@skillsmith/mcp-server 0.1.0

package/dist/tests/unit/logger.test.js

@@ -0,0 +1,281 @@
+/**
+ * SMI-883: Tests for logger sensitive data redaction
+ * Ensures API keys, tokens, passwords, and secrets are never written to disk
+ */
+import { describe, it, expect } from 'vitest';
+import { redactSensitiveData, redactSensitiveObject } from '../../src/logger.js';
+describe('SMI-883: Logger Sensitive Data Redaction', () => {
+    describe('redactSensitiveData', () => {
+        describe('GitHub tokens', () => {
+            it('should redact classic personal access tokens (ghp_)', () => {
+                const input = 'Token: ghp_1234567890abcdefghijklmnopqrstuvwxyz';
+                const result = redactSensitiveData(input);
+                expect(result).toBe('Token: ghp_[REDACTED]');
+                expect(result).not.toContain('1234567890');
+            });
+            it('should redact fine-grained personal access tokens (github_pat_)', () => {
+                const input = 'Using github_pat_abcdefghijklmnopqrstuvwx12345';
+                const result = redactSensitiveData(input);
+                expect(result).toBe('Using github_pat_[REDACTED]');
+            });
+            it('should redact OAuth tokens (gho_)', () => {
+                const input = 'OAuth: gho_1234567890abcdefghijklmnopqrstuvwxyz';
+                const result = redactSensitiveData(input);
+                expect(result).toBe('OAuth: gho_[REDACTED]');
+            });
+            it('should redact server-to-server tokens (ghs_)', () => {
+                const input = 'Server: ghs_1234567890abcdefghijklmnopqrstuvwxyz';
+                const result = redactSensitiveData(input);
+                expect(result).toBe('Server: ghs_[REDACTED]');
+            });
+            it('should redact user-to-server tokens (ghu_)', () => {
+                const input = 'User: ghu_1234567890abcdefghijklmnopqrstuvwxyz';
+                const result = redactSensitiveData(input);
+                expect(result).toBe('User: ghu_[REDACTED]');
+            });
+            it('should redact refresh tokens (ghr_)', () => {
+                const input = 'Refresh: ghr_1234567890abcdefghijklmnopqrstuvwxyz';
+                const result = redactSensitiveData(input);
+                expect(result).toBe('Refresh: ghr_[REDACTED]');
+            });
+        });
+        describe('Linear API keys', () => {
+            it('should redact Linear API keys (lin_api_)', () => {
+                const input = 'LINEAR_API_KEY=lin_api_abcdefghijklmnopqrstuvwxyz123456';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('lin_api_[REDACTED]');
+                expect(result).not.toContain('abcdefghij');
+            });
+        });
+        describe('Stripe keys', () => {
+            it('should redact live secret keys (sk_live_)', () => {
+                const input = 'STRIPE_KEY=sk_live_abcdefghijklmnopqrstuvwx';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('sk_live_[REDACTED]');
+            });
+            it('should redact test secret keys (sk_test_)', () => {
+                const input = 'STRIPE_KEY=sk_test_abcdefghijklmnopqrstuvwx';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('sk_test_[REDACTED]');
+            });
+            it('should redact live publishable keys (pk_live_)', () => {
+                const input = 'STRIPE_PK=pk_live_abcdefghijklmnopqrstuvwx';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('pk_live_[REDACTED]');
+            });
+            it('should redact test publishable keys (pk_test_)', () => {
+                const input = 'STRIPE_PK=pk_test_abcdefghijklmnopqrstuvwx';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('pk_test_[REDACTED]');
+            });
+        });
+        describe('OpenAI API keys', () => {
+            it('should redact OpenAI API keys (sk-)', () => {
+                const input = 'OPENAI_API_KEY=sk-abcdefghijklmnopqrstuvwxyz1234567890abcdefghijkl';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('sk-[REDACTED]');
+                expect(result).not.toContain('abcdefghij');
+            });
+        });
+        describe('Anthropic API keys', () => {
+            it('should redact Anthropic API keys (sk-ant-)', () => {
+                const input = 'ANTHROPIC_API_KEY=sk-ant-api03-abcdefghijklmnopqrstuvwxyz12';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('sk-ant-[REDACTED]');
+            });
+        });
+        describe('AWS keys', () => {
+            it('should redact AWS access key IDs (AKIA)', () => {
+                const input = 'AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('AKIA[REDACTED]');
+                expect(result).not.toContain('IOSFODNN7EXAMPLE');
+            });
+        });
+        describe('Slack tokens', () => {
+            it('should redact bot tokens (xoxb-)', () => {
+                const input = 'SLACK_TOKEN=xoxb-123456789012-1234567890123-abcdefghijklmnop';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('xox*-[REDACTED]');
+            });
+            it('should redact user tokens (xoxp-)', () => {
+                const input = 'SLACK_TOKEN=xoxp-123456789012-1234567890123-abcdefghijklmnop';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('xox*-[REDACTED]');
+            });
+        });
+        describe('npm tokens', () => {
+            it('should redact npm tokens (npm_)', () => {
+                const input = 'NPM_TOKEN=npm_abcdefghijklmnopqrstuvwxyz1234567890';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('npm_[REDACTED]');
+            });
+        });
+        describe('Bearer and Basic auth', () => {
+            it('should redact Bearer tokens', () => {
+                const input = 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('Bearer [REDACTED]');
+            });
+            it('should redact Basic auth credentials', () => {
+                const input = 'Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQxMjM0NTY=';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('Basic [REDACTED]');
+            });
+        });
+        describe('JWT tokens', () => {
+            it('should redact JWT tokens', () => {
+                const input = 'Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('[JWT_REDACTED]');
+                expect(result).not.toContain('eyJzdWI');
+            });
+        });
+        describe('Generic patterns', () => {
+            it('should redact api_key assignments', () => {
+                const input = 'config.api_key = "my_secret_api_key_12345"';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('api_key=[REDACTED]');
+            });
+            it('should redact password assignments', () => {
+                const input = 'password: "supersecret123"';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('password=[REDACTED]');
+            });
+            it('should redact secret assignments', () => {
+                const input = 'client_secret = "abcdefghijklmnop"';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('secret=[REDACTED]');
+            });
+            it('should redact token assignments', () => {
+                const input = 'auth_token: "my_auth_token_value"';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('token=[REDACTED]');
+            });
+        });
+        describe('Connection strings', () => {
+            it('should redact passwords in connection strings', () => {
+                const input = 'postgresql://user:mysecretpassword@localhost:5432/db';
+                const result = redactSensitiveData(input);
+                expect(result).toBe('postgresql://user:[REDACTED]@localhost:5432/db');
+                expect(result).not.toContain('mysecretpassword');
+            });
+            it('should redact passwords in MongoDB connection strings', () => {
+                const input = 'mongodb://admin:p4ssw0rd123@cluster.mongodb.net/mydb';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('[REDACTED]@cluster');
+                expect(result).not.toContain('p4ssw0rd123');
+            });
+        });
+        describe('Private keys', () => {
+            it('should redact RSA private keys', () => {
+                const input = `-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA0Z3VS5JJcds3xfn/ygWyF8PbnGy
+-----END RSA PRIVATE KEY-----`;
+                const result = redactSensitiveData(input);
+                expect(result).toBe('-----[PRIVATE KEY REDACTED]-----');
+                expect(result).not.toContain('MIIEpAIBAAKCAQEA');
+            });
+            it('should redact generic private keys', () => {
+                const input = `-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEA
+-----END PRIVATE KEY-----`;
+                const result = redactSensitiveData(input);
+                expect(result).toBe('-----[PRIVATE KEY REDACTED]-----');
+            });
+        });
+        describe('Edge cases', () => {
+            it('should handle empty strings', () => {
+                expect(redactSensitiveData('')).toBe('');
+            });
+            it('should handle null-ish values', () => {
+                expect(redactSensitiveData(null)).toBe(null);
+                expect(redactSensitiveData(undefined)).toBe(undefined);
+            });
+            it('should handle text with no sensitive data', () => {
+                const input = 'This is a normal log message with no secrets';
+                expect(redactSensitiveData(input)).toBe(input);
+            });
+            it('should handle multiple tokens in same string', () => {
+                const input = 'GitHub: ghp_1234567890abcdefghijklmnopqrstuvwxyz, Stripe: sk_live_abcdefghijklmnopqrstuvwx';
+                const result = redactSensitiveData(input);
+                expect(result).toContain('ghp_[REDACTED]');
+                expect(result).toContain('sk_live_[REDACTED]');
+            });
+            it('should handle repeated calls (regex lastIndex reset)', () => {
+                const input = 'Token: ghp_1234567890abcdefghijklmnopqrstuvwxyz';
+                // Call multiple times to verify lastIndex is reset
+                const result1 = redactSensitiveData(input);
+                const result2 = redactSensitiveData(input);
+                const result3 = redactSensitiveData(input);
+                expect(result1).toBe('Token: ghp_[REDACTED]');
+                expect(result2).toBe('Token: ghp_[REDACTED]');
+                expect(result3).toBe('Token: ghp_[REDACTED]');
+            });
+        });
+    });
+    describe('redactSensitiveObject', () => {
+        it('should redact strings in simple objects', () => {
+            const input = {
+                token: 'ghp_1234567890abcdefghijklmnopqrstuvwxyz',
+                name: 'test',
+            };
+            const result = redactSensitiveObject(input);
+            expect(result.token).toBe('ghp_[REDACTED]');
+            expect(result.name).toBe('test');
+        });
+        it('should redact strings in nested objects', () => {
+            const input = {
+                config: {
+                    auth: {
+                        apiKey: 'sk_live_abcdefghijklmnopqrstuvwx',
+                    },
+                },
+            };
+            const result = redactSensitiveObject(input);
+            expect(result.config.auth).toEqual({
+                apiKey: 'sk_live_[REDACTED]',
+            });
+        });
+        it('should redact strings in arrays', () => {
+            const input = ['ghp_1234567890abcdefghijklmnopqrstuvwxyz', 'normal string'];
+            const result = redactSensitiveObject(input);
+            expect(result[0]).toBe('ghp_[REDACTED]');
+            expect(result[1]).toBe('normal string');
+        });
+        it('should handle mixed arrays and objects', () => {
+            const input = {
+                tokens: [
+                    { key: 'ghp_1234567890abcdefghijklmnopqrstuvwxyz' },
+                    { key: 'sk_live_abcdefghijklmnopqrstuvwx' },
+                ],
+            };
+            const result = redactSensitiveObject(input);
+            const tokens = result.tokens;
+            expect(tokens[0].key).toBe('ghp_[REDACTED]');
+            expect(tokens[1].key).toBe('sk_live_[REDACTED]');
+        });
+        it('should handle null and undefined', () => {
+            expect(redactSensitiveObject(null)).toBe(null);
+            expect(redactSensitiveObject(undefined)).toBe(undefined);
+        });
+        it('should preserve non-string primitives', () => {
+            const input = {
+                count: 42,
+                enabled: true,
+                ratio: 3.14,
+            };
+            const result = redactSensitiveObject(input);
+            expect(result).toEqual(input);
+        });
+        it('should handle Error objects by converting to plain object', () => {
+            const input = {
+                error: new Error('Failed with token ghp_1234567890abcdefghijklmnopqrstuvwxyz'),
+            };
+            const result = redactSensitiveObject(input);
+            // Error.message won't be in entries, but if serialized it would be redacted
+            expect(result.error).toBeDefined();
+        });
+    });
+});
+//# sourceMappingURL=logger.test.js.map

package/dist/tests/unit/logger.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.test.js","sourceRoot":"","sources":["../../../tests/unit/logger.test.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC7C,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAA;AAEhF,QAAQ,CAAC,0CAA0C,EAAE,GAAG,EAAE;IACxD,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;YAC7B,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;gBAC7D,MAAM,KAAK,GAAG,iDAAiD,CAAA;gBAC/D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;gBAC5C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;YAC5C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,iEAAiE,EAAE,GAAG,EAAE;gBACzE,MAAM,KAAK,GAAG,gDAAgD,CAAA;gBAC9D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;YACpD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;gBAC3C,MAAM,KAAK,GAAG,iDAAiD,CAAA;gBAC/D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;YAC9C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;gBACtD,MAAM,KAAK,GAAG,kDAAkD,CAAA;gBAChE,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;gBACpD,MAAM,KAAK,GAAG,gDAAgD,CAAA;gBAC9D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAA;YAC7C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;gBAC7C,MAAM,KAAK,GAAG,mDAAmD,CAAA;gBACjE,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;YAC/B,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;gBAClD,MAAM,KAAK,GAAG,yDAAyD,CAAA;gBACvE,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;gBAC9C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;YAC5C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;YAC3B,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;gBACnD,MAAM,KAAK,GAAG,6CAA6C,CAAA;gBAC3D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;gBACnD,MAAM,KAAK,GAAG,6CAA6C,CAAA;gBAC3D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;gBACxD,MAAM,KAAK,GAAG,4CAA4C,CAAA;gBAC1D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;gBACxD,MAAM,KAAK,GAAG,4CAA4C,CAAA;gBAC1D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;YAC/B,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;gBAC7C,MAAM,KAAK,GAAG,oEAAoE,CAAA;gBAClF,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;YAC5C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;YAClC,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;gBACpD,MAAM,KAAK,GAAG,6DAA6D,CAAA;gBAC3E,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;YACxB,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;gBACjD,MAAM,KAAK,GAAG,wCAAwC,CAAA;gBACtD,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAA;gBAC1C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAA;YAClD,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;YAC5B,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;gBAC1C,MAAM,KAAK,GAAG,8DAA8D,CAAA;gBAC5E,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAA;YAC7C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;gBAC3C,MAAM,KAAK,GAAG,8DAA8D,CAAA;gBAC5E,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAA;YAC7C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;YAC1B,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;gBACzC,MAAM,KAAK,GAAG,oDAAoD,CAAA;gBAClE,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAA;YAC5C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;YACrC,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;gBACrC,MAAM,KAAK,GAAG,4DAA4D,CAAA;gBAC1E,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;gBAC9C,MAAM,KAAK,GAAG,uDAAuD,CAAA;gBACrE,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAA;YAC9C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;YAC1B,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;gBAClC,MAAM,KAAK,GACT,oKAAoK,CAAA;gBACtK,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAA;gBAC1C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,CAAC,CAAA;YACzC,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;YAChC,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;gBAC3C,MAAM,KAAK,GAAG,4CAA4C,CAAA;gBAC1D,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;gBAC5C,MAAM,KAAK,GAAG,4BAA4B,CAAA;gBAC1C,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAA;YACjD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;gBAC1C,MAAM,KAAK,GAAG,oCAAoC,CAAA;gBAClD,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;gBACzC,MAAM,KAAK,GAAG,mCAAmC,CAAA;gBACjD,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAA;YAC9C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;YAClC,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;gBACvD,MAAM,KAAK,GAAG,sDAAsD,CAAA;gBACpE,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAA;gBACrE,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAA;YAClD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;gBAC/D,MAAM,KAAK,GAAG,sDAAsD,CAAA;gBACpE,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;gBAC9C,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,aAAa,CAAC,CAAA;YAC7C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;YAC5B,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;gBACxC,MAAM,KAAK,GAAG;;8BAEQ,CAAA;gBACtB,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAA;gBACvD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAA;YAClD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;gBAC5C,MAAM,KAAK,GAAG;;0BAEI,CAAA;gBAClB,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAA;YACzD,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;YAC1B,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;gBACrC,MAAM,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAC1C,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;gBACvC,MAAM,CAAC,mBAAmB,CAAC,IAAyB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBACjE,MAAM,CAAC,mBAAmB,CAAC,SAA8B,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YAC7E,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;gBACnD,MAAM,KAAK,GAAG,8CAA8C,CAAA;gBAC5D,MAAM,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;gBACtD,MAAM,KAAK,GACT,4FAA4F,CAAA;gBAC9F,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBACzC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAA;gBAC1C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAA;YAChD,CAAC,CAAC,CAAA;YAEF,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;gBAC9D,MAAM,KAAK,GAAG,iDAAiD,CAAA;gBAC/D,mDAAmD;gBACnD,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBAC1C,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBAC1C,MAAM,OAAO,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAA;gBAC1C,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;gBAC7C,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;gBAC7C,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;YAC/C,CAAC,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,KAAK,GAAG;gBACZ,KAAK,EAAE,0CAA0C;gBACjD,IAAI,EAAE,MAAM;aACb,CAAA;YACD,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAA4B,CAAA;YACtE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAClC,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,KAAK,GAAG;gBACZ,MAAM,EAAE;oBACN,IAAI,EAAE;wBACJ,MAAM,EAAE,kCAAkC;qBAC3C;iBACF;aACF,CAAA;YACD,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAA4B,CAAA;YACtE,MAAM,CAAE,MAAM,CAAC,MAAkC,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC;gBAC9D,MAAM,EAAE,oBAAoB;aAC7B,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,KAAK,GAAG,CAAC,0CAA0C,EAAE,eAAe,CAAC,CAAA;YAC3E,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAAa,CAAA;YACvD,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACxC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAA;QACzC,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,MAAM,KAAK,GAAG;gBACZ,MAAM,EAAE;oBACN,EAAE,GAAG,EAAE,0CAA0C,EAAE;oBACnD,EAAE,GAAG,EAAE,kCAAkC,EAAE;iBAC5C;aACF,CAAA;YACD,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAA4B,CAAA;YACtE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAwC,CAAA;YAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YAC5C,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAA;QAClD,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAC9C,MAAM,CAAC,qBAAqB,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;QAC1D,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,KAAK,GAAG;gBACZ,KAAK,EAAE,EAAE;gBACT,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,IAAI;aACZ,CAAA;YACD,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAAA;YAC3C,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAC/B,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;YACnE,MAAM,KAAK,GAAG;gBACZ,KAAK,EAAE,IAAI,KAAK,CAAC,4DAA4D,CAAC;aAC/E,CAAA;YACD,MAAM,MAAM,GAAG,qBAAqB,CAAC,KAAK,CAA4B,CAAA;YACtE,4EAA4E;YAC5E,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAA;QACpC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}

package/dist/tests/validate.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Tests for SMI-742: MCP Skill Validate Tool
+ */
+export {};
+//# sourceMappingURL=validate.test.d.ts.map

package/dist/tests/validate.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate.test.d.ts","sourceRoot":"","sources":["../../tests/validate.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/tests/validate.test.js

@@ -0,0 +1,303 @@
+/**
+ * Tests for SMI-742: MCP Skill Validate Tool
+ */
+import { describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { promises as fs } from 'fs';
+import { join } from 'path';
+import { tmpdir } from 'os';
+import { executeValidate, formatValidationResults, validateInputSchema, } from '../src/tools/validate.js';
+import { SkillsmithError, ErrorCodes } from '@skillsmith/core';
+describe('Skill Validate Tool', () => {
+    let testDir;
+    beforeEach(async () => {
+        // Create a temporary directory for test files
+        testDir = await fs.mkdtemp(join(tmpdir(), 'skillsmith-validate-test-'));
+    });
+    afterEach(async () => {
+        // Clean up test directory
+        await fs.rm(testDir, { recursive: true, force: true });
+    });
+    describe('validateInputSchema', () => {
+        it('should require skill_path', () => {
+            expect(() => validateInputSchema.parse({})).toThrow();
+            expect(() => validateInputSchema.parse({ skill_path: '' })).toThrow();
+        });
+        it('should accept valid skill_path', () => {
+            const result = validateInputSchema.parse({
+                skill_path: '/path/to/SKILL.md',
+            });
+            expect(result.skill_path).toBe('/path/to/SKILL.md');
+            expect(result.strict).toBe(false); // default
+        });
+        it('should accept strict mode', () => {
+            const result = validateInputSchema.parse({
+                skill_path: '/path/to/skill',
+                strict: true,
+            });
+            expect(result.strict).toBe(true);
+        });
+        it('should default strict to false', () => {
+            const result = validateInputSchema.parse({
+                skill_path: '/path/to/skill',
+            });
+            expect(result.strict).toBe(false);
+        });
+    });
+    describe('executeValidate', () => {
+        it('should validate a valid SKILL.md file', async () => {
+            const skillContent = `---
+name: test-skill
+description: A test skill for validation
+author: test-author
+version: 1.0.0
+tags:
+  - testing
+  - validation
+---
+
+# Test Skill
+
+This is a test skill.
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(true);
+            expect(result.errors.filter((e) => e.severity === 'error')).toHaveLength(0);
+            expect(result.metadata).toBeDefined();
+            expect(result.metadata?.name).toBe('test-skill');
+            expect(result.metadata?.description).toBe('A test skill for validation');
+            expect(result.timing.totalMs).toBeGreaterThanOrEqual(0);
+        });
+        it('should find SKILL.md in directory', async () => {
+            const skillContent = `---
+name: dir-skill
+description: Skill in directory
+---
+`;
+            await fs.writeFile(join(testDir, 'SKILL.md'), skillContent);
+            const result = await executeValidate({ skill_path: testDir });
+            expect(result.valid).toBe(true);
+            expect(result.path).toBe(join(testDir, 'SKILL.md'));
+            expect(result.metadata?.name).toBe('dir-skill');
+        });
+        it('should return error for missing name field', async () => {
+            const skillContent = `---
+description: A skill without a name
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'name' && e.severity === 'error')).toBe(true);
+        });
+        it('should warn for missing description in non-strict mode', async () => {
+            const skillContent = `---
+name: no-description-skill
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath, strict: false });
+            expect(result.valid).toBe(true); // Still valid in non-strict mode
+            expect(result.errors.some((e) => e.field === 'description' && e.severity === 'warning')).toBe(true);
+        });
+        it('should error for missing description in strict mode', async () => {
+            const skillContent = `---
+name: no-description-skill
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath, strict: true });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'description' && e.severity === 'error')).toBe(true);
+        });
+        it('should error for name exceeding 64 characters', async () => {
+            const longName = 'a'.repeat(65);
+            const skillContent = `---
+name: ${longName}
+description: A skill with a very long name
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'name' && e.message.includes('exceeds maximum length'))).toBe(true);
+        });
+        it('should error for description exceeding 1024 characters', async () => {
+            const longDesc = 'a'.repeat(1025);
+            const skillContent = `---
+name: long-desc-skill
+description: ${longDesc}
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'description' && e.message.includes('exceeds maximum length'))).toBe(true);
+        });
+        it('should detect SSRF pattern in repository URL', async () => {
+            const skillContent = `---
+name: ssrf-skill
+description: A skill with dangerous URL
+repository: file:///etc/passwd
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'repository' && e.message.includes('dangerous URL pattern'))).toBe(true);
+        });
+        it('should detect localhost in repository URL', async () => {
+            const skillContent = `---
+name: localhost-skill
+description: A skill with localhost URL
+repository: http://localhost:8080/repo
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'repository' && e.message.includes('dangerous URL pattern'))).toBe(true);
+        });
+        it('should detect path traversal in values', async () => {
+            const skillContent = `---
+name: traversal-skill
+description: ../../../etc/passwd
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.message.includes('path traversal'))).toBe(true);
+        });
+        it('should error for invalid frontmatter', async () => {
+            const skillContent = `# No Frontmatter Skill
+
+This skill has no YAML frontmatter.
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'frontmatter')).toBe(true);
+        });
+        it('should throw for non-existent path', async () => {
+            const fakePath = join(testDir, 'nonexistent', 'SKILL.md');
+            try {
+                await executeValidate({ skill_path: fakePath });
+                expect.fail('Should have thrown an error');
+            }
+            catch (error) {
+                expect(error).toBeInstanceOf(SkillsmithError);
+                expect(error.code).toBe(ErrorCodes.SKILL_NOT_FOUND);
+            }
+        });
+        it('should throw for path traversal in input path', async () => {
+            try {
+                await executeValidate({ skill_path: '../../../etc/passwd' });
+                expect.fail('Should have thrown an error');
+            }
+            catch (error) {
+                expect(error).toBeInstanceOf(SkillsmithError);
+                expect(error.code).toBe(ErrorCodes.VALIDATION_INVALID_TYPE);
+            }
+        });
+        it('should validate tags array correctly', async () => {
+            const skillContent = `---
+name: tags-skill
+description: A skill with invalid tags
+tags: not-an-array
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field === 'tags' && e.message.includes('array'))).toBe(true);
+        });
+        it('should validate tag length limits', async () => {
+            const longTag = 'a'.repeat(33);
+            const skillContent = `---
+name: long-tag-skill
+description: A skill with a very long tag
+tags:
+  - ${longTag}
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            expect(result.valid).toBe(false);
+            expect(result.errors.some((e) => e.field.startsWith('tags[') && e.message.includes('exceeds'))).toBe(true);
+        });
+    });
+    describe('formatValidationResults', () => {
+        it('should format valid skill results', async () => {
+            const skillContent = `---
+name: format-test-skill
+description: A skill for testing formatting
+author: tester
+version: 1.0.0
+tags: [testing, formatting]
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            const formatted = formatValidationResults(result);
+            expect(formatted).toContain('Skill Validation Results');
+            expect(formatted).toContain('Status: VALID');
+            expect(formatted).toContain('Metadata:');
+            expect(formatted).toContain('Name: format-test-skill');
+            expect(formatted).toContain('Author: tester');
+            expect(formatted).toContain('Version: 1.0.0');
+        });
+        it('should format invalid skill results with errors', async () => {
+            const skillContent = `---
+description: No name field
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            const formatted = formatValidationResults(result);
+            expect(formatted).toContain('Status: INVALID');
+            expect(formatted).toContain('[ERROR]');
+            expect(formatted).toContain('name');
+        });
+        it('should show warning count in formatted output', async () => {
+            const skillContent = `---
+name: warning-skill
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            const formatted = formatValidationResults(result);
+            expect(formatted).toContain('warning(s)');
+            expect(formatted).toContain('[WARN]');
+        });
+        it('should include timing information', async () => {
+            const skillContent = `---
+name: timing-skill
+description: Test timing
+---
+`;
+            const filePath = join(testDir, 'SKILL.md');
+            await fs.writeFile(filePath, skillContent);
+            const result = await executeValidate({ skill_path: filePath });
+            const formatted = formatValidationResults(result);
+            expect(formatted).toContain('Completed in');
+            expect(formatted).toContain('ms');
+        });
+    });
+});
+//# sourceMappingURL=validate.test.js.map

package/dist/tests/validate.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate.test.js","sourceRoot":"","sources":["../../tests/validate.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAA;AACpE,OAAO,EAAE,QAAQ,IAAI,EAAE,EAAE,MAAM,IAAI,CAAA;AACnC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAA;AAC3B,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,CAAA;AAC3B,OAAO,EACL,eAAe,EACf,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,0BAA0B,CAAA;AACjC,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAE9D,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,OAAe,CAAA;IAEnB,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,8CAA8C;QAC9C,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,2BAA2B,CAAC,CAAC,CAAA;IACzE,CAAC,CAAC,CAAA;IAEF,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,0BAA0B;QAC1B,MAAM,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;IACxD,CAAC,CAAC,CAAA;IAEF,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;YACnC,MAAM,CAAC,GAAG,EAAE,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,CAAA;YACrD,MAAM,CAAC,GAAG,EAAE,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,CAAA;QACvE,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC;gBACvC,UAAU,EAAE,mBAAmB;aAChC,CAAC,CAAA;YACF,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAA;YACnD,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA,CAAC,UAAU;QAC9C,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;YACnC,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC;gBACvC,UAAU,EAAE,gBAAgB;gBAC5B,MAAM,EAAE,IAAI;aACb,CAAC,CAAA;YACF,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC;gBACvC,UAAU,EAAE,gBAAgB;aAC7B,CAAC,CAAA;YACF,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;QACnC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;YACrD,MAAM,YAAY,GAAG;;;;;;;;;;;;;CAa1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAC/B,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAA;YAC3E,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAA;YACrC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;YAChD,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;YACxE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAA;QACzD,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,YAAY,GAAG;;;;CAI1B,CAAA;YACK,MAAM,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,YAAY,CAAC,CAAA;YAE3D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC,CAAA;YAE7D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAC/B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAA;YACnD,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;QACjD,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;YAC1D,MAAM,YAAY,GAAG;;;CAG1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC5F,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;YACtE,MAAM,YAAY,GAAG;;;CAG1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAA;YAE7E,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA,CAAC,iCAAiC;YACjE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,aAAa,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAC3F,IAAI,CACL,CAAA;QACH,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;YACnE,MAAM,YAAY,GAAG;;;CAG1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAA;YAE5E,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,aAAa,IAAI,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CACzF,IAAI,CACL,CAAA;QACH,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;YAC7D,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;YAC/B,MAAM,YAAY,GAAG;QACnB,QAAQ;;;CAGf,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CACJ,MAAM,CAAC,MAAM,CAAC,IAAI,CAChB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,MAAM,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAC1E,CACF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;YACtE,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;YACjC,MAAM,YAAY,GAAG;;eAEZ,QAAQ;;CAEtB,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CACJ,MAAM,CAAC,MAAM,CAAC,IAAI,CAChB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,aAAa,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CACjF,CACF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAC5D,MAAM,YAAY,GAAG;;;;;CAK1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CACJ,MAAM,CAAC,MAAM,CAAC,IAAI,CAChB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,YAAY,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAC/E,CACF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,2CAA2C,EAAE,KAAK,IAAI,EAAE;YACzD,MAAM,YAAY,GAAG;;;;;CAK1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CACJ,MAAM,CAAC,MAAM,CAAC,IAAI,CAChB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,YAAY,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAC/E,CACF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,wCAAwC,EAAE,KAAK,IAAI,EAAE;YACtD,MAAM,YAAY,GAAG;;;;CAI1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACpF,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,MAAM,YAAY,GAAG;;;CAG1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACzE,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,aAAa,EAAE,UAAU,CAAC,CAAA;YAEzD,IAAI,CAAC;gBACH,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;gBAC/C,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;YAC5C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,eAAe,CAAC,CAAA;gBAC7C,MAAM,CAAE,KAAyB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,CAAA;YAC1E,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;YAC7D,IAAI,CAAC;gBACH,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,qBAAqB,EAAE,CAAC,CAAA;gBAC5D,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;YAC5C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,eAAe,CAAC,CAAA;gBAC7C,MAAM,CAAE,KAAyB,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAA;YAClF,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,MAAM,YAAY,GAAG;;;;;CAK1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,MAAM,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CACvF,IAAI,CACL,CAAA;QACH,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;YAC9B,MAAM,YAAY,GAAG;;;;MAIrB,OAAO;;CAEZ,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAChC,MAAM,CACJ,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CACxF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QACd,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;QACvC,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,YAAY,GAAG;;;;;;;CAO1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC9D,MAAM,SAAS,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAA;YAEjD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAA;YACvD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAA;YAC5C,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAA;YACxC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAA;YACtD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAA;YAC7C,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAA;QAC/C,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;YAC/D,MAAM,YAAY,GAAG;;;CAG1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC9D,MAAM,SAAS,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAA;YAEjD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAA;YAC9C,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAA;YACtC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;QACrC,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;YAC7D,MAAM,YAAY,GAAG;;;CAG1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC9D,MAAM,SAAS,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAA;YAEjD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;YACzC,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAA;QACvC,CAAC,CAAC,CAAA;QAEF,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,YAAY,GAAG;;;;CAI1B,CAAA;YACK,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;YAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAA;YAE1C,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC9D,MAAM,SAAS,GAAG,uBAAuB,CAAC,MAAM,CAAC,CAAA;YAEjD,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAA;YAC3C,MAAM,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAA;QACnC,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}

package/dist/tests/webhooks/proxy-trust.security.test.d.ts

@@ -0,0 +1,8 @@
+/**
+ * SMI-682: Security tests for X-Forwarded-For proxy trust validation
+ *
+ * These tests verify that the server only trusts X-Forwarded-For headers
+ * when explicitly configured and from trusted proxy sources.
+ */
+export {};
+//# sourceMappingURL=proxy-trust.security.test.d.ts.map

package/dist/tests/webhooks/proxy-trust.security.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"proxy-trust.security.test.d.ts","sourceRoot":"","sources":["../../../tests/webhooks/proxy-trust.security.test.ts"],"names":[],"mappings":"AAAA;;;;;GAKG"}