@skillsmith/core 0.1.0

package/dist/src/security/sanitization.js

@@ -0,0 +1,378 @@
+/**
+ * SMI-732: Input Sanitization Library
+ * SMI-750: Added input length limits to prevent ReDoS attacks
+ *
+ * Provides comprehensive input sanitization functions for:
+ * - HTML content (XSS prevention)
+ * - File names (path traversal prevention)
+ * - File paths (directory traversal prevention)
+ * - URLs (injection prevention)
+ *
+ * All functions are defensive and return safe defaults on invalid input.
+ * All functions accept maxLength parameter to prevent ReDoS attacks.
+ */
+import { createLogger } from '../utils/logger.js';
+const logger = createLogger('Sanitization');
+/** Default maximum input length for sanitization functions to prevent ReDoS */
+export const DEFAULT_MAX_LENGTH = 100000;
+/**
+ * Sanitize HTML content to prevent XSS attacks
+ *
+ * Removes dangerous tags, attributes, and JavaScript while preserving safe HTML.
+ * Uses a whitelist approach for maximum security.
+ *
+ * @param input - Raw HTML string
+ * @param maxLength - Maximum allowed input length (default: 100000)
+ * @returns Sanitized HTML safe for rendering
+ *
+ * @example
+ * ```typescript
+ * sanitizeHtml('<script>alert("XSS")</script><p>Hello</p>')
+ * // Returns: '<p>Hello</p>'
+ * ```
+ */
+export function sanitizeHtml(input, maxLength = DEFAULT_MAX_LENGTH) {
+    if (!input || typeof input !== 'string') {
+        return '';
+    }
+    if (input.length > maxLength) {
+        logger.warn('Input exceeds max length for sanitization', {
+            length: input.length,
+            maxLength,
+            function: 'sanitizeHtml',
+        });
+        return '';
+    }
+    // Remove script tags and their content
+    let sanitized = input.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '');
+    // Remove event handlers (onclick, onerror, etc.)
+    sanitized = sanitized.replace(/\son\w+\s*=\s*["'][^"']*["']/gi, '');
+    sanitized = sanitized.replace(/\son\w+\s*=\s*[^\s>]*/gi, '');
+    // Remove javascript: protocol
+    sanitized = sanitized.replace(/javascript:/gi, '');
+    // Remove data: protocol (can be used for XSS)
+    sanitized = sanitized.replace(/data:text\/html/gi, '');
+    // Remove vbscript: protocol
+    sanitized = sanitized.replace(/vbscript:/gi, '');
+    // Remove object and embed tags
+    sanitized = sanitized.replace(/<(object|embed|iframe|frame|frameset)[^>]*>/gi, '');
+    // Remove style tags (can contain javascript)
+    sanitized = sanitized.replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, '');
+    // Remove import statements in style attributes
+    sanitized = sanitized.replace(/style\s*=\s*["'][^"']*@import[^"']*["']/gi, '');
+    // Log if significant sanitization occurred
+    if (sanitized !== input) {
+        logger.debug('HTML sanitized', {
+            originalLength: input.length,
+            sanitizedLength: sanitized.length,
+        });
+    }
+    return sanitized;
+}
+/**
+ * Sanitize file name to prevent path traversal and invalid characters
+ *
+ * Removes:
+ * - Path separators (/, \)
+ * - Parent directory references (..)
+ * - Hidden file markers (leading .)
+ * - Special characters that are invalid in file names
+ * - Control characters
+ *
+ * @param name - Raw file name
+ * @param maxLength - Maximum allowed input length (default: 100000)
+ * @returns Safe file name or empty string if invalid
+ *
+ * @example
+ * ```typescript
+ * sanitizeFileName('../../../etc/passwd')
+ * // Returns: 'etcpasswd'
+ *
+ * sanitizeFileName('my-file.txt')
+ * // Returns: 'my-file.txt'
+ * ```
+ */
+export function sanitizeFileName(name, maxLength = DEFAULT_MAX_LENGTH) {
+    if (!name || typeof name !== 'string') {
+        return '';
+    }
+    if (name.length > maxLength) {
+        logger.warn('Input exceeds max length for sanitization', {
+            length: name.length,
+            maxLength,
+            function: 'sanitizeFileName',
+        });
+        return '';
+    }
+    let sanitized = name;
+    // Remove path separators
+    sanitized = sanitized.replace(/[/\\]/g, '');
+    // Remove leading dots (hidden files)
+    sanitized = sanitized.replace(/^\.+/, '');
+    // Remove control characters (0x00-0x1f, 0x7f)
+    // eslint-disable-next-line no-control-regex -- Intentional security check
+    sanitized = sanitized.replace(/[\x00-\x1f\x7f]/g, '');
+    // Remove special characters that are invalid in file names
+    // Keep: alphanumeric, hyphen, underscore, dot, space
+    sanitized = sanitized.replace(/[^a-zA-Z0-9._\-\s]/g, '');
+    // Collapse multiple consecutive dots to single dot (BEFORE parent dir check)
+    // This handles cases like 'file....txt' -> 'file.txt'
+    sanitized = sanitized.replace(/\.{2,}/g, '.');
+    // Remove multiple consecutive spaces
+    sanitized = sanitized.replace(/\s{2,}/g, ' ');
+    // Trim whitespace
+    sanitized = sanitized.trim();
+    // Ensure it's not empty and not too long
+    if (sanitized.length === 0 || sanitized.length > 255) {
+        logger.warn('Invalid file name after sanitization', { original: name });
+        return '';
+    }
+    // Reserved file names on Windows
+    const reservedNames = [
+        'CON',
+        'PRN',
+        'AUX',
+        'NUL',
+        'COM1',
+        'COM2',
+        'COM3',
+        'COM4',
+        'COM5',
+        'COM6',
+        'COM7',
+        'COM8',
+        'COM9',
+        'LPT1',
+        'LPT2',
+        'LPT3',
+        'LPT4',
+        'LPT5',
+        'LPT6',
+        'LPT7',
+        'LPT8',
+        'LPT9',
+    ];
+    const baseName = sanitized.split('.')[0].toUpperCase();
+    if (reservedNames.includes(baseName)) {
+        logger.warn('Reserved file name detected', { name: sanitized });
+        return `${sanitized}_safe`;
+    }
+    if (sanitized !== name) {
+        logger.debug('File name sanitized', { original: name, sanitized });
+    }
+    return sanitized;
+}
+/**
+ * Sanitize file path to prevent directory traversal attacks
+ *
+ * Ensures the path:
+ * - Does not escape the root directory
+ * - Contains no parent directory references
+ * - Uses forward slashes consistently
+ * - Is normalized
+ *
+ * @param path - Raw file path
+ * @param rootDir - Root directory to constrain path to (optional)
+ * @param maxLength - Maximum allowed input length (default: 100000)
+ * @returns Safe path or empty string if invalid
+ *
+ * @example
+ * ```typescript
+ * sanitizePath('../../../etc/passwd', '/app/data')
+ * // Returns: ''
+ *
+ * sanitizePath('user/files/doc.txt', '/app/data')
+ * // Returns: 'user/files/doc.txt'
+ * ```
+ */
+export function sanitizePath(path, rootDir, maxLength = DEFAULT_MAX_LENGTH) {
+    if (!path || typeof path !== 'string') {
+        return '';
+    }
+    if (path.length > maxLength) {
+        logger.warn('Input exceeds max length for sanitization', {
+            length: path.length,
+            maxLength,
+            function: 'sanitizePath',
+        });
+        return '';
+    }
+    let sanitized = path;
+    // Normalize path separators to forward slashes
+    sanitized = sanitized.replace(/\\/g, '/');
+    // Remove leading slashes for relative path handling
+    const isAbsolute = sanitized.startsWith('/');
+    sanitized = sanitized.replace(/^\/+/, '');
+    // Check for leading parent directory references - reject these paths entirely
+    // This catches '../../../etc/passwd' and './../file' type attacks
+    if (/^\.?\/?\.\./.test(sanitized)) {
+        logger.warn('Path traversal attempt detected', { path });
+        return '';
+    }
+    // Split into segments and process them
+    // Track depth and traversal count to detect escape attempts
+    // '..' segments are filtered out (security measure), but if there are more
+    // '..' than valid segments, we stop processing (escape attempt)
+    const rawSegments = sanitized.split('/');
+    const segments = [];
+    let depth = 0;
+    let traversalCount = 0;
+    for (const segment of rawSegments) {
+        // Remove empty segments and '.'
+        if (!segment || segment === '.')
+            continue;
+        // Handle parent directory references
+        if (segment === '..') {
+            traversalCount++;
+            if (traversalCount > depth) {
+                // Would escape - stop processing and return what we have
+                logger.warn('Path traversal attempt detected', { path, segment });
+                break;
+            }
+            // Just filter out '..' (don't resolve it, just remove it for security)
+            continue;
+        }
+        // Block segments with control characters
+        // eslint-disable-next-line no-control-regex -- Intentional security check
+        if (/[\x00-\x1f\x7f]/.test(segment)) {
+            logger.warn('Control characters in path segment', { path, segment });
+            continue;
+        }
+        // Sanitize and add segment
+        const sanitizedSegment = sanitizeFileName(segment);
+        if (sanitizedSegment.length > 0) {
+            segments.push(sanitizedSegment);
+            depth++;
+        }
+    }
+    // Rebuild path
+    sanitized = segments.join('/');
+    // Restore leading slash if original was absolute
+    if (isAbsolute && sanitized.length > 0) {
+        sanitized = '/' + sanitized;
+    }
+    // If rootDir is provided, ensure path doesn't escape it
+    if (rootDir && sanitized.length > 0) {
+        const normalizedRoot = rootDir.replace(/\\/g, '/').replace(/\/+$/, '');
+        const fullPath = isAbsolute ? sanitized : `${normalizedRoot}/${sanitized}`;
+        if (!fullPath.startsWith(normalizedRoot + '/') && fullPath !== normalizedRoot) {
+            logger.warn('Path escapes root directory', {
+                path,
+                rootDir,
+                fullPath,
+            });
+            return '';
+        }
+    }
+    if (sanitized !== path) {
+        logger.debug('Path sanitized', { original: path, sanitized });
+    }
+    return sanitized;
+}
+/**
+ * Sanitize URL to prevent injection attacks
+ *
+ * Validates:
+ * - Protocol is http or https
+ * - No javascript:, data:, or vbscript: protocols
+ * - No embedded credentials
+ * - Valid URL structure
+ *
+ * @param url - Raw URL string
+ * @param maxLength - Maximum allowed input length (default: 100000)
+ * @returns Sanitized URL or empty string if invalid
+ *
+ * @example
+ * ```typescript
+ * sanitizeUrl('javascript:alert(1)')
+ * // Returns: ''
+ *
+ * sanitizeUrl('https://example.com/page')
+ * // Returns: 'https://example.com/page'
+ * ```
+ */
+export function sanitizeUrl(url, maxLength = DEFAULT_MAX_LENGTH) {
+    if (!url || typeof url !== 'string') {
+        return '';
+    }
+    if (url.length > maxLength) {
+        logger.warn('Input exceeds max length for sanitization', {
+            length: url.length,
+            maxLength,
+            function: 'sanitizeUrl',
+        });
+        return '';
+    }
+    // Trim whitespace and control characters
+    // eslint-disable-next-line no-control-regex -- Intentional security check
+    const trimmed = url.trim().replace(/[\x00-\x1f\x7f]/g, '');
+    if (trimmed.length === 0) {
+        return '';
+    }
+    try {
+        const parsed = new URL(trimmed);
+        // Only allow http and https protocols
+        if (!['http:', 'https:'].includes(parsed.protocol)) {
+            logger.warn('Invalid URL protocol', { url: trimmed, protocol: parsed.protocol });
+            return '';
+        }
+        // Block URLs with embedded credentials
+        if (parsed.username || parsed.password) {
+            logger.warn('URL contains embedded credentials', { url: trimmed });
+            return '';
+        }
+        // Reconstruct URL to ensure it's properly formatted
+        const sanitized = parsed.toString();
+        if (sanitized !== url) {
+            logger.debug('URL sanitized', { original: url, sanitized });
+        }
+        return sanitized;
+    }
+    catch (error) {
+        logger.warn('Invalid URL format', { url: trimmed, error });
+        return '';
+    }
+}
+/**
+ * Sanitize arbitrary text input for safe storage and display
+ *
+ * Removes:
+ * - Control characters
+ * - Zero-width characters
+ * - Invalid Unicode
+ *
+ * @param input - Raw text input
+ * @param maxLength - Maximum allowed input length (default: 100000)
+ * @returns Sanitized text
+ *
+ * @example
+ * ```typescript
+ * sanitizeText('Hello\x00World\u200B')
+ * // Returns: 'HelloWorld'
+ * ```
+ */
+export function sanitizeText(input, maxLength = DEFAULT_MAX_LENGTH) {
+    if (!input || typeof input !== 'string') {
+        return '';
+    }
+    if (input.length > maxLength) {
+        logger.warn('Input exceeds max length for sanitization', {
+            length: input.length,
+            maxLength,
+            function: 'sanitizeText',
+        });
+        return '';
+    }
+    let sanitized = input;
+    // Remove control characters except newline and tab
+    // eslint-disable-next-line no-control-regex -- Intentional security check
+    sanitized = sanitized.replace(/[\x00-\x08\x0b-\x0c\x0e-\x1f\x7f]/g, '');
+    // Remove zero-width characters
+    sanitized = sanitized.replace(/[\u200b-\u200d\ufeff]/g, '');
+    // Normalize Unicode
+    sanitized = sanitized.normalize('NFC');
+    // Trim
+    sanitized = sanitized.trim();
+    return sanitized;
+}
+//# sourceMappingURL=sanitization.js.map

package/dist/src/security/sanitization.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sanitization.js","sourceRoot":"","sources":["../../../src/security/sanitization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,MAAM,MAAM,GAAG,YAAY,CAAC,cAAc,CAAC,CAAA;AAE3C,+EAA+E;AAC/E,MAAM,CAAC,MAAM,kBAAkB,GAAG,MAAM,CAAA;AAExC;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,SAAS,GAAG,kBAAkB;IACxE,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,uCAAuC;IACvC,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,qDAAqD,EAAE,EAAE,CAAC,CAAA;IAExF,iDAAiD;IACjD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,gCAAgC,EAAE,EAAE,CAAC,CAAA;IACnE,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAAA;IAE5D,8BAA8B;IAC9B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAA;IAElD,8CAA8C;IAC9C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAA;IAEtD,4BAA4B;IAC5B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAA;IAEhD,+BAA+B;IAC/B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,+CAA+C,EAAE,EAAE,CAAC,CAAA;IAElF,6CAA6C;IAC7C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,kDAAkD,EAAE,EAAE,CAAC,CAAA;IAErF,+CAA+C;IAC/C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,2CAA2C,EAAE,EAAE,CAAC,CAAA;IAE9E,2CAA2C;IAC3C,IAAI,SAAS,KAAK,KAAK,EAAE,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE;YAC7B,cAAc,EAAE,KAAK,CAAC,MAAM;YAC5B,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY,EAAE,SAAS,GAAG,kBAAkB;IAC3E,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS;YACT,QAAQ,EAAE,kBAAkB;SAC7B,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,IAAI,CAAA;IAEpB,yBAAyB;IACzB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;IAE3C,qCAAqC;IACrC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAEzC,8CAA8C;IAC9C,0EAA0E;IAC1E,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAA;IAErD,2DAA2D;IAC3D,qDAAqD;IACrD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAA;IAExD,6EAA6E;IAC7E,sDAAsD;IACtD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAE7C,qCAAqC;IACrC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAE7C,kBAAkB;IAClB,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,CAAA;IAE5B,yCAAyC;IACzC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;QACvE,OAAO,EAAE,CAAA;IACX,CAAC;IAED,iCAAiC;IACjC,MAAM,aAAa,GAAG;QACpB,KAAK;QACL,KAAK;QACL,KAAK;QACL,KAAK;QACL,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;KACP,CAAA;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAA;IACtD,IAAI,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;QAC/D,OAAO,GAAG,SAAS,OAAO,CAAA;IAC5B,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,YAAY,CAC1B,IAAY,EACZ,OAAgB,EAChB,SAAS,GAAG,kBAAkB;IAE9B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,IAAI,CAAA;IAEpB,+CAA+C;IAC/C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;IAEzC,oDAAoD;IACpD,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;IAC5C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAEzC,8EAA8E;IAC9E,kEAAkE;IAClE,IAAI,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;QACxD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,uCAAuC;IACvC,4DAA4D;IAC5D,2EAA2E;IAC3E,gEAAgE;IAChE,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,QAAQ,GAAa,EAAE,CAAA;IAC7B,IAAI,KAAK,GAAG,CAAC,CAAA;IACb,IAAI,cAAc,GAAG,CAAC,CAAA;IAEtB,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,OAAO,KAAK,GAAG;YAAE,SAAQ;QAEzC,qCAAqC;QACrC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,cAAc,EAAE,CAAA;YAChB,IAAI,cAAc,GAAG,KAAK,EAAE,CAAC;gBAC3B,yDAAyD;gBACzD,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;gBACjE,MAAK;YACP,CAAC;YACD,uEAAuE;YACvE,SAAQ;QACV,CAAC;QAED,yCAAyC;QACzC,0EAA0E;QAC1E,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;YACpE,SAAQ;QACV,CAAC;QAED,2BAA2B;QAC3B,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;QAClD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YAC/B,KAAK,EAAE,CAAA;QACT,CAAC;IACH,CAAC;IAED,eAAe;IACf,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAE9B,iDAAiD;IACjD,IAAI,UAAU,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,SAAS,GAAG,GAAG,GAAG,SAAS,CAAA;IAC7B,CAAC;IAED,wDAAwD;IACxD,IAAI,OAAO,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;QACtE,MAAM,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,cAAc,IAAI,SAAS,EAAE,CAAA;QAE1E,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,cAAc,GAAG,GAAG,CAAC,IAAI,QAAQ,KAAK,cAAc,EAAE,CAAC;YAC9E,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACzC,IAAI;gBACJ,OAAO;gBACP,QAAQ;aACT,CAAC,CAAA;YACF,OAAO,EAAE,CAAA;QACX,CAAC;IACH,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,SAAS,GAAG,kBAAkB;IACrE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,GAAG,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS;YACT,QAAQ,EAAE,aAAa;SACxB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,yCAAyC;IACzC,0EAA0E;IAC1E,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAA;IAE1D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAA;QAE/B,sCAAsC;QACtC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAA;YAChF,OAAO,EAAE,CAAA;QACX,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAA;YAClE,OAAO,EAAE,CAAA;QACX,CAAC;QAED,oDAAoD;QACpD,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAA;QAEnC,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;YACtB,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,CAAA;QAC7D,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAA;QAC1D,OAAO,EAAE,CAAA;IACX,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,SAAS,GAAG,kBAAkB;IACxE,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,KAAK,CAAA;IAErB,mDAAmD;IACnD,0EAA0E;IAC1E,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,oCAAoC,EAAE,EAAE,CAAC,CAAA;IAEvE,+BAA+B;IAC/B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,wBAAwB,EAAE,EAAE,CAAC,CAAA;IAE3D,oBAAoB;IACpB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IAEtC,OAAO;IACP,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,CAAA;IAE5B,OAAO,SAAS,CAAA;AAClB,CAAC"}

package/dist/src/security/scanner.d.ts

@@ -0,0 +1,151 @@
+/**
+ * SMI-587: Security Scanner
+ * SMI-685: Enhanced security scanning with severity scoring
+ * SMI-882: ReDoS protection with input length limits and safe regex matching
+ * Security scanning for skill content with advanced pattern detection
+ */
+/**
+ * Types of security findings that can be detected
+ */
+export type SecurityFindingType = 'url' | 'sensitive_path' | 'jailbreak' | 'suspicious_pattern' | 'social_engineering' | 'prompt_leaking' | 'data_exfiltration' | 'privilege_escalation';
+/**
+ * Severity levels for security findings
+ */
+export type SecuritySeverity = 'low' | 'medium' | 'high' | 'critical';
+/**
+ * Individual security finding from a scan
+ */
+export interface SecurityFinding {
+    type: SecurityFindingType;
+    severity: SecuritySeverity;
+    message: string;
+    location?: string;
+    lineNumber?: number;
+    /** Category for grouping related findings */
+    category?: string;
+}
+/**
+ * Risk score breakdown by category
+ */
+export interface RiskScoreBreakdown {
+    jailbreak: number;
+    socialEngineering: number;
+    promptLeaking: number;
+    dataExfiltration: number;
+    privilegeEscalation: number;
+    suspiciousCode: number;
+    sensitivePaths: number;
+    externalUrls: number;
+}
+/**
+ * Comprehensive scan report with risk scoring
+ */
+export interface ScanReport {
+    skillId: string;
+    passed: boolean;
+    findings: SecurityFinding[];
+    scannedAt: Date;
+    scanDurationMs: number;
+    /** Overall risk score from 0-100 (0 = safe, 100 = extremely dangerous) */
+    riskScore: number;
+    /** Breakdown of risk score by category */
+    riskBreakdown: RiskScoreBreakdown;
+}
+/**
+ * Configuration options for the security scanner
+ */
+export interface ScannerOptions {
+    allowedDomains?: string[];
+    blockedPatterns?: RegExp[];
+    maxContentLength?: number;
+    /** Risk score threshold for failing a scan (default: 40) */
+    riskThreshold?: number;
+}
+export declare class SecurityScanner {
+    private allowedDomains;
+    private blockedPatterns;
+    private maxContentLength;
+    private riskThreshold;
+    constructor(options?: ScannerOptions);
+    /**
+     * Extract all URLs from content
+     */
+    private extractUrls;
+    /**
+     * Check if URL domain is allowed
+     */
+    private isAllowedDomain;
+    /**
+     * Scan for non-allowlisted URLs
+     */
+    private scanUrls;
+    /**
+     * Scan for sensitive file path references
+     * SMI-882: Uses safeRegexCheck to prevent ReDoS
+     */
+    private scanSensitivePaths;
+    /**
+     * Scan for jailbreak attempts
+     * SMI-882: Uses safeRegexTest to prevent ReDoS
+     */
+    private scanJailbreakPatterns;
+    /**
+     * Scan for suspicious code patterns
+     * SMI-882: Uses safeRegexTest to prevent ReDoS
+     */
+    private scanSuspiciousPatterns;
+    /**
+     * SMI-685: Scan for social engineering attempts
+     * SMI-882: Uses safeRegexTest to prevent ReDoS
+     * Detects patterns like "pretend to be", "roleplay as", "you are now"
+     */
+    private scanSocialEngineering;
+    /**
+     * SMI-685: Scan for prompt leaking attempts
+     * SMI-882: Uses safeRegexTest to prevent ReDoS
+     * Detects patterns like "show me your instructions", "what are your rules"
+     */
+    private scanPromptLeaking;
+    /**
+     * SMI-685: Scan for data exfiltration patterns
+     * SMI-882: Uses safeRegexTest to prevent ReDoS
+     * Detects encoding to external URLs, file upload patterns
+     */
+    private scanDataExfiltration;
+    /**
+     * SMI-685: Scan for privilege escalation patterns
+     * SMI-882: Uses safeRegexTest to prevent ReDoS
+     * Detects sudo with passwords, chmod patterns, root access attempts
+     */
+    private scanPrivilegeEscalation;
+    /**
+     * SMI-685: Calculate risk score from findings
+     * Aggregates multiple findings into a risk score from 0-100
+     * @param findings - Array of security findings
+     * @returns Risk score breakdown and total
+     */
+    calculateRiskScore(findings: SecurityFinding[]): {
+        total: number;
+        breakdown: RiskScoreBreakdown;
+    };
+    /**
+     * Perform full security scan
+     * SMI-685: Enhanced with new pattern detection and risk scoring
+     */
+    scan(skillId: string, content: string): ScanReport;
+    /**
+     * Quick check without full scan
+     * SMI-882: Uses safeRegexCheck to prevent ReDoS
+     */
+    quickCheck(content: string): boolean;
+    /**
+     * Add allowed domain
+     */
+    addAllowedDomain(domain: string): void;
+    /**
+     * Add blocked pattern
+     */
+    addBlockedPattern(pattern: RegExp): void;
+}
+export default SecurityScanner;
+//# sourceMappingURL=scanner.d.ts.map

package/dist/src/security/scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../../src/security/scanner.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAC3B,KAAK,GACL,gBAAgB,GAChB,WAAW,GACX,oBAAoB,GACpB,oBAAoB,GACpB,gBAAgB,GAChB,mBAAmB,GACnB,sBAAsB,CAAA;AAE1B;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAA;AAErE;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,mBAAmB,CAAA;IACzB,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAA;IACjB,iBAAiB,EAAE,MAAM,CAAA;IACzB,aAAa,EAAE,MAAM,CAAA;IACrB,gBAAgB,EAAE,MAAM,CAAA;IACxB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,cAAc,EAAE,MAAM,CAAA;IACtB,cAAc,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,eAAe,EAAE,CAAA;IAC3B,SAAS,EAAE,IAAI,CAAA;IACf,cAAc,EAAE,MAAM,CAAA;IACtB,0EAA0E;IAC1E,SAAS,EAAE,MAAM,CAAA;IACjB,0CAA0C;IAC1C,aAAa,EAAE,kBAAkB,CAAA;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,4DAA4D;IAC5D,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AA6ND,qBAAa,eAAe;IAC1B,OAAO,CAAC,cAAc,CAAa;IACnC,OAAO,CAAC,eAAe,CAAU;IACjC,OAAO,CAAC,gBAAgB,CAAQ;IAChC,OAAO,CAAC,aAAa,CAAQ;gBAEjB,OAAO,GAAE,cAAmB;IAOxC;;OAEG;IACH,OAAO,CAAC,WAAW;IAenB;;OAEG;IACH,OAAO,CAAC,eAAe;IAcvB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAmBhB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAuB1B;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IAwB7B;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAwC9B;;;;OAIG;IACH,OAAO,CAAC,qBAAqB;IAyB7B;;;;OAIG;IACH,OAAO,CAAC,iBAAiB;IAyBzB;;;;OAIG;IACH,OAAO,CAAC,oBAAoB;IAyB5B;;;;OAIG;IACH,OAAO,CAAC,uBAAuB;IAyB/B;;;;;OAKG;IACH,kBAAkB,CAAC,QAAQ,EAAE,eAAe,EAAE,GAAG;QAC/C,KAAK,EAAE,MAAM,CAAA;QACb,SAAS,EAAE,kBAAkB,CAAA;KAC9B;IA0ED;;;OAGG;IACH,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,UAAU;IA8ClD;;;OAGG;IACH,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IASpC;;OAEG;IACH,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAItC;;OAEG;IACH,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;CAGzC;AAED,eAAe,eAAe,CAAA"}