => {
+    it("classification-template has expected bundles", () => {
+        const result = call({ type: "classification-template", riskLevel: "L1" });
+        expect(result.relevantBundles).toContain("01-classificacao-aplicacoes");
+        expect(result.relevantBundles).toContain("02-requisitos-seguranca");
+    });
+    it("threat-model-template includes 03-threat-modeling", () => {
+        const result = call({ type: "threat-model-template", riskLevel: "L2" });
+        expect(result.relevantBundles).toContain("03-threat-modeling");
+    });
+    it("secure-config includes infrastructure bundles", () => {
+        const result = call({ type: "secure-config", riskLevel: "L1" });
+        expect(result.relevantBundles).toContain("08-iac-infraestrutura");
+        expect(result.relevantBundles).toContain("09-containers-imagens");
+    });
+    it("training-plan includes 13-formacao-onboarding", () => {
+        const result = call({ type: "training-plan", riskLevel: "L1" });
+        expect(result.relevantBundles).toContain("13-formacao-onboarding");
+    });
+});
+// ---------------------------------------------------------------------------
+// Section fields
+// ---------------------------------------------------------------------------
+describe("handleGenerateDocument — section fields", () => {
+    it("each field has name, required, and guidance", () => {
+        const result = call({ type: "checklist", riskLevel: "L2" });
+        for (const section of result.sections) {
+            expect(typeof section.name).toBe("string");
+            expect(typeof section.mandatory).toBe("boolean");
+            for (const field of section.fields) {
+                expect(typeof field.name).toBe("string");
+                expect(["mandatory", "conditional", "optional"]).toContain(field.required);
+                expect(typeof field.guidance).toBe("string");
+                expect(field.guidance.length).toBeGreaterThan(0);
+            }
+        }
+    });
+    it("guidance never contains pre-filled substantive content (only instructions)", () => {
+        const types = [
+            "classification-template",
+            "threat-model-template",
+            "checklist",
+            "training-plan",
+            "secure-config"
+        ];
+        for (const type of types) {
+            const result = call({ type, riskLevel: "L2" });
+            for (const section of result.sections) {
+                for (const field of section.fields) {
+                    // guidance should be instructional — check it's not suspiciously long pre-filled content
+                    expect(field.guidance.length).toBeLessThan(300);
+                }
+            }
+        }
+    });
+});
+//# sourceMappingURL=generate-document.test.js.map

package/dist/tools/generate-document.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate-document.test.js","sourceRoot":"","sources":["../../src/tools/generate-document.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAEhE,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,IAAI,CAAC,IAA6B;IACzC,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC;AACtC,CAAC;AAED,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E,QAAQ,CAAC,qCAAqC,EAAE,GAAG,EAAE;IACnD,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAClD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,GAAG,CAAC,CAAC;QACV,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAClC,MAAM,CAAE,GAA+C,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC;QACrF,MAAM,CAAE,GAAa,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC/C,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,GAAG,CAAC,CAAC;QACV,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAClC,MAAM,CAAE,GAA+C,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC;QACrF,MAAM,CAAE,GAAa,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,GAAG,CAAC,CAAC;QACV,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAClC,MAAM,CAAE,GAA+C,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,GAAG,GAAG,CAAC,CAAC;QACV,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAClC,MAAM,CAAE,GAA+C,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC;IACvF,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E,QAAQ,CAAC,2CAA2C,EAAE,GAAG,EAAE;IACzD,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,KAAK,GAAG;YACZ,yBAAyB;YACzB,uBAAuB;YACvB,WAAW;YACX,eAAe;YACf,eAAe;SACP,CAAC;QAEX,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAM5C,CAAC;YACF,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAClD,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC5D,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gEAAgE,EAAE,GAAG,EAAE;QACxE,MAAM,WAAW,GAAG,IAAI,CAAC;YACvB,IAAI,EAAE,WAAW;YACjB,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE;SAC9C,CAA4B,CAAC;QAC9B,MAAM,cAAc,GAAG,IAAI,CAAC;YAC1B,IAAI,EAAE,WAAW;YACjB,SAAS,EAAE,IAAI;SAChB,CAA4B,CAAC;QAC9B,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,uBAAuB;AACvB,8EAA8E;AAE9E,QAAQ,CAAC,iDAAiD,EAAE,GAAG,EAAE;IAC/D,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;QAClE,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,yBAAyB,EAAE,SAAS,EAAE,IAAI,EAAE,CAA4B,CAAC;QACjG,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,yBAAyB,EAAE,SAAS,EAAE,IAAI,EAAE,CAA4B,CAAC;QACjG,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;QAChE,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,uBAAuB,EAAE,SAAS,EAAE,IAAI,EAAE,CAA4B,CAAC;QAC/F,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,uBAAuB,EAAE,SAAS,EAAE,IAAI,EAAE,CAA4B,CAAC;QAC/F,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACxE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,SAAS,EAAE,IAAI,EAAE,CAA4B,CAAC;QACvF,MAAM,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,SAAS,EAAE,IAAI,EAAE,CAA4B,CAAC;QACvF,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,KAAK,GAAG;YACZ,yBAAyB;YACzB,uBAAuB;YACvB,WAAW;YACX,eAAe;YACf,eAAe;SACP,CAAC;QACX,MAAM,MAAM,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAU,CAAC;QAE3C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,KAAK,MAAM,SAAS,IAAI,MAAM,EAAE,CAAC;gBAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,CAA4B,CAAC;gBACpE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,kBAAkB;AAClB,8EAA8E;AAE9E,QAAQ,CAAC,0CAA0C,EAAE,GAAG,EAAE;IACxD,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,yBAAyB,EAAE,SAAS,EAAE,IAAI,EAAE,CAEvE,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,6BAA6B,CAAC,CAAC;QACxE,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,uBAAuB,EAAE,SAAS,EAAE,IAAI,EAAE,CAErE,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,SAAS,EAAE,IAAI,EAAE,CAE7D,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;QAClE,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,SAAS,EAAE,IAAI,EAAE,CAE7D,CAAC;QACF,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,wBAAwB,CAAC,CAAC;IACrE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E,QAAQ,CAAC,yCAAyC,EAAE,GAAG,EAAE;IACvD,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,EAAE,CAMzD,CAAC;QACF,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,MAAM,CAAC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,OAAO,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACjD,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;gBACnC,MAAM,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACzC,MAAM,CAAC,CAAC,WAAW,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAC3E,MAAM,CAAC,OAAO,KAAK,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC7C,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACnD,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4EAA4E,EAAE,GAAG,EAAE;QACpF,MAAM,KAAK,GAAG;YACZ,yBAAyB;YACzB,uBAAuB;YACvB,WAAW;YACX,eAAe;YACf,eAAe;SACP,CAAC;QACX,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAE5C,CAAC;YACF,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACtC,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;oBACnC,yFAAyF;oBACzF,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/tools/map-review-scope.d.ts

@@ -0,0 +1,20 @@
+type BundleCategory = "foundation" | "domain" | "operational";
+interface BundleToReview {
+    chapterId: string;
+    readableTitle: string;
+    category: BundleCategory;
+    reason: string;
+    expectedEvidence: string[];
+}
+interface PathMappingEntry {
+    pattern: string;
+    matchedFiles: string[];
+    bundles: string[];
+}
+interface MapReviewScopeResult {
+    bundlesToReview: BundleToReview[];
+    pathMapping: PathMappingEntry[];
+    nextSteps: string[];
+}
+export declare function handleMapSbdToeReviewScope(args: Record<string, unknown>): MapReviewScopeResult;
+export {};