@skillsmith/core 0.4.17 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +29 -0
- package/dist/.tsbuildinfo +1 -1
- package/dist/src/api/client.cache.d.ts +34 -0
- package/dist/src/api/client.cache.d.ts.map +1 -0
- package/dist/src/api/client.cache.js +37 -0
- package/dist/src/api/client.cache.js.map +1 -0
- package/dist/src/api/client.d.ts +32 -104
- package/dist/src/api/client.d.ts.map +1 -1
- package/dist/src/api/client.events.d.ts +39 -0
- package/dist/src/api/client.events.d.ts.map +1 -0
- package/dist/src/api/client.events.js +77 -0
- package/dist/src/api/client.events.js.map +1 -0
- package/dist/src/api/client.js +65 -52
- package/dist/src/api/client.js.map +1 -1
- package/dist/src/api/client.types.d.ts +98 -0
- package/dist/src/api/client.types.d.ts.map +1 -0
- package/dist/src/api/client.types.js +22 -0
- package/dist/src/api/client.types.js.map +1 -0
- package/dist/src/api/event-batcher.d.ts +81 -0
- package/dist/src/api/event-batcher.d.ts.map +1 -0
- package/dist/src/api/event-batcher.js +191 -0
- package/dist/src/api/event-batcher.js.map +1 -0
- package/dist/src/api/index.d.ts +1 -0
- package/dist/src/api/index.d.ts.map +1 -1
- package/dist/src/api/index.js +2 -0
- package/dist/src/api/index.js.map +1 -1
- package/dist/src/api/schemas.d.ts +58 -0
- package/dist/src/api/schemas.d.ts.map +1 -1
- package/dist/src/api/schemas.js +45 -0
- package/dist/src/api/schemas.js.map +1 -1
- package/dist/src/audit/remote-audit.d.ts +28 -0
- package/dist/src/audit/remote-audit.d.ts.map +1 -0
- package/dist/src/audit/remote-audit.js +90 -0
- package/dist/src/audit/remote-audit.js.map +1 -0
- package/dist/src/audit/remote-audit.test.d.ts +2 -0
- package/dist/src/audit/remote-audit.test.d.ts.map +1 -0
- package/dist/src/audit/remote-audit.test.js +81 -0
- package/dist/src/audit/remote-audit.test.js.map +1 -0
- package/dist/src/data/generic-triggers.d.ts +24 -0
- package/dist/src/data/generic-triggers.d.ts.map +1 -0
- package/dist/src/data/generic-triggers.js +19 -0
- package/dist/src/data/generic-triggers.js.map +1 -0
- package/dist/src/data/generic-triggers.json +35 -0
- package/dist/src/db/migration-runner.d.ts +44 -0
- package/dist/src/db/migration-runner.d.ts.map +1 -0
- package/dist/src/db/migration-runner.js +175 -0
- package/dist/src/db/migration-runner.js.map +1 -0
- package/dist/src/db/migration.d.ts.map +1 -1
- package/dist/src/db/migration.js +2 -1
- package/dist/src/db/migration.js.map +1 -1
- package/dist/src/db/migrations/v12-risk-score-history.d.ts +10 -0
- package/dist/src/db/migrations/v12-risk-score-history.d.ts.map +1 -0
- package/dist/src/db/migrations/v12-risk-score-history.js +25 -0
- package/dist/src/db/migrations/v12-risk-score-history.js.map +1 -0
- package/dist/src/db/migrations/v13-team-tables.d.ts +11 -0
- package/dist/src/db/migrations/v13-team-tables.d.ts.map +1 -0
- package/dist/src/db/migrations/v13-team-tables.js +14 -0
- package/dist/src/db/migrations/v13-team-tables.js.map +1 -0
- package/dist/src/db/schema-sql.d.ts +16 -0
- package/dist/src/db/schema-sql.d.ts.map +1 -0
- package/dist/src/db/schema-sql.js +161 -0
- package/dist/src/db/schema-sql.js.map +1 -0
- package/dist/src/db/schema.d.ts +7 -32
- package/dist/src/db/schema.d.ts.map +1 -1
- package/dist/src/db/schema.js +13 -303
- package/dist/src/db/schema.js.map +1 -1
- package/dist/src/exports/repositories.d.ts +1 -0
- package/dist/src/exports/repositories.d.ts.map +1 -1
- package/dist/src/exports/repositories.js +4 -0
- package/dist/src/exports/repositories.js.map +1 -1
- package/dist/src/exports/services.d.ts +2 -1
- package/dist/src/exports/services.d.ts.map +1 -1
- package/dist/src/exports/services.js +1 -0
- package/dist/src/exports/services.js.map +1 -1
- package/dist/src/index.d.ts +5 -1
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +5 -1
- package/dist/src/index.js.map +1 -1
- package/dist/src/repositories/RiskScoreHistoryRepository.d.ts +37 -0
- package/dist/src/repositories/RiskScoreHistoryRepository.d.ts.map +1 -0
- package/dist/src/repositories/RiskScoreHistoryRepository.js +66 -0
- package/dist/src/repositories/RiskScoreHistoryRepository.js.map +1 -0
- package/dist/src/scoring/index.d.ts +1 -0
- package/dist/src/scoring/index.d.ts.map +1 -1
- package/dist/src/scoring/index.js +1 -0
- package/dist/src/scoring/index.js.map +1 -1
- package/dist/src/scoring/quality-score.d.ts +49 -0
- package/dist/src/scoring/quality-score.d.ts.map +1 -0
- package/dist/src/scoring/quality-score.js +73 -0
- package/dist/src/scoring/quality-score.js.map +1 -0
- package/dist/src/scripts/__tests__/scan-imported-skills.test.js +5 -0
- package/dist/src/scripts/__tests__/scan-imported-skills.test.js.map +1 -1
- package/dist/src/security/index.d.ts +2 -0
- package/dist/src/security/index.d.ts.map +1 -1
- package/dist/src/security/index.js +2 -0
- package/dist/src/security/index.js.map +1 -1
- package/dist/src/security/risk-trend.d.ts +21 -0
- package/dist/src/security/risk-trend.d.ts.map +1 -0
- package/dist/src/security/risk-trend.js +81 -0
- package/dist/src/security/risk-trend.js.map +1 -0
- package/dist/src/security/scanner/SecurityScanner.d.ts +2 -0
- package/dist/src/security/scanner/SecurityScanner.d.ts.map +1 -1
- package/dist/src/security/scanner/SecurityScanner.helpers.d.ts.map +1 -1
- package/dist/src/security/scanner/SecurityScanner.helpers.js +14 -8
- package/dist/src/security/scanner/SecurityScanner.helpers.js.map +1 -1
- package/dist/src/security/scanner/SecurityScanner.js +55 -1
- package/dist/src/security/scanner/SecurityScanner.js.map +1 -1
- package/dist/src/security/scanner/index.d.ts +1 -1
- package/dist/src/security/scanner/index.d.ts.map +1 -1
- package/dist/src/security/scanner/index.js +1 -1
- package/dist/src/security/scanner/index.js.map +1 -1
- package/dist/src/security/scanner/patterns.d.ts +6 -0
- package/dist/src/security/scanner/patterns.d.ts.map +1 -1
- package/dist/src/security/scanner/patterns.js +25 -0
- package/dist/src/security/scanner/patterns.js.map +1 -1
- package/dist/src/security/scanner/types.d.ts +2 -1
- package/dist/src/security/scanner/types.d.ts.map +1 -1
- package/dist/src/security/scanner/weights.d.ts.map +1 -1
- package/dist/src/security/scanner/weights.js +1 -0
- package/dist/src/security/scanner/weights.js.map +1 -1
- package/dist/src/services/skill-config-schema.d.ts +36 -0
- package/dist/src/services/skill-config-schema.d.ts.map +1 -0
- package/dist/src/services/skill-config-schema.js +76 -0
- package/dist/src/services/skill-config-schema.js.map +1 -0
- package/dist/src/services/skill-installation.feedback.d.ts +24 -0
- package/dist/src/services/skill-installation.feedback.d.ts.map +1 -0
- package/dist/src/services/skill-installation.feedback.js +37 -0
- package/dist/src/services/skill-installation.feedback.js.map +1 -0
- package/dist/src/services/skill-installation.helpers.d.ts +33 -7
- package/dist/src/services/skill-installation.helpers.d.ts.map +1 -1
- package/dist/src/services/skill-installation.helpers.js +74 -32
- package/dist/src/services/skill-installation.helpers.js.map +1 -1
- package/dist/src/services/skill-installation.service.d.ts +8 -16
- package/dist/src/services/skill-installation.service.d.ts.map +1 -1
- package/dist/src/services/skill-installation.service.js +86 -37
- package/dist/src/services/skill-installation.service.js.map +1 -1
- package/dist/src/services/skill-installation.types.d.ts +22 -0
- package/dist/src/services/skill-installation.types.d.ts.map +1 -1
- package/dist/src/services/skill-installation.types.js.map +1 -1
- package/dist/src/types.d.ts +2 -0
- package/dist/src/types.d.ts.map +1 -1
- package/dist/tests/SecurityScanner.ai-defence.test.d.ts +6 -0
- package/dist/tests/SecurityScanner.ai-defence.test.d.ts.map +1 -0
- package/dist/tests/SecurityScanner.ai-defence.test.js +221 -0
- package/dist/tests/SecurityScanner.ai-defence.test.js.map +1 -0
- package/dist/tests/SecurityScanner.performance.test.d.ts +6 -0
- package/dist/tests/SecurityScanner.performance.test.d.ts.map +1 -0
- package/dist/tests/SecurityScanner.performance.test.js +132 -0
- package/dist/tests/SecurityScanner.performance.test.js.map +1 -0
- package/dist/tests/SecurityScanner.scoring.test.d.ts +6 -0
- package/dist/tests/SecurityScanner.scoring.test.d.ts.map +1 -0
- package/dist/tests/SecurityScanner.scoring.test.js +197 -0
- package/dist/tests/SecurityScanner.scoring.test.js.map +1 -0
- package/dist/tests/SecurityScanner.test.d.ts +2 -2
- package/dist/tests/SecurityScanner.test.js +2 -520
- package/dist/tests/SecurityScanner.test.js.map +1 -1
- package/dist/tests/SkillMatcher.test.js +5 -5
- package/dist/tests/SkillMatcher.test.js.map +1 -1
- package/dist/tests/api/client.cache.test.d.ts +8 -0
- package/dist/tests/api/client.cache.test.d.ts.map +1 -0
- package/dist/tests/api/client.cache.test.js +128 -0
- package/dist/tests/api/client.cache.test.js.map +1 -0
- package/dist/tests/db/schema-migrations.test.js +8 -6
- package/dist/tests/db/schema-migrations.test.js.map +1 -1
- package/dist/tests/integration/events-batch-contract.test.d.ts +12 -0
- package/dist/tests/integration/events-batch-contract.test.d.ts.map +1 -0
- package/dist/tests/integration/events-batch-contract.test.js +69 -0
- package/dist/tests/integration/events-batch-contract.test.js.map +1 -0
- package/dist/tests/scoring/quality-score.test.d.ts +7 -0
- package/dist/tests/scoring/quality-score.test.d.ts.map +1 -0
- package/dist/tests/scoring/quality-score.test.js +78 -0
- package/dist/tests/scoring/quality-score.test.js.map +1 -0
- package/dist/tests/security/ContinuousSecurity.false-positives.test.d.ts +6 -0
- package/dist/tests/security/ContinuousSecurity.false-positives.test.d.ts.map +1 -0
- package/dist/tests/security/ContinuousSecurity.false-positives.test.js +89 -0
- package/dist/tests/security/ContinuousSecurity.false-positives.test.js.map +1 -0
- package/dist/tests/security/ContinuousSecurity.performance.test.d.ts +6 -0
- package/dist/tests/security/ContinuousSecurity.performance.test.d.ts.map +1 -0
- package/dist/tests/security/ContinuousSecurity.performance.test.js +177 -0
- package/dist/tests/security/ContinuousSecurity.performance.test.js.map +1 -0
- package/dist/tests/security/ContinuousSecurity.reporting.test.d.ts +6 -0
- package/dist/tests/security/ContinuousSecurity.reporting.test.d.ts.map +1 -0
- package/dist/tests/security/ContinuousSecurity.reporting.test.js +106 -0
- package/dist/tests/security/ContinuousSecurity.reporting.test.js.map +1 -0
- package/dist/tests/security/ContinuousSecurity.test.d.ts +9 -2
- package/dist/tests/security/ContinuousSecurity.test.d.ts.map +1 -1
- package/dist/tests/security/ContinuousSecurity.test.js +9 -336
- package/dist/tests/security/ContinuousSecurity.test.js.map +1 -1
- package/dist/tests/security/pii-detection.test.d.ts +7 -0
- package/dist/tests/security/pii-detection.test.d.ts.map +1 -0
- package/dist/tests/security/pii-detection.test.js +91 -0
- package/dist/tests/security/pii-detection.test.js.map +1 -0
- package/dist/tests/security/risk-trend.test.d.ts +6 -0
- package/dist/tests/security/risk-trend.test.d.ts.map +1 -0
- package/dist/tests/security/risk-trend.test.js +68 -0
- package/dist/tests/security/risk-trend.test.js.map +1 -0
- package/dist/tests/security/scanner-regression-guard.test.d.ts +12 -0
- package/dist/tests/security/scanner-regression-guard.test.d.ts.map +1 -0
- package/dist/tests/security/scanner-regression-guard.test.js +111 -0
- package/dist/tests/security/scanner-regression-guard.test.js.map +1 -0
- package/dist/tests/services/aidefence-feedback.test.d.ts +6 -0
- package/dist/tests/services/aidefence-feedback.test.d.ts.map +1 -0
- package/dist/tests/services/aidefence-feedback.test.js +115 -0
- package/dist/tests/services/aidefence-feedback.test.js.map +1 -0
- package/dist/tests/services/dep-quarantine-check.test.d.ts +5 -0
- package/dist/tests/services/dep-quarantine-check.test.d.ts.map +1 -0
- package/dist/tests/services/dep-quarantine-check.test.js +92 -0
- package/dist/tests/services/dep-quarantine-check.test.js.map +1 -0
- package/dist/tests/services/skill-config-schema.test.d.ts +5 -0
- package/dist/tests/services/skill-config-schema.test.d.ts.map +1 -0
- package/dist/tests/services/skill-config-schema.test.js +98 -0
- package/dist/tests/services/skill-config-schema.test.js.map +1 -0
- package/dist/tests/unit/api-client-events.test.d.ts +10 -0
- package/dist/tests/unit/api-client-events.test.d.ts.map +1 -0
- package/dist/tests/unit/api-client-events.test.js +73 -0
- package/dist/tests/unit/api-client-events.test.js.map +1 -0
- package/dist/tests/unit/event-batcher.test.d.ts +13 -0
- package/dist/tests/unit/event-batcher.test.d.ts.map +1 -0
- package/dist/tests/unit/event-batcher.test.js +155 -0
- package/dist/tests/unit/event-batcher.test.js.map +1 -0
- package/dist/tests/unit/services/skill-installation-extended.test.d.ts +8 -0
- package/dist/tests/unit/services/skill-installation-extended.test.d.ts.map +1 -0
- package/dist/tests/unit/services/skill-installation-extended.test.js +423 -0
- package/dist/tests/unit/services/skill-installation-extended.test.js.map +1 -0
- package/dist/tests/unit/services/skill-installation.service.test.js +0 -390
- package/dist/tests/unit/services/skill-installation.service.test.js.map +1 -1
- package/package.json +7 -7
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Risk trend detection for supply chain attack monitoring
|
|
3
|
+
* @module @skillsmith/core/security/risk-trend
|
|
4
|
+
* @see SMI-3874: Risk Trend Detection
|
|
5
|
+
*/
|
|
6
|
+
/**
|
|
7
|
+
* Detect anomalous risk score changes that may indicate supply chain attacks.
|
|
8
|
+
* Thresholds: 20pt warning, 35pt critical, 40pt boundary crossing.
|
|
9
|
+
*/
|
|
10
|
+
export function detectRiskTrend(currentScore, history, options) {
|
|
11
|
+
if (history.length === 0) {
|
|
12
|
+
return {
|
|
13
|
+
anomaly: false,
|
|
14
|
+
message: 'No prior scan history for comparison.',
|
|
15
|
+
currentScore,
|
|
16
|
+
previousScore: null,
|
|
17
|
+
delta: 0,
|
|
18
|
+
};
|
|
19
|
+
}
|
|
20
|
+
const previous = history[0];
|
|
21
|
+
const delta = currentScore - previous.riskScore;
|
|
22
|
+
if (options?.isNewCategoryBaseline) {
|
|
23
|
+
return {
|
|
24
|
+
anomaly: false,
|
|
25
|
+
message: 'New scanner category baseline (' +
|
|
26
|
+
previous.riskScore +
|
|
27
|
+
' -> ' +
|
|
28
|
+
currentScore +
|
|
29
|
+
'). Not flagged as anomaly.',
|
|
30
|
+
currentScore,
|
|
31
|
+
previousScore: previous.riskScore,
|
|
32
|
+
delta,
|
|
33
|
+
};
|
|
34
|
+
}
|
|
35
|
+
const crossesBoundary = previous.riskScore < 40 && currentScore >= 40;
|
|
36
|
+
const isLargeJump = delta >= 20;
|
|
37
|
+
const isCriticalJump = delta >= 35;
|
|
38
|
+
const anomaly = isLargeJump || crossesBoundary;
|
|
39
|
+
let message;
|
|
40
|
+
if (isCriticalJump) {
|
|
41
|
+
message =
|
|
42
|
+
'CRITICAL: Risk score jumped from ' +
|
|
43
|
+
previous.riskScore +
|
|
44
|
+
' to ' +
|
|
45
|
+
currentScore +
|
|
46
|
+
' (+' +
|
|
47
|
+
delta +
|
|
48
|
+
'). Possible supply chain compromise.';
|
|
49
|
+
}
|
|
50
|
+
else if (crossesBoundary) {
|
|
51
|
+
message =
|
|
52
|
+
'WARNING: Risk score crossed safety threshold (' +
|
|
53
|
+
previous.riskScore +
|
|
54
|
+
' -> ' +
|
|
55
|
+
currentScore +
|
|
56
|
+
'). Review recent changes.';
|
|
57
|
+
}
|
|
58
|
+
else if (isLargeJump) {
|
|
59
|
+
message =
|
|
60
|
+
'WARNING: Risk score increased by ' +
|
|
61
|
+
delta +
|
|
62
|
+
' points (' +
|
|
63
|
+
previous.riskScore +
|
|
64
|
+
' -> ' +
|
|
65
|
+
currentScore +
|
|
66
|
+
').';
|
|
67
|
+
}
|
|
68
|
+
else {
|
|
69
|
+
message =
|
|
70
|
+
'Risk score stable (' +
|
|
71
|
+
previous.riskScore +
|
|
72
|
+
' -> ' +
|
|
73
|
+
currentScore +
|
|
74
|
+
', delta: ' +
|
|
75
|
+
(delta >= 0 ? '+' : '') +
|
|
76
|
+
delta +
|
|
77
|
+
').';
|
|
78
|
+
}
|
|
79
|
+
return { anomaly, message, currentScore, previousScore: previous.riskScore, delta };
|
|
80
|
+
}
|
|
81
|
+
//# sourceMappingURL=risk-trend.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"risk-trend.js","sourceRoot":"","sources":["../../../src/security/risk-trend.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH;;;GAGG;AACH,MAAM,UAAU,eAAe,CAC7B,YAAoB,EACpB,OAA4B,EAC5B,OAA6C;IAE7C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,uCAAuC;YAChD,YAAY;YACZ,aAAa,EAAE,IAAI;YACnB,KAAK,EAAE,CAAC;SACT,CAAA;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,CAAC,CAAC,CAAA;IAC3B,MAAM,KAAK,GAAG,YAAY,GAAG,QAAQ,CAAC,SAAS,CAAA;IAE/C,IAAI,OAAO,EAAE,qBAAqB,EAAE,CAAC;QACnC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,OAAO,EACL,iCAAiC;gBACjC,QAAQ,CAAC,SAAS;gBAClB,MAAM;gBACN,YAAY;gBACZ,4BAA4B;YAC9B,YAAY;YACZ,aAAa,EAAE,QAAQ,CAAC,SAAS;YACjC,KAAK;SACN,CAAA;IACH,CAAC;IAED,MAAM,eAAe,GAAG,QAAQ,CAAC,SAAS,GAAG,EAAE,IAAI,YAAY,IAAI,EAAE,CAAA;IACrE,MAAM,WAAW,GAAG,KAAK,IAAI,EAAE,CAAA;IAC/B,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE,CAAA;IAClC,MAAM,OAAO,GAAG,WAAW,IAAI,eAAe,CAAA;IAE9C,IAAI,OAAe,CAAA;IACnB,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO;YACL,mCAAmC;gBACnC,QAAQ,CAAC,SAAS;gBAClB,MAAM;gBACN,YAAY;gBACZ,KAAK;gBACL,KAAK;gBACL,sCAAsC,CAAA;IAC1C,CAAC;SAAM,IAAI,eAAe,EAAE,CAAC;QAC3B,OAAO;YACL,gDAAgD;gBAChD,QAAQ,CAAC,SAAS;gBAClB,MAAM;gBACN,YAAY;gBACZ,2BAA2B,CAAA;IAC/B,CAAC;SAAM,IAAI,WAAW,EAAE,CAAC;QACvB,OAAO;YACL,mCAAmC;gBACnC,KAAK;gBACL,WAAW;gBACX,QAAQ,CAAC,SAAS;gBAClB,MAAM;gBACN,YAAY;gBACZ,IAAI,CAAA;IACR,CAAC;SAAM,CAAC;QACN,OAAO;YACL,qBAAqB;gBACrB,QAAQ,CAAC,SAAS;gBAClB,MAAM;gBACN,YAAY;gBACZ,WAAW;gBACX,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvB,KAAK;gBACL,IAAI,CAAA;IACR,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,QAAQ,CAAC,SAAS,EAAE,KAAK,EAAE,CAAA;AACrF,CAAC"}
|
|
@@ -27,6 +27,8 @@ export declare class SecurityScanner {
|
|
|
27
27
|
private scanPromptLeaking;
|
|
28
28
|
private scanDataExfiltration;
|
|
29
29
|
private scanPrivilegeEscalation;
|
|
30
|
+
/** SMI-3864: Detect PII patterns. Email in YAML frontmatter gets low severity. */
|
|
31
|
+
private scanPiiPatterns;
|
|
30
32
|
private scanAIDefenceVulnerabilities;
|
|
31
33
|
/** @deprecated Use standalone calculateRiskScore function for new code */
|
|
32
34
|
calculateRiskScore: typeof calculateRiskScore;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SecurityScanner.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAmB,UAAU,EAAE,cAAc,EAAqB,MAAM,YAAY,CAAA;
|
|
1
|
+
{"version":3,"file":"SecurityScanner.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAmB,UAAU,EAAE,cAAc,EAAqB,MAAM,YAAY,CAAA;AAgBhG,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAA;AAC/D,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,EAEnB,MAAM,8BAA8B,CAAA;AAGrC,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAA;AAG5D,OAAO,EACL,aAAa,EACb,OAAO,EACP,mBAAmB,EACnB,SAAS,EACV,MAAM,iCAAiC,CAAA;AAGxC,OAAO,EACL,WAAW,EACX,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,GACnB,CAAA;AACD,OAAO,EAAE,gBAAgB,EAAE,CAAA;AAC3B,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAA;AAEjE,qBAAa,eAAe;IAC1B,OAAO,CAAC,cAAc,CAAa;IACnC,OAAO,CAAC,eAAe,CAAU;IACjC,OAAO,CAAC,gBAAgB,CAAQ;IAChC,OAAO,CAAC,aAAa,CAAQ;gBAEjB,OAAO,GAAE,cAAmB;IAOxC,OAAO,CAAC,WAAW;IAenB,OAAO,CAAC,eAAe;IAYvB,OAAO,CAAC,QAAQ;IAmBhB,OAAO,CAAC,kBAAkB;IAiC1B,OAAO,CAAC,qBAAqB;IAa7B,OAAO,CAAC,sBAAsB;IAqC9B,OAAO,CAAC,qBAAqB;IAkC7B,OAAO,CAAC,iBAAiB;IAkCzB,OAAO,CAAC,oBAAoB;IAkC5B,OAAO,CAAC,uBAAuB;IAqC/B,kFAAkF;IAClF,OAAO,CAAC,eAAe;IAiDvB,OAAO,CAAC,4BAA4B;IAgBpC,0EAA0E;IAC1E,kBAAkB,4BAAqB;IAEvC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,UAAU;IA2ClD,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IAOpC,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAItC,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAKxC,MAAM,CAAC,aAAa,uBAAgB;IACpC,MAAM,CAAC,OAAO,iBAAU;IACxB,MAAM,CAAC,mBAAmB,6BAAsB;IAChD,MAAM,CAAC,SAAS,mBAAY;CAC7B;AAED,eAAe,eAAe,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SecurityScanner.helpers.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.helpers.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,mBAAmB,EACnB,kBAAkB,EAElB,gBAAgB,EACjB,MAAM,YAAY,CAAA;AAQnB;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,WAAW,EAAE,OAAO,CAAA;IACpB,OAAO,EAAE,OAAO,CAAA;IAChB,cAAc,EAAE,OAAO,CAAA;IACvB,YAAY,EAAE,OAAO,CAAA;CACtB;AAMD;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAK3D;AAMD;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,WAAW,EAAE,CAqCrE;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAEhE;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAW5E;AAMD,UAAU,mBAAmB;IAC3B,IAAI,EAAE,mBAAmB,CAAA;IACzB,aAAa,EAAE,MAAM,CAAA;IACrB,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,mDAAmD;IACnD,UAAU,EAAE,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAA;CACjD;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,CAC9C,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,mBAAmB,EAC3B,YAAY,CAAC,EAAE,WAAW,EAAE,GAC3B,eAAe,EAAE,CAoEnB;AAMD;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,eAAe,EAAE,GAAG;IAC/D,KAAK,EAAE,MAAM,CAAA;IACb,SAAS,EAAE,kBAAkB,CAAA;CAC9B,
|
|
1
|
+
{"version":3,"file":"SecurityScanner.helpers.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.helpers.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,mBAAmB,EACnB,kBAAkB,EAElB,gBAAgB,EACjB,MAAM,YAAY,CAAA;AAQnB;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,WAAW,EAAE,OAAO,CAAA;IACpB,OAAO,EAAE,OAAO,CAAA;IAChB,cAAc,EAAE,OAAO,CAAA;IACvB,YAAY,EAAE,OAAO,CAAA;CACtB;AAMD;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAK3D;AAMD;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,WAAW,EAAE,CAqCrE;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAEhE;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAW5E;AAMD,UAAU,mBAAmB;IAC3B,IAAI,EAAE,mBAAmB,CAAA;IACzB,aAAa,EAAE,MAAM,CAAA;IACrB,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,mDAAmD;IACnD,UAAU,EAAE,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAA;CACjD;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,CAC9C,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,mBAAmB,EAC3B,YAAY,CAAC,EAAE,WAAW,EAAE,GAC3B,eAAe,EAAE,CAoEnB;AAMD;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,eAAe,EAAE,GAAG;IAC/D,KAAK,EAAE,MAAM,CAAA;IACb,SAAS,EAAE,kBAAkB,CAAA;CAC9B,CA+FA"}
|
|
@@ -168,6 +168,7 @@ export function calculateRiskScore(findings) {
|
|
|
168
168
|
externalUrls: 0,
|
|
169
169
|
aiDefence: 0,
|
|
170
170
|
ssrf: 0,
|
|
171
|
+
pii: 0,
|
|
171
172
|
};
|
|
172
173
|
const confidenceWeights = {
|
|
173
174
|
high: 1.0,
|
|
@@ -210,6 +211,9 @@ export function calculateRiskScore(findings) {
|
|
|
210
211
|
case 'ssrf':
|
|
211
212
|
breakdown.ssrf += score;
|
|
212
213
|
break;
|
|
214
|
+
case 'pii':
|
|
215
|
+
breakdown.pii += score;
|
|
216
|
+
break;
|
|
213
217
|
}
|
|
214
218
|
}
|
|
215
219
|
// Cap each category at 100
|
|
@@ -223,16 +227,18 @@ export function calculateRiskScore(findings) {
|
|
|
223
227
|
breakdown.externalUrls = Math.min(100, breakdown.externalUrls);
|
|
224
228
|
breakdown.aiDefence = Math.min(100, breakdown.aiDefence);
|
|
225
229
|
breakdown.ssrf = Math.min(100, breakdown.ssrf);
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
breakdown.
|
|
230
|
+
breakdown.pii = Math.min(100, breakdown.pii);
|
|
231
|
+
const total = Math.min(100, Math.round(breakdown.jailbreak * 0.2 +
|
|
232
|
+
breakdown.socialEngineering * 0.11 +
|
|
233
|
+
breakdown.promptLeaking * 0.11 +
|
|
229
234
|
breakdown.dataExfiltration * 0.08 +
|
|
230
235
|
breakdown.privilegeEscalation * 0.11 +
|
|
231
|
-
breakdown.suspiciousCode * 0.
|
|
232
|
-
breakdown.sensitivePaths * 0.
|
|
233
|
-
breakdown.externalUrls * 0.
|
|
234
|
-
breakdown.aiDefence * 0.
|
|
235
|
-
breakdown.ssrf * 0.04
|
|
236
|
+
breakdown.suspiciousCode * 0.07 +
|
|
237
|
+
breakdown.sensitivePaths * 0.04 +
|
|
238
|
+
breakdown.externalUrls * 0.04 +
|
|
239
|
+
breakdown.aiDefence * 0.12 +
|
|
240
|
+
breakdown.ssrf * 0.04 +
|
|
241
|
+
breakdown.pii * 0.08));
|
|
236
242
|
return { total, breakdown };
|
|
237
243
|
}
|
|
238
244
|
//# sourceMappingURL=SecurityScanner.helpers.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SecurityScanner.helpers.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.helpers.ts"],"names":[],"mappings":"AAAA;;;GAGG;AASH,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AACjE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAA;AAiBhD,+EAA+E;AAC/E,kBAAkB;AAClB,+EAA+E;AAE/E;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAA;IACjC,OAAO,CACL,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,WAAW,CAAC,CAC/F,CAAA;AACH,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,QAAQ,GAAkB,EAAE,CAAA;IAClC,IAAI,iBAAiB,GAAG,KAAK,CAAA;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QAE/B,sDAAsD;QACtD,IAAI,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YACvC,iBAAiB,GAAG,CAAC,iBAAiB,CAAA;QACxC,CAAC;QAED,sCAAsC;QACtC,MAAM,OAAO,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;QAE3C,yEAAyE;QACzE,MAAM,cAAc,GAClB,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;YACxB,CAAC,iBAAiB;YAClB,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC;YAC5B,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;QAE9B,iEAAiE;QACjE,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAA;QAE/D,QAAQ,CAAC,IAAI,CAAC;YACZ,UAAU,EAAE,CAAC,GAAG,CAAC;YACjB,WAAW,EAAE,iBAAiB;YAC9B,OAAO;YACP,cAAc;YACd,YAAY;SACb,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,GAAgB;IACrD,OAAO,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,cAAc,CAAA;AAC7D,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,UAAkB;IACjE,MAAM,aAAa,GAAG,YAAY,CAAA;IAClC,IAAI,KAAK,CAAA;IACT,OAAO,CAAC,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACnD,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAA;QAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QAC7C,IAAI,UAAU,IAAI,SAAS,IAAI,UAAU,GAAG,OAAO,EAAE,CAAC;YACpD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAcD;;;GAGG;AACH,MAAM,UAAU,gCAAgC,CAC9C,OAAe,EACf,MAA2B,EAC3B,YAA4B;IAE5B,MAAM,QAAQ,GAAsB,EAAE,CAAA;IACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;IAChE,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAA;IAEtC,uDAAuD;IACvD,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;YAC7C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;gBAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAA;gBAClE,MAAM,GAAG,GAAG,QAAQ,CAAC,UAAU,GAAG,CAAC,CAAC,CAAA;gBACpC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAA;gBAC7C,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,CAAA;gBAChE,MAAM,QAAQ,GAAG,UAAU,GAAG,UAAU,CAAA;gBACxC,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;gBACjF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;gBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;gBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC3E,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;gBAEvC,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,QAAQ;oBACR,OAAO,EAAE,GAAG,MAAM,CAAC,aAAa,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG;oBACtF,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACvC,UAAU;oBACV,QAAQ,EAAE,MAAM,CAAC,IAAI;oBACrB,sBAAsB,EAAE,YAAY;oBACpC,UAAU;iBACX,CAAC,CAAA;gBACF,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,IAAI,YAAY,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC;YAAE,OAAM;QACvC,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;QAE3B,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,IAAI,kBAAkB,CAAC,OAAO,CAAC;gBAAE,SAAQ;YACzC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;gBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;gBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;gBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAE3E,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,QAAQ;oBACR,OAAO,EAAE,GAAG,MAAM,CAAC,aAAa,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG;oBAClG,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;oBACrB,QAAQ,EAAE,MAAM,CAAC,IAAI;oBACrB,sBAAsB,EAAE,YAAY;oBACpC,UAAU;iBACX,CAAC,CAAA;gBACF,MAAK;YACP,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAA2B;IAI5D,MAAM,SAAS,GAAuB;QACpC,SAAS,EAAE,CAAC;QACZ,iBAAiB,EAAE,CAAC;QACpB,aAAa,EAAE,CAAC;QAChB,gBAAgB,EAAE,CAAC;QACnB,mBAAmB,EAAE,CAAC;QACtB,cAAc,EAAE,CAAC;QACjB,cAAc,EAAE,CAAC;QACjB,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,CAAC;QACZ,IAAI,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"SecurityScanner.helpers.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.helpers.ts"],"names":[],"mappings":"AAAA;;;GAGG;AASH,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AACjE,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAA;AAiBhD,+EAA+E;AAC/E,kBAAkB;AAClB,+EAA+E;AAE/E;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAA;IACjC,OAAO,CACL,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,UAAU,CAAC,UAAU,CAAC,WAAW,CAAC,CAC/F,CAAA;AACH,CAAC;AAED,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,QAAQ,GAAkB,EAAE,CAAA;IAClC,IAAI,iBAAiB,GAAG,KAAK,CAAA;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QAE/B,sDAAsD;QACtD,IAAI,gBAAgB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YACvC,iBAAiB,GAAG,CAAC,iBAAiB,CAAA;QACxC,CAAC;QAED,sCAAsC;QACtC,MAAM,OAAO,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;QAE3C,yEAAyE;QACzE,MAAM,cAAc,GAClB,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;YACxB,CAAC,iBAAiB;YAClB,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC;YAC5B,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;QAE9B,iEAAiE;QACjE,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAA;QAE/D,QAAQ,CAAC,IAAI,CAAC;YACZ,UAAU,EAAE,CAAC,GAAG,CAAC;YACjB,WAAW,EAAE,iBAAiB;YAC9B,OAAO;YACP,cAAc;YACd,YAAY;SACb,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,GAAgB;IACrD,OAAO,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,cAAc,CAAA;AAC7D,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAY,EAAE,UAAkB;IACjE,MAAM,aAAa,GAAG,YAAY,CAAA;IAClC,IAAI,KAAK,CAAA;IACT,OAAO,CAAC,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACnD,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAA;QAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QAC7C,IAAI,UAAU,IAAI,SAAS,IAAI,UAAU,GAAG,OAAO,EAAE,CAAC;YACpD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAcD;;;GAGG;AACH,MAAM,UAAU,gCAAgC,CAC9C,OAAe,EACf,MAA2B,EAC3B,YAA4B;IAE5B,MAAM,QAAQ,GAAsB,EAAE,CAAA;IACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;IAChE,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAA;IAEtC,uDAAuD;IACvD,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;YAC7C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;gBAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAA;gBAClE,MAAM,GAAG,GAAG,QAAQ,CAAC,UAAU,GAAG,CAAC,CAAC,CAAA;gBACpC,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAA;gBAC7C,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,CAAA;gBAChE,MAAM,QAAQ,GAAG,UAAU,GAAG,UAAU,CAAA;gBACxC,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAA;gBACjF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;gBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;gBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAC3E,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;gBAEvC,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,QAAQ;oBACR,OAAO,EAAE,GAAG,MAAM,CAAC,aAAa,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG;oBACtF,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACvC,UAAU;oBACV,QAAQ,EAAE,MAAM,CAAC,IAAI;oBACrB,sBAAsB,EAAE,YAAY;oBACpC,UAAU;iBACX,CAAC,CAAA;gBACF,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,IAAI,YAAY,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC;YAAE,OAAM;QACvC,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;QAE3B,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,IAAI,kBAAkB,CAAC,OAAO,CAAC;gBAAE,SAAQ;YACzC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;gBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;gBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;gBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAA;gBAE3E,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,QAAQ;oBACR,OAAO,EAAE,GAAG,MAAM,CAAC,aAAa,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG;oBAClG,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;oBACrB,QAAQ,EAAE,MAAM,CAAC,IAAI;oBACrB,sBAAsB,EAAE,YAAY;oBACpC,UAAU;iBACX,CAAC,CAAA;gBACF,MAAK;YACP,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAA2B;IAI5D,MAAM,SAAS,GAAuB;QACpC,SAAS,EAAE,CAAC;QACZ,iBAAiB,EAAE,CAAC;QACpB,aAAa,EAAE,CAAC;QAChB,gBAAgB,EAAE,CAAC;QACnB,mBAAmB,EAAE,CAAC;QACtB,cAAc,EAAE,CAAC;QACjB,cAAc,EAAE,CAAC;QACjB,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,CAAC;QACZ,IAAI,EAAE,CAAC;QACP,GAAG,EAAE,CAAC;KACP,CAAA;IAED,MAAM,iBAAiB,GAAsC;QAC3D,IAAI,EAAE,GAAG;QACT,MAAM,EAAE,GAAG;QACX,GAAG,EAAE,GAAG;KACT,CAAA;IAED,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;QACzD,MAAM,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,GAAG,CAAA;QAC5D,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,OAAO,CAAC,UAAU,IAAI,MAAM,CAAC,CAAA;QACxE,MAAM,KAAK,GAAG,cAAc,GAAG,cAAc,GAAG,gBAAgB,CAAA;QAEhE,QAAQ,OAAO,CAAC,IAAI,EAAE,CAAC;YACrB,KAAK,WAAW;gBACd,SAAS,CAAC,SAAS,IAAI,KAAK,CAAA;gBAC5B,MAAK;YACP,KAAK,oBAAoB;gBACvB,SAAS,CAAC,iBAAiB,IAAI,KAAK,CAAA;gBACpC,MAAK;YACP,KAAK,gBAAgB;gBACnB,SAAS,CAAC,aAAa,IAAI,KAAK,CAAA;gBAChC,MAAK;YACP,KAAK,mBAAmB;gBACtB,SAAS,CAAC,gBAAgB,IAAI,KAAK,CAAA;gBACnC,MAAK;YACP,KAAK,sBAAsB;gBACzB,SAAS,CAAC,mBAAmB,IAAI,KAAK,CAAA;gBACtC,MAAK;YACP,KAAK,oBAAoB;gBACvB,SAAS,CAAC,cAAc,IAAI,KAAK,CAAA;gBACjC,MAAK;YACP,KAAK,gBAAgB;gBACnB,SAAS,CAAC,cAAc,IAAI,KAAK,CAAA;gBACjC,MAAK;YACP,KAAK,KAAK;gBACR,SAAS,CAAC,YAAY,IAAI,KAAK,CAAA;gBAC/B,MAAK;YACP,KAAK,YAAY;gBACf,SAAS,CAAC,SAAS,IAAI,KAAK,CAAA;gBAC5B,MAAK;YACP,KAAK,MAAM;gBACT,SAAS,CAAC,IAAI,IAAI,KAAK,CAAA;gBACvB,MAAK;YACP,KAAK,KAAK;gBACR,SAAS,CAAC,GAAG,IAAI,KAAK,CAAA;gBACtB,MAAK;QACT,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,SAAS,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,SAAS,CAAC,CAAA;IACxD,SAAS,CAAC,iBAAiB,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,iBAAiB,CAAC,CAAA;IACxE,SAAS,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,aAAa,CAAC,CAAA;IAChE,SAAS,CAAC,gBAAgB,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,gBAAgB,CAAC,CAAA;IACtE,SAAS,CAAC,mBAAmB,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,mBAAmB,CAAC,CAAA;IAC5E,SAAS,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,cAAc,CAAC,CAAA;IAClE,SAAS,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,cAAc,CAAC,CAAA;IAClE,SAAS,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,YAAY,CAAC,CAAA;IAC9D,SAAS,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,SAAS,CAAC,CAAA;IACxD,SAAS,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,IAAI,CAAC,CAAA;IAC9C,SAAS,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,CAAA;IAE5C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CACpB,GAAG,EACH,IAAI,CAAC,KAAK,CACR,SAAS,CAAC,SAAS,GAAG,GAAG;QACvB,SAAS,CAAC,iBAAiB,GAAG,IAAI;QAClC,SAAS,CAAC,aAAa,GAAG,IAAI;QAC9B,SAAS,CAAC,gBAAgB,GAAG,IAAI;QACjC,SAAS,CAAC,mBAAmB,GAAG,IAAI;QACpC,SAAS,CAAC,cAAc,GAAG,IAAI;QAC/B,SAAS,CAAC,cAAc,GAAG,IAAI;QAC/B,SAAS,CAAC,YAAY,GAAG,IAAI;QAC7B,SAAS,CAAC,SAAS,GAAG,IAAI;QAC1B,SAAS,CAAC,IAAI,GAAG,IAAI;QACrB,SAAS,CAAC,GAAG,GAAG,IAAI,CACvB,CACF,CAAA;IAED,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,CAAA;AAC7B,CAAC"}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Security scanning for skill content with advanced pattern detection.
|
|
5
5
|
*/
|
|
6
|
-
import { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, } from './patterns.js';
|
|
6
|
+
import { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, PII_PATTERNS, } from './patterns.js';
|
|
7
7
|
import { safeRegexTest, safeRegexCheck } from './regex-utils.js';
|
|
8
8
|
import { isMultilinePattern, analyzeMarkdownContext, isDocumentationContext, isWithinInlineCode, calculateRiskScore, scanPatternsWithMultilineSupport, } from './SecurityScanner.helpers.js';
|
|
9
9
|
// Import SSRF scanner
|
|
@@ -248,6 +248,59 @@ export class SecurityScanner {
|
|
|
248
248
|
});
|
|
249
249
|
return findings;
|
|
250
250
|
}
|
|
251
|
+
/** SMI-3864: Detect PII patterns. Email in YAML frontmatter gets low severity. */
|
|
252
|
+
scanPiiPatterns(content, lineContexts) {
|
|
253
|
+
const findings = [];
|
|
254
|
+
const lines = content.split('\n');
|
|
255
|
+
const contexts = lineContexts ?? analyzeMarkdownContext(content);
|
|
256
|
+
let frontmatterEnd = -1;
|
|
257
|
+
if (lines[0]?.trim() === '---') {
|
|
258
|
+
for (let i = 1; i < lines.length; i++) {
|
|
259
|
+
if (lines[i].trim() === '---') {
|
|
260
|
+
frontmatterEnd = i;
|
|
261
|
+
break;
|
|
262
|
+
}
|
|
263
|
+
}
|
|
264
|
+
}
|
|
265
|
+
const emailPatternIndex = 7;
|
|
266
|
+
lines.forEach((line, index) => {
|
|
267
|
+
const ctx = contexts[index];
|
|
268
|
+
const inFrontmatter = index > 0 && index < frontmatterEnd;
|
|
269
|
+
for (let pi = 0; pi < PII_PATTERNS.length; pi++) {
|
|
270
|
+
const pattern = PII_PATTERNS[pi];
|
|
271
|
+
const match = safeRegexTest(pattern, line);
|
|
272
|
+
if (match) {
|
|
273
|
+
const inInlineCode = ctx?.isInlineCode && isWithinInlineCode(line, match.index ?? 0);
|
|
274
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) || inInlineCode : false;
|
|
275
|
+
const isEmailPattern = pi === emailPatternIndex;
|
|
276
|
+
const isAuthorLine = /^\s*(?:author|contact|support|email)\s*:/i.test(line);
|
|
277
|
+
const inEmailSafeContext = isEmailPattern && (inFrontmatter || isAuthorLine);
|
|
278
|
+
let severity;
|
|
279
|
+
if (inEmailSafeContext)
|
|
280
|
+
severity = 'low';
|
|
281
|
+
else if (inDocContext)
|
|
282
|
+
severity = 'medium';
|
|
283
|
+
else if (pi <= 2 || pi === 9)
|
|
284
|
+
severity = 'critical';
|
|
285
|
+
else
|
|
286
|
+
severity = 'high';
|
|
287
|
+
const confidence = inDocContext || inEmailSafeContext ? 'low' : 'high';
|
|
288
|
+
findings.push({
|
|
289
|
+
type: 'pii',
|
|
290
|
+
severity,
|
|
291
|
+
message: `PII detected: ${match[0].slice(0, 40)}${match[0].length > 40 ? '...' : ''}`,
|
|
292
|
+
location: line.trim().slice(0, 100),
|
|
293
|
+
lineNumber: index + 1,
|
|
294
|
+
category: 'pii',
|
|
295
|
+
inDocumentationContext: inDocContext || inEmailSafeContext,
|
|
296
|
+
confidence,
|
|
297
|
+
});
|
|
298
|
+
break;
|
|
299
|
+
}
|
|
300
|
+
}
|
|
301
|
+
});
|
|
302
|
+
return findings;
|
|
303
|
+
}
|
|
251
304
|
scanAIDefenceVulnerabilities(content, lineContexts) {
|
|
252
305
|
return scanPatternsWithMultilineSupport(content, {
|
|
253
306
|
type: 'ai_defence',
|
|
@@ -279,6 +332,7 @@ export class SecurityScanner {
|
|
|
279
332
|
findings.push(...this.scanPrivilegeEscalation(content, lineContexts));
|
|
280
333
|
findings.push(...this.scanAIDefenceVulnerabilities(content, lineContexts));
|
|
281
334
|
findings.push(...scanSsrfPatterns(content, lineContexts));
|
|
335
|
+
findings.push(...this.scanPiiPatterns(content, lineContexts));
|
|
282
336
|
const endTime = performance.now();
|
|
283
337
|
const { total: riskScore, breakdown: riskBreakdown } = calculateRiskScore(findings);
|
|
284
338
|
const hasCritical = findings.some((f) => f.severity === 'critical');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SecurityScanner.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,GACpB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAIhE,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,EAClB,gCAAgC,GACjC,MAAM,8BAA8B,CAAA;AAErC,sBAAsB;AACtB,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAA;AAE5D,iEAAiE;AACjE,OAAO,EACL,aAAa,EACb,OAAO,EACP,mBAAmB,EACnB,SAAS,GACV,MAAM,iCAAiC,CAAA;AAExC,kDAAkD;AAClD,OAAO,EAEL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,GACnB,CAAA;AACD,OAAO,EAAE,gBAAgB,EAAE,CAAA;AAC3B,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAA;AAEjE,MAAM,OAAO,eAAe;IAClB,cAAc,CAAa;IAC3B,eAAe,CAAU;IACzB,gBAAgB,CAAQ;IACxB,aAAa,CAAQ;IAE7B,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,cAAc,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI,uBAAuB,CAAC,CAAA;QAChF,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,CAAA;QACpD,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,SAAS,CAAA,CAAC,MAAM;QACpE,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,EAAE,CAAA;IAClD,CAAC;IAEO,WAAW,CAAC,OAAe;QACjC,MAAM,UAAU,GAAG,4BAA4B,CAAA;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,OAAO,GAAyC,EAAE,CAAA;QAExD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,IAAI,KAAK,CAAA;YACT,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,GAAG,CAAC,EAAE,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,OAAO,CAAA;IAChB,CAAC;IAEO,eAAe,CAAC,GAAW;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;YAC3B,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;YAC9C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,CACzC,CAAC,MAAM,EAAE,EAAE,CAAC,QAAQ,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC,CACnE,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAEO,QAAQ,CAAC,OAAe;QAC9B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QAEtC,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC;YACjC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,KAAK;oBACX,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,kCAAkC,GAAG,EAAE;oBAChD,QAAQ,EAAE,GAAG;oBACb,UAAU,EAAE,IAAI;iBACjB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,kBAAkB,CAAC,OAAe,EAAE,YAA4B;QACtE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,IAAI,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC;oBAClC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;oBAC1C,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,CAAC,CAAC,CAAA;oBACrF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,4CAA4C,OAAO,CAAC,MAAM,EAAE;wBACrE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,OAAO,gCAAgC,CACrC,OAAO,EACP;YACE,IAAI,EAAE,WAAW;YACjB,aAAa,EAAE,sCAAsC;YACrD,QAAQ,EAAE,kBAAkB;YAC5B,UAAU,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SACjC,EACD,YAAY,CACb,CAAA;IACH,CAAC;IAEO,sBAAsB,CAAC,OAAe;QAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,iCAAiC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACrD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;YAED,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC3C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,8BAA8B,KAAK,CAAC,CAAC,CAAC,GAAG;wBAClD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;gBAClD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,oBAAoB;wBAC9B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,iBAAiB,CAAC,OAAe,EAAE,YAA4B;QACrE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,qCAAqC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACzD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,gBAAgB;wBAC1B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,oBAAoB,CAAC,OAAe,EAAE,YAA4B;QACxE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,mBAAmB;wBACzB,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,mBAAmB;wBAC7B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,uBAAuB,CAC7B,OAAe,EACf,YAA4B;QAE5B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,6BAA6B,EAAE,CAAC;gBACpD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,sBAAsB;wBAC5B,QAAQ;wBACR,OAAO,EAAE,2CAA2C,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC/D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,sBAAsB;wBAChC,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,4BAA4B,CAClC,OAAe,EACf,YAA4B;QAE5B,OAAO,gCAAgC,CACrC,OAAO,EACP;YACE,IAAI,EAAE,YAAY;YAClB,aAAa,EAAE,+BAA+B;YAC9C,QAAQ,EAAE,mBAAmB;YAC7B,UAAU,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SACjC,EACD,YAAY,CACb,CAAA;IACH,CAAC;IAED,0EAA0E;IAC1E,kBAAkB,GAAG,kBAAkB,CAAA;IAEvC,IAAI,CAAC,OAAe,EAAE,OAAe;QACnC,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACnC,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEpD,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,mCAAmC,IAAI,CAAC,gBAAgB,SAAS;aAC3E,CAAC,CAAA;QACJ,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAA;QACxC,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAChE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAA;QACtD,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAC/D,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAClE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACrE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAC1E,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAEzD,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACjC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QAEnF,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAA;QACnE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAA;QAC3D,MAAM,gBAAgB,GAAG,SAAS,IAAI,IAAI,CAAC,aAAa,CAAA;QAExD,OAAO;YACL,OAAO;YACP,MAAM,EAAE,CAAC,WAAW,IAAI,CAAC,OAAO,IAAI,CAAC,gBAAgB;YACrD,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,cAAc,EAAE,OAAO,GAAG,SAAS;YACnC,SAAS;YACT,aAAa;SACd,CAAA;IACH,CAAC;IAED,UAAU,CAAC,OAAe;QACxB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,IAAI,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAA;QACpD,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,gBAAgB,CAAC,MAAc;QAC7B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED,iBAAiB,CAAC,OAAe;QAC/B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpC,CAAC;IAED,oEAAoE;IACpE,MAAM,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,MAAM,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,MAAM,CAAC,mBAAmB,GAAG,mBAAmB,CAAA;IAChD,MAAM,CAAC,SAAS,GAAG,SAAS,CAAA;;AAG9B,eAAe,eAAe,CAAA"}
|
|
1
|
+
{"version":3,"file":"SecurityScanner.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,EACnB,YAAY,GACb,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAIhE,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,EAClB,gCAAgC,GACjC,MAAM,8BAA8B,CAAA;AAErC,sBAAsB;AACtB,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAA;AAE5D,iEAAiE;AACjE,OAAO,EACL,aAAa,EACb,OAAO,EACP,mBAAmB,EACnB,SAAS,GACV,MAAM,iCAAiC,CAAA;AAExC,kDAAkD;AAClD,OAAO,EAEL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,GACnB,CAAA;AACD,OAAO,EAAE,gBAAgB,EAAE,CAAA;AAC3B,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAA;AAEjE,MAAM,OAAO,eAAe;IAClB,cAAc,CAAa;IAC3B,eAAe,CAAU;IACzB,gBAAgB,CAAQ;IACxB,aAAa,CAAQ;IAE7B,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,cAAc,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI,uBAAuB,CAAC,CAAA;QAChF,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,CAAA;QACpD,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,SAAS,CAAA,CAAC,MAAM;QACpE,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,EAAE,CAAA;IAClD,CAAC;IAEO,WAAW,CAAC,OAAe;QACjC,MAAM,UAAU,GAAG,4BAA4B,CAAA;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,OAAO,GAAyC,EAAE,CAAA;QAExD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,IAAI,KAAK,CAAA;YACT,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,GAAG,CAAC,EAAE,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,OAAO,CAAA;IAChB,CAAC;IAEO,eAAe,CAAC,GAAW;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;YAC3B,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;YAC9C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,CACzC,CAAC,MAAM,EAAE,EAAE,CAAC,QAAQ,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC,CACnE,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAEO,QAAQ,CAAC,OAAe;QAC9B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QAEtC,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC;YACjC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,KAAK;oBACX,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,kCAAkC,GAAG,EAAE;oBAChD,QAAQ,EAAE,GAAG;oBACb,UAAU,EAAE,IAAI;iBACjB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,kBAAkB,CAAC,OAAe,EAAE,YAA4B;QACtE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,IAAI,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC;oBAClC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;oBAC1C,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,CAAC,CAAC,CAAA;oBACrF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,4CAA4C,OAAO,CAAC,MAAM,EAAE;wBACrE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,OAAO,gCAAgC,CACrC,OAAO,EACP;YACE,IAAI,EAAE,WAAW;YACjB,aAAa,EAAE,sCAAsC;YACrD,QAAQ,EAAE,kBAAkB;YAC5B,UAAU,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SACjC,EACD,YAAY,CACb,CAAA;IACH,CAAC;IAEO,sBAAsB,CAAC,OAAe;QAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,iCAAiC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACrD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;YAED,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC3C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,8BAA8B,KAAK,CAAC,CAAC,CAAC,GAAG;wBAClD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;gBAClD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,oBAAoB;wBAC9B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,iBAAiB,CAAC,OAAe,EAAE,YAA4B;QACrE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,qCAAqC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACzD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,gBAAgB;wBAC1B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,oBAAoB,CAAC,OAAe,EAAE,YAA4B;QACxE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,mBAAmB;wBACzB,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,mBAAmB;wBAC7B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,uBAAuB,CAC7B,OAAe,EACf,YAA4B;QAE5B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,6BAA6B,EAAE,CAAC;gBACpD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,sBAAsB;wBAC5B,QAAQ;wBACR,OAAO,EAAE,2CAA2C,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC/D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,sBAAsB;wBAChC,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,kFAAkF;IAC1E,eAAe,CAAC,OAAe,EAAE,YAA4B;QACnE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAChE,IAAI,cAAc,GAAG,CAAC,CAAC,CAAA;QACvB,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,KAAK,EAAE,CAAC;YAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,KAAK,EAAE,CAAC;oBAC9B,cAAc,GAAG,CAAC,CAAA;oBAClB,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC;QACD,MAAM,iBAAiB,GAAG,CAAC,CAAA;QAC3B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,aAAa,GAAG,KAAK,GAAG,CAAC,IAAI,KAAK,GAAG,cAAc,CAAA;YACzD,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,YAAY,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,YAAY,CAAC,EAAE,CAAC,CAAA;gBAChC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,cAAc,GAAG,EAAE,KAAK,iBAAiB,CAAA;oBAC/C,MAAM,YAAY,GAAG,2CAA2C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;oBAC3E,MAAM,kBAAkB,GAAG,cAAc,IAAI,CAAC,aAAa,IAAI,YAAY,CAAC,CAAA;oBAC5E,IAAI,QAAgD,CAAA;oBACpD,IAAI,kBAAkB;wBAAE,QAAQ,GAAG,KAAK,CAAA;yBACnC,IAAI,YAAY;wBAAE,QAAQ,GAAG,QAAQ,CAAA;yBACrC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC;wBAAE,QAAQ,GAAG,UAAU,CAAA;;wBAC9C,QAAQ,GAAG,MAAM,CAAA;oBACtB,MAAM,UAAU,GAAsB,YAAY,IAAI,kBAAkB,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACzF,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,KAAK;wBACX,QAAQ;wBACR,OAAO,EAAE,iBAAiB,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;wBACrF,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,KAAK;wBACf,sBAAsB,EAAE,YAAY,IAAI,kBAAkB;wBAC1D,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QACF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,4BAA4B,CAClC,OAAe,EACf,YAA4B;QAE5B,OAAO,gCAAgC,CACrC,OAAO,EACP;YACE,IAAI,EAAE,YAAY;YAClB,aAAa,EAAE,+BAA+B;YAC9C,QAAQ,EAAE,mBAAmB;YAC7B,UAAU,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SACjC,EACD,YAAY,CACb,CAAA;IACH,CAAC;IAED,0EAA0E;IAC1E,kBAAkB,GAAG,kBAAkB,CAAA;IAEvC,IAAI,CAAC,OAAe,EAAE,OAAe;QACnC,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACnC,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEpD,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,mCAAmC,IAAI,CAAC,gBAAgB,SAAS;aAC3E,CAAC,CAAA;QACJ,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAA;QACxC,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAChE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAA;QACtD,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAC/D,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAClE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACrE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAC1E,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACzD,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAE7D,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACjC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QAEnF,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAA;QACnE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAA;QAC3D,MAAM,gBAAgB,GAAG,SAAS,IAAI,IAAI,CAAC,aAAa,CAAA;QAExD,OAAO;YACL,OAAO;YACP,MAAM,EAAE,CAAC,WAAW,IAAI,CAAC,OAAO,IAAI,CAAC,gBAAgB;YACrD,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,cAAc,EAAE,OAAO,GAAG,SAAS;YACnC,SAAS;YACT,aAAa;SACd,CAAA;IACH,CAAC;IAED,UAAU,CAAC,OAAe;QACxB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,IAAI,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAA;QACpD,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,gBAAgB,CAAC,MAAc;QAC7B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED,iBAAiB,CAAC,OAAe;QAC/B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpC,CAAC;IAED,oEAAoE;IACpE,MAAM,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,MAAM,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,MAAM,CAAC,mBAAmB,GAAG,mBAAmB,CAAA;IAChD,MAAM,CAAC,SAAS,GAAG,SAAS,CAAA;;AAG9B,eAAe,eAAe,CAAA"}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Re-exports for security scanning functionality.
|
|
5
5
|
*/
|
|
6
6
|
export type { SecurityFindingType, SecuritySeverity, SecurityFinding, RiskScoreBreakdown, ScanReport, ScannerOptions, } from './types.js';
|
|
7
|
-
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, SSRF_INSTRUCTION_PATTERNS, } from './patterns.js';
|
|
7
|
+
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, SSRF_INSTRUCTION_PATTERNS, PII_PATTERNS, } from './patterns.js';
|
|
8
8
|
export { SEVERITY_WEIGHTS, CATEGORY_WEIGHTS } from './weights.js';
|
|
9
9
|
export { MAX_LINE_LENGTH_FOR_REGEX, safeRegexTest, safeRegexCheck } from './regex-utils.js';
|
|
10
10
|
export { SecurityScanner, default } from './SecurityScanner.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,YAAY,EACV,mBAAmB,EACnB,gBAAgB,EAChB,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,cAAc,GACf,MAAM,YAAY,CAAA;AAGnB,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,EACnB,yBAAyB,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,YAAY,EACV,mBAAmB,EACnB,gBAAgB,EAChB,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,cAAc,GACf,MAAM,YAAY,CAAA;AAGnB,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,EACnB,yBAAyB,EACzB,YAAY,GACb,MAAM,eAAe,CAAA;AAGtB,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAGjE,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAG3F,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA"}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Re-exports for security scanning functionality.
|
|
5
5
|
*/
|
|
6
6
|
// Patterns (for testing/extending)
|
|
7
|
-
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, SSRF_INSTRUCTION_PATTERNS, } from './patterns.js';
|
|
7
|
+
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, SSRF_INSTRUCTION_PATTERNS, PII_PATTERNS, } from './patterns.js';
|
|
8
8
|
// Weights (for testing/extending)
|
|
9
9
|
export { SEVERITY_WEIGHTS, CATEGORY_WEIGHTS } from './weights.js';
|
|
10
10
|
// Regex utilities (for testing/extending)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH,mCAAmC;AACnC,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,EACnB,yBAAyB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH,mCAAmC;AACnC,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,EACnB,yBAAyB,EACzB,YAAY,GACb,MAAM,eAAe,CAAA;AAEtB,kCAAkC;AAClC,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAEjE,0CAA0C;AAC1C,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAE3F,aAAa;AACb,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA"}
|
|
@@ -29,5 +29,11 @@ export declare const SSRF_INSTRUCTION_PATTERNS: RegExp[];
|
|
|
29
29
|
* - Anthropic Responsible Disclosure Program findings
|
|
30
30
|
* - Academic research on prompt injection attacks
|
|
31
31
|
*/
|
|
32
|
+
/**
|
|
33
|
+
* SMI-3864: PII detection patterns
|
|
34
|
+
* Detects personally identifiable information and credentials in skill content.
|
|
35
|
+
* Complements AIDefence's aidefence_has_pii() for offline/local scanning.
|
|
36
|
+
*/
|
|
37
|
+
export declare const PII_PATTERNS: RegExp[];
|
|
32
38
|
export declare const AI_DEFENCE_PATTERNS: RegExp[];
|
|
33
39
|
//# sourceMappingURL=patterns.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,kBAAkB,UAkB9B,CAAA;AAGD,eAAO,MAAM,mBAAmB,UAY/B,CAAA;AAGD,eAAO,MAAM,2BAA2B,UAavC,CAAA;AAGD,eAAO,MAAM,uBAAuB,UAenC,CAAA;AAGD,eAAO,MAAM,0BAA0B,UAqBtC,CAAA;AAGD,eAAO,MAAM,6BAA6B,UAyBzC,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,UAuBrC,CAAA;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,mBAAmB,UAwD/B,CAAA"}
|
|
1
|
+
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,kBAAkB,UAkB9B,CAAA;AAGD,eAAO,MAAM,mBAAmB,UAY/B,CAAA;AAGD,eAAO,MAAM,2BAA2B,UAavC,CAAA;AAGD,eAAO,MAAM,uBAAuB,UAenC,CAAA;AAGD,eAAO,MAAM,0BAA0B,UAqBtC,CAAA;AAGD,eAAO,MAAM,6BAA6B,UAyBzC,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,UAuBrC,CAAA;AAED;;;;;;;;;;;GAWG;AACH;;;;GAIG;AACH,eAAO,MAAM,YAAY,UAwBxB,CAAA;AAED,eAAO,MAAM,mBAAmB,UAwD/B,CAAA"}
|
|
@@ -185,6 +185,31 @@ export const SSRF_INSTRUCTION_PATTERNS = [
|
|
|
185
185
|
* - Anthropic Responsible Disclosure Program findings
|
|
186
186
|
* - Academic research on prompt injection attacks
|
|
187
187
|
*/
|
|
188
|
+
/**
|
|
189
|
+
* SMI-3864: PII detection patterns
|
|
190
|
+
* Detects personally identifiable information and credentials in skill content.
|
|
191
|
+
* Complements AIDefence's aidefence_has_pii() for offline/local scanning.
|
|
192
|
+
*/
|
|
193
|
+
export const PII_PATTERNS = [
|
|
194
|
+
// API keys and tokens (generic patterns)
|
|
195
|
+
/(?:api[_-]?key|apikey)\s*[:=]\s*['"]?[A-Za-z0-9_-]{20,}['"]?/i,
|
|
196
|
+
/(?:secret[_-]?key|secretkey)\s*[:=]\s*['"]?[A-Za-z0-9_-]{20,}['"]?/i,
|
|
197
|
+
/(?:access[_-]?token|accesstoken)\s*[:=]\s*['"]?[A-Za-z0-9_-]{20,}['"]?/i,
|
|
198
|
+
// Provider-specific key formats
|
|
199
|
+
/sk[_-](?:live|test)[_-][A-Za-z0-9]{20,}/, // Stripe
|
|
200
|
+
/(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9]{36,}/, // GitHub PAT
|
|
201
|
+
/xoxb-[0-9]+-[0-9]+-[A-Za-z0-9]+/, // Slack bot token
|
|
202
|
+
/AKIA[0-9A-Z]{16}/, // AWS Access Key
|
|
203
|
+
// Email addresses — severity `info` in YAML frontmatter context (Review #8)
|
|
204
|
+
// Downgraded because SKILL.md files legitimately contain author contact emails
|
|
205
|
+
/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/,
|
|
206
|
+
// US Social Security Numbers
|
|
207
|
+
/\b\d{3}-\d{2}-\d{4}\b/,
|
|
208
|
+
// Private keys
|
|
209
|
+
/-----BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY-----/,
|
|
210
|
+
// Generic password assignments
|
|
211
|
+
/(?:password|passwd|pwd)\s*[:=]\s*['"][^'"]{8,}['"]/i,
|
|
212
|
+
];
|
|
188
213
|
export const AI_DEFENCE_PATTERNS = [
|
|
189
214
|
// Role injection patterns - attempts to inject system/assistant/user roles
|
|
190
215
|
// Pattern detects role markers that could manipulate conversation boundaries
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,0BAA0B;AAC1B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,YAAY;IACZ,uBAAuB;IACvB,2BAA2B;IAC3B,WAAW;IACX,WAAW;IACX,oBAAoB;IACpB,eAAe;IACf,WAAW;IACX,iBAAiB;IACjB,uBAAuB;IACvB,YAAY;IACZ,oBAAoB;CACrB,CAAA;AAED,+BAA+B;AAC/B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,QAAQ;IACR,cAAc;IACd,WAAW;IACX,SAAS;IACT,SAAS;IACT,SAAS;IACT,WAAW;IACX,cAAc;IACd,iBAAiB;IACjB,WAAW;IACX,WAAW;IACX,cAAc;CACf,CAAA;AAED,6BAA6B;AAC7B,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,6EAA6E;IAC7E,2EAA2E;IAC3E,mBAAmB;IACnB,SAAS;IACT,sBAAsB;IACtB,YAAY;IACZ,oDAAoD;IACpD,+DAA+D;IAC/D,iDAAiD;IACjD,mDAAmD;IACnD,0DAA0D;IAC1D,8CAA8C;IAE9C,2EAA2E;IAC3E,2FAA2F;IAC3F,yFAAyF;IACzF,gEAAgE;CACjE,CAAA;AAED,2DAA2D;AAC3D,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,YAAY;IACZ,YAAY;IACZ,gBAAgB;IAChB,eAAe,EAAE,uBAAuB;IACxC,uBAAuB;IACvB,yBAAyB;IACzB,qCAAqC;IACrC,gCAAgC;IAChC,eAAe;IACf,0BAA0B,EAAE,qBAAqB;IACjD,0BAA0B;CAC3B,CAAA;AAED,+CAA+C;AAC/C,MAAM,CAAC,MAAM,2BAA2B,GAAG;IACzC,2CAA2C;IAC3C,gBAAgB;IAChB,0CAA0C,EAAE,6BAA6B;IACzE,kDAAkD;IAClD,sBAAsB;IACtB,oCAAoC;IACpC,4BAA4B;IAC5B,2BAA2B;IAC3B,8BAA8B;IAC9B,iCAAiC;IACjC,4BAA4B;IAC5B,sBAAsB;CACvB,CAAA;AAED,2CAA2C;AAC3C,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,2DAA2D;IAC3D,qCAAqC;IACrC,qCAAqC;IACrC,8CAA8C;IAC9C,qCAAqC;IACrC,2CAA2C;IAC3C,+CAA+C;IAC/C,wDAAwD;IACxD,4CAA4C;IAC5C,+CAA+C;IAC/C,mDAAmD;IACnD,wCAAwC;IACxC,uDAAuD;IACvD,8CAA8C;CAC/C,CAAA;AAED,sCAAsC;AACtC,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,YAAY,EAAE,sBAAsB;IACpC,YAAY,EAAE,sBAAsB;IACpC,2CAA2C;IAC3C,wCAAwC;IACxC,0BAA0B;IAC1B,iCAAiC,EAAE,0BAA0B;IAC7D,iBAAiB;IACjB,wBAAwB;IACxB,gBAAgB;IAChB,mBAAmB;IACnB,iBAAiB;IACjB,uBAAuB;IACvB,iBAAiB;IACjB,QAAQ;IACR,kBAAkB,EAAE,YAAY;IAChC,2BAA2B;IAC3B,wCAAwC;IACxC,8CAA8C;IAC9C,mBAAmB;IACnB,wCAAwC;CACzC,CAAA;AAED,yCAAyC;AACzC,MAAM,CAAC,MAAM,6BAA6B,GAAG;IAC3C,wBAAwB,EAAE,gCAAgC;IAC1D,qBAAqB,EAAE,wBAAwB;IAC/C,YAAY;IACZ,oCAAoC,EAAE,2BAA2B;IACjE,kBAAkB,EAAE,eAAe;IACnC,kBAAkB,EAAE,iBAAiB;IACrC,kBAAkB,EAAE,0BAA0B;IAC9C,iBAAiB;IACjB,iBAAiB;IACjB,SAAS;IACT,iBAAiB;IACjB,WAAW;IACX,SAAS;IACT,SAAS;IACT,oBAAoB;IACpB,iBAAiB;IACjB,kCAAkC;IAClC,oBAAoB;IACpB,oCAAoC;IACpC,4BAA4B;IAC5B,uBAAuB;IACvB,mBAAmB;IACnB,gBAAgB;IAChB,gBAAgB;CACjB,CAAA;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,mDAAmD;IACnD,yEAAyE;IACzE,2EAA2E;IAC3E,yEAAyE;IACzE,yEAAyE;IAEzE,gDAAgD;IAChD,qFAAqF;IACrF,0FAA0F;IAC1F,sFAAsF;IAEtF,mCAAmC;IACnC,oBAAoB;IAEpB,sEAAsE;IACtE,0CAA0C;IAC1C,uBAAuB;IAEvB,0DAA0D;IAC1D,oGAAoG;IACpG,mIAAmI;IACnI,sGAAsG;CACvG,CAAA;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,2EAA2E;IAC3E,6EAA6E;IAC7E,mEAAmE;IACnE,mDAAmD;IAEnD,oDAAoD;IACpD,4BAA4B;IAE5B,6DAA6D;IAC7D,mFAAmF;IAEnF,0DAA0D;IAC1D,gEAAgE;IAChE,uEAAuE;IAEvE,iFAAiF;IACjF,gFAAgF;IAChF,mIAAmI;IAEnI,yDAAyD;IACzD,iEAAiE;IAEjE,yDAAyD;IACzD,6DAA6D;IAE7D,0DAA0D;IAC1D,uEAAuE;IAEvE,sCAAsC;IACtC,uEAAuE;IACvE,kFAAkF;IAClF,uGAAuG;IAEvG,4BAA4B;IAC5B,kDAAkD;IAElD,yCAAyC;IACzC,kFAAkF;IAElF,6BAA6B;IAC7B,8CAA8C;IAE9C,6CAA6C;IAC7C,+EAA+E;IAC/E,4HAA4H;IAE5H,kDAAkD;IAClD,wEAAwE;IAExE,wBAAwB;IACxB,4CAA4C;IAE5C,+EAA+E;IAC/E,6DAA6D;IAC7D,qBAAqB;CACtB,CAAA"}
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,0BAA0B;AAC1B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,YAAY;IACZ,uBAAuB;IACvB,2BAA2B;IAC3B,WAAW;IACX,WAAW;IACX,oBAAoB;IACpB,eAAe;IACf,WAAW;IACX,iBAAiB;IACjB,uBAAuB;IACvB,YAAY;IACZ,oBAAoB;CACrB,CAAA;AAED,+BAA+B;AAC/B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,QAAQ;IACR,cAAc;IACd,WAAW;IACX,SAAS;IACT,SAAS;IACT,SAAS;IACT,WAAW;IACX,cAAc;IACd,iBAAiB;IACjB,WAAW;IACX,WAAW;IACX,cAAc;CACf,CAAA;AAED,6BAA6B;AAC7B,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,6EAA6E;IAC7E,2EAA2E;IAC3E,mBAAmB;IACnB,SAAS;IACT,sBAAsB;IACtB,YAAY;IACZ,oDAAoD;IACpD,+DAA+D;IAC/D,iDAAiD;IACjD,mDAAmD;IACnD,0DAA0D;IAC1D,8CAA8C;IAE9C,2EAA2E;IAC3E,2FAA2F;IAC3F,yFAAyF;IACzF,gEAAgE;CACjE,CAAA;AAED,2DAA2D;AAC3D,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,YAAY;IACZ,YAAY;IACZ,gBAAgB;IAChB,eAAe,EAAE,uBAAuB;IACxC,uBAAuB;IACvB,yBAAyB;IACzB,qCAAqC;IACrC,gCAAgC;IAChC,eAAe;IACf,0BAA0B,EAAE,qBAAqB;IACjD,0BAA0B;CAC3B,CAAA;AAED,+CAA+C;AAC/C,MAAM,CAAC,MAAM,2BAA2B,GAAG;IACzC,2CAA2C;IAC3C,gBAAgB;IAChB,0CAA0C,EAAE,6BAA6B;IACzE,kDAAkD;IAClD,sBAAsB;IACtB,oCAAoC;IACpC,4BAA4B;IAC5B,2BAA2B;IAC3B,8BAA8B;IAC9B,iCAAiC;IACjC,4BAA4B;IAC5B,sBAAsB;CACvB,CAAA;AAED,2CAA2C;AAC3C,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,2DAA2D;IAC3D,qCAAqC;IACrC,qCAAqC;IACrC,8CAA8C;IAC9C,qCAAqC;IACrC,2CAA2C;IAC3C,+CAA+C;IAC/C,wDAAwD;IACxD,4CAA4C;IAC5C,+CAA+C;IAC/C,mDAAmD;IACnD,wCAAwC;IACxC,uDAAuD;IACvD,8CAA8C;CAC/C,CAAA;AAED,sCAAsC;AACtC,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,YAAY,EAAE,sBAAsB;IACpC,YAAY,EAAE,sBAAsB;IACpC,2CAA2C;IAC3C,wCAAwC;IACxC,0BAA0B;IAC1B,iCAAiC,EAAE,0BAA0B;IAC7D,iBAAiB;IACjB,wBAAwB;IACxB,gBAAgB;IAChB,mBAAmB;IACnB,iBAAiB;IACjB,uBAAuB;IACvB,iBAAiB;IACjB,QAAQ;IACR,kBAAkB,EAAE,YAAY;IAChC,2BAA2B;IAC3B,wCAAwC;IACxC,8CAA8C;IAC9C,mBAAmB;IACnB,wCAAwC;CACzC,CAAA;AAED,yCAAyC;AACzC,MAAM,CAAC,MAAM,6BAA6B,GAAG;IAC3C,wBAAwB,EAAE,gCAAgC;IAC1D,qBAAqB,EAAE,wBAAwB;IAC/C,YAAY;IACZ,oCAAoC,EAAE,2BAA2B;IACjE,kBAAkB,EAAE,eAAe;IACnC,kBAAkB,EAAE,iBAAiB;IACrC,kBAAkB,EAAE,0BAA0B;IAC9C,iBAAiB;IACjB,iBAAiB;IACjB,SAAS;IACT,iBAAiB;IACjB,WAAW;IACX,SAAS;IACT,SAAS;IACT,oBAAoB;IACpB,iBAAiB;IACjB,kCAAkC;IAClC,oBAAoB;IACpB,oCAAoC;IACpC,4BAA4B;IAC5B,uBAAuB;IACvB,mBAAmB;IACnB,gBAAgB;IAChB,gBAAgB;CACjB,CAAA;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,mDAAmD;IACnD,yEAAyE;IACzE,2EAA2E;IAC3E,yEAAyE;IACzE,yEAAyE;IAEzE,gDAAgD;IAChD,qFAAqF;IACrF,0FAA0F;IAC1F,sFAAsF;IAEtF,mCAAmC;IACnC,oBAAoB;IAEpB,sEAAsE;IACtE,0CAA0C;IAC1C,uBAAuB;IAEvB,0DAA0D;IAC1D,oGAAoG;IACpG,mIAAmI;IACnI,sGAAsG;CACvG,CAAA;AAED;;;;;;;;;;;GAWG;AACH;;;;GAIG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,yCAAyC;IACzC,+DAA+D;IAC/D,qEAAqE;IACrE,yEAAyE;IAEzE,gCAAgC;IAChC,yCAAyC,EAAE,SAAS;IACpD,0CAA0C,EAAE,aAAa;IACzD,iCAAiC,EAAE,kBAAkB;IACrD,kBAAkB,EAAE,iBAAiB;IAErC,4EAA4E;IAC5E,+EAA+E;IAC/E,gDAAgD;IAEhD,6BAA6B;IAC7B,uBAAuB;IAEvB,eAAe;IACf,4CAA4C;IAE5C,+BAA+B;IAC/B,qDAAqD;CACtD,CAAA;AAED,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,2EAA2E;IAC3E,6EAA6E;IAC7E,mEAAmE;IACnE,mDAAmD;IAEnD,oDAAoD;IACpD,4BAA4B;IAE5B,6DAA6D;IAC7D,mFAAmF;IAEnF,0DAA0D;IAC1D,gEAAgE;IAChE,uEAAuE;IAEvE,iFAAiF;IACjF,gFAAgF;IAChF,mIAAmI;IAEnI,yDAAyD;IACzD,iEAAiE;IAEjE,yDAAyD;IACzD,6DAA6D;IAE7D,0DAA0D;IAC1D,uEAAuE;IAEvE,sCAAsC;IACtC,uEAAuE;IACvE,kFAAkF;IAClF,uGAAuG;IAEvG,4BAA4B;IAC5B,kDAAkD;IAElD,yCAAyC;IACzC,kFAAkF;IAElF,6BAA6B;IAC7B,8CAA8C;IAE9C,6CAA6C;IAC7C,+EAA+E;IAC/E,4HAA4H;IAE5H,kDAAkD;IAClD,wEAAwE;IAExE,wBAAwB;IACxB,4CAA4C;IAE5C,+EAA+E;IAC/E,6DAA6D;IAC7D,qBAAqB;CACtB,CAAA"}
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
/**
|
|
7
7
|
* Types of security findings that can be detected
|
|
8
8
|
*/
|
|
9
|
-
export type SecurityFindingType = 'url' | 'sensitive_path' | 'jailbreak' | 'suspicious_pattern' | 'social_engineering' | 'prompt_leaking' | 'data_exfiltration' | 'privilege_escalation' | 'ai_defence' | 'ssrf';
|
|
9
|
+
export type SecurityFindingType = 'url' | 'sensitive_path' | 'jailbreak' | 'suspicious_pattern' | 'social_engineering' | 'prompt_leaking' | 'data_exfiltration' | 'privilege_escalation' | 'ai_defence' | 'ssrf' | 'pii';
|
|
10
10
|
/**
|
|
11
11
|
* Severity levels for security findings
|
|
12
12
|
*/
|
|
@@ -48,6 +48,7 @@ export interface RiskScoreBreakdown {
|
|
|
48
48
|
externalUrls: number;
|
|
49
49
|
aiDefence: number;
|
|
50
50
|
ssrf: number;
|
|
51
|
+
pii: number;
|
|
51
52
|
}
|
|
52
53
|
/**
|
|
53
54
|
* Comprehensive scan report with risk scoring
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAC3B,KAAK,GACL,gBAAgB,GAChB,WAAW,GACX,oBAAoB,GACpB,oBAAoB,GACpB,gBAAgB,GAChB,mBAAmB,GACnB,sBAAsB,GACtB,YAAY,GACZ,MAAM,CAAA;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAC3B,KAAK,GACL,gBAAgB,GAChB,WAAW,GACX,oBAAoB,GACpB,oBAAoB,GACpB,gBAAgB,GAChB,mBAAmB,GACnB,sBAAsB,GACtB,YAAY,GACZ,MAAM,GACN,KAAK,CAAA;AAET;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAA;AAErE;;;;;GAKG;AACH,MAAM,MAAM,iBAAiB,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAA;AAEzD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,mBAAmB,CAAA;IACzB,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,iFAAiF;IACjF,sBAAsB,CAAC,EAAE,OAAO,CAAA;IAChC,qEAAqE;IACrE,UAAU,CAAC,EAAE,iBAAiB,CAAA;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAA;IACjB,iBAAiB,EAAE,MAAM,CAAA;IACzB,aAAa,EAAE,MAAM,CAAA;IACrB,gBAAgB,EAAE,MAAM,CAAA;IACxB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,cAAc,EAAE,MAAM,CAAA;IACtB,cAAc,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,MAAM,CAAA;IACZ,GAAG,EAAE,MAAM,CAAA;CACZ;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,eAAe,EAAE,CAAA;IAC3B,SAAS,EAAE,IAAI,CAAA;IACf,cAAc,EAAE,MAAM,CAAA;IACtB,0EAA0E;IAC1E,SAAS,EAAE,MAAM,CAAA;IACjB,0CAA0C;IAC1C,aAAa,EAAE,kBAAkB,CAAA;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,4DAA4D;IAC5D,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"weights.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAK7D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"weights.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAK7D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAYnD,CAAA"}
|
|
@@ -26,5 +26,6 @@ export const CATEGORY_WEIGHTS = {
|
|
|
26
26
|
url: 0.8,
|
|
27
27
|
ai_defence: 1.9, // SMI-1532: High weight for AI injection attacks
|
|
28
28
|
ssrf: 1.6, // SMI-3509: SSRF instruction detection
|
|
29
|
+
pii: 1.8, // SMI-3864: PII in skill content is high-risk
|
|
29
30
|
};
|
|
30
31
|
//# sourceMappingURL=weights.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"weights.js","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAqC;IAChE,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;IACR,QAAQ,EAAE,EAAE;CACb,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAA2B;IACtD,SAAS,EAAE,GAAG;IACd,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,iBAAiB,EAAE,GAAG;IACtB,oBAAoB,EAAE,GAAG;IACzB,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,GAAG,EAAE,GAAG;IACR,UAAU,EAAE,GAAG,EAAE,iDAAiD;IAClE,IAAI,EAAE,GAAG,EAAE,uCAAuC;
|
|
1
|
+
{"version":3,"file":"weights.js","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAqC;IAChE,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;IACR,QAAQ,EAAE,EAAE;CACb,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAA2B;IACtD,SAAS,EAAE,GAAG;IACd,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,iBAAiB,EAAE,GAAG;IACtB,oBAAoB,EAAE,GAAG;IACzB,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,GAAG,EAAE,GAAG;IACR,UAAU,EAAE,GAAG,EAAE,iDAAiD;IAClE,IAAI,EAAE,GAAG,EAAE,uCAAuC;IAClD,GAAG,EAAE,GAAG,EAAE,8CAA8C;CACzD,CAAA"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Zod schema for skill config.json validation
|
|
3
|
+
* @module @skillsmith/core/services/skill-config-schema
|
|
4
|
+
* @see SMI-3870: Config.json Schema Validation
|
|
5
|
+
*
|
|
6
|
+
* Validates config.json files fetched during skill installation.
|
|
7
|
+
* v1 uses .passthrough() — logs unknown keys as warnings but does not reject.
|
|
8
|
+
*/
|
|
9
|
+
import { z } from 'zod';
|
|
10
|
+
/**
|
|
11
|
+
* Schema for skill config.json files.
|
|
12
|
+
* v1: passthrough mode — unknown keys logged as warnings, not rejected.
|
|
13
|
+
* Switch to .strict() after publishing the schema spec.
|
|
14
|
+
*/
|
|
15
|
+
export declare const SkillConfigSchema: z.ZodObject<{
|
|
16
|
+
displayName: z.ZodOptional<z.ZodString>;
|
|
17
|
+
version: z.ZodOptional<z.ZodString>;
|
|
18
|
+
presets: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>>;
|
|
19
|
+
settings: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber, z.ZodBoolean]>>>;
|
|
20
|
+
mcpServers: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
21
|
+
minClaudeCodeVersion: z.ZodOptional<z.ZodString>;
|
|
22
|
+
}, z.core.$loose>;
|
|
23
|
+
export type SkillConfig = z.infer<typeof SkillConfigSchema>;
|
|
24
|
+
export interface ConfigValidationResult {
|
|
25
|
+
valid: boolean;
|
|
26
|
+
errors: string[];
|
|
27
|
+
warnings: string[];
|
|
28
|
+
/** Sanitized config (only if valid) */
|
|
29
|
+
config?: SkillConfig;
|
|
30
|
+
}
|
|
31
|
+
/**
|
|
32
|
+
* Validate a config.json string against the skill config schema.
|
|
33
|
+
* Returns validation result with errors and warnings for unknown keys.
|
|
34
|
+
*/
|
|
35
|
+
export declare function validateSkillConfig(content: string): ConfigValidationResult;
|
|
36
|
+
//# sourceMappingURL=skill-config-schema.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skill-config-schema.d.ts","sourceRoot":"","sources":["../../../src/services/skill-config-schema.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB;;;;GAIG;AACH,eAAO,MAAM,iBAAiB;;;;;;;iBAmBd,CAAA;AAEhB,MAAM,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAA;AAW3D,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,OAAO,CAAA;IACd,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,QAAQ,EAAE,MAAM,EAAE,CAAA;IAClB,uCAAuC;IACvC,MAAM,CAAC,EAAE,WAAW,CAAA;CACrB;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,sBAAsB,CA+B3E"}
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Zod schema for skill config.json validation
|
|
3
|
+
* @module @skillsmith/core/services/skill-config-schema
|
|
4
|
+
* @see SMI-3870: Config.json Schema Validation
|
|
5
|
+
*
|
|
6
|
+
* Validates config.json files fetched during skill installation.
|
|
7
|
+
* v1 uses .passthrough() — logs unknown keys as warnings but does not reject.
|
|
8
|
+
*/
|
|
9
|
+
import { z } from 'zod';
|
|
10
|
+
/**
|
|
11
|
+
* Schema for skill config.json files.
|
|
12
|
+
* v1: passthrough mode — unknown keys logged as warnings, not rejected.
|
|
13
|
+
* Switch to .strict() after publishing the schema spec.
|
|
14
|
+
*/
|
|
15
|
+
export const SkillConfigSchema = z
|
|
16
|
+
.object({
|
|
17
|
+
/** Skill display name override */
|
|
18
|
+
displayName: z.string().max(100).optional(),
|
|
19
|
+
/** Version constraint */
|
|
20
|
+
version: z.string().max(20).optional(),
|
|
21
|
+
/** Configuration presets (values must be primitives) */
|
|
22
|
+
presets: z
|
|
23
|
+
.record(z.string(), z.union([z.string().max(500), z.number(), z.boolean()]))
|
|
24
|
+
.optional(),
|
|
25
|
+
/** Custom settings (values must be primitives) */
|
|
26
|
+
settings: z
|
|
27
|
+
.record(z.string().max(50), z.union([z.string().max(500), z.number(), z.boolean()]))
|
|
28
|
+
.optional(),
|
|
29
|
+
/** MCP server requirements */
|
|
30
|
+
mcpServers: z.array(z.string().max(100)).max(10).optional(),
|
|
31
|
+
/** Minimum Claude Code version */
|
|
32
|
+
minClaudeCodeVersion: z.string().max(20).optional(),
|
|
33
|
+
})
|
|
34
|
+
.passthrough();
|
|
35
|
+
const KNOWN_KEYS = [
|
|
36
|
+
'displayName',
|
|
37
|
+
'version',
|
|
38
|
+
'presets',
|
|
39
|
+
'settings',
|
|
40
|
+
'mcpServers',
|
|
41
|
+
'minClaudeCodeVersion',
|
|
42
|
+
];
|
|
43
|
+
/**
|
|
44
|
+
* Validate a config.json string against the skill config schema.
|
|
45
|
+
* Returns validation result with errors and warnings for unknown keys.
|
|
46
|
+
*/
|
|
47
|
+
export function validateSkillConfig(content) {
|
|
48
|
+
try {
|
|
49
|
+
const parsed = JSON.parse(content);
|
|
50
|
+
const result = SkillConfigSchema.safeParse(parsed);
|
|
51
|
+
if (!result.success) {
|
|
52
|
+
return {
|
|
53
|
+
valid: false,
|
|
54
|
+
errors: result.error.issues.map((i) => i.path.join('.') + ': ' + i.message),
|
|
55
|
+
warnings: [],
|
|
56
|
+
};
|
|
57
|
+
}
|
|
58
|
+
// v1 passthrough: log unknown keys as warnings
|
|
59
|
+
const warnings = [];
|
|
60
|
+
if (parsed !== null && typeof parsed === 'object') {
|
|
61
|
+
const unknownKeys = Object.keys(parsed).filter((k) => !KNOWN_KEYS.includes(k));
|
|
62
|
+
if (unknownKeys.length > 0) {
|
|
63
|
+
warnings.push('config.json contains unknown keys: ' + unknownKeys.join(', ') + '. These are ignored.');
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
return { valid: true, errors: [], warnings, config: result.data };
|
|
67
|
+
}
|
|
68
|
+
catch (e) {
|
|
69
|
+
return {
|
|
70
|
+
valid: false,
|
|
71
|
+
errors: ['Invalid JSON: ' + (e instanceof Error ? e.message : 'parse error')],
|
|
72
|
+
warnings: [],
|
|
73
|
+
};
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
//# sourceMappingURL=skill-config-schema.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skill-config-schema.js","sourceRoot":"","sources":["../../../src/services/skill-config-schema.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB;;;;GAIG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC;KAC/B,MAAM,CAAC;IACN,kCAAkC;IAClC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IAC3C,yBAAyB;IACzB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;IACtC,wDAAwD;IACxD,OAAO,EAAE,CAAC;SACP,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;SAC3E,QAAQ,EAAE;IACb,kDAAkD;IAClD,QAAQ,EAAE,CAAC;SACR,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;SACnF,QAAQ,EAAE;IACb,8BAA8B;IAC9B,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC3D,kCAAkC;IAClC,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE;CACpD,CAAC;KACD,WAAW,EAAE,CAAA;AAIhB,MAAM,UAAU,GAAG;IACjB,aAAa;IACb,SAAS;IACT,SAAS;IACT,UAAU;IACV,YAAY;IACZ,sBAAsB;CACvB,CAAA;AAUD;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,IAAI,CAAC;QACH,MAAM,MAAM,GAAY,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;QAC3C,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QAClD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC;gBAC3E,QAAQ,EAAE,EAAE;aACb,CAAA;QACH,CAAC;QACD,+CAA+C;QAC/C,MAAM,QAAQ,GAAa,EAAE,CAAA;QAC7B,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAClD,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,MAAiC,CAAC,CAAC,MAAM,CACvE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAC/B,CAAA;YACD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC3B,QAAQ,CAAC,IAAI,CACX,qCAAqC,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,sBAAsB,CACxF,CAAA;YACH,CAAC;QACH,CAAC;QACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,IAAI,EAAE,CAAA;IACnE,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,MAAM,EAAE,CAAC,gBAAgB,GAAG,CAAC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;YAC7E,QAAQ,EAAE,EAAE;SACb,CAAA;IACH,CAAC;AACH,CAAC"}
|