@solongate/proxy 0.48.0 → 0.49.0

package/dist/audit/index.js

@@ -0,0 +1,3426 @@
+#!/usr/bin/env node
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+
+// src/audit/collector.ts
+import { readFileSync as readFileSync2, existsSync as existsSync2, readdirSync, statSync } from "fs";
+import { resolve as resolve2, join as join2 } from "path";
+import { homedir as homedir2 } from "os";
+
+// src/audit/config.ts
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { resolve, join } from "path";
+import { homedir } from "os";
+var CONFIG_DIR = resolve(homedir(), ".solongate-audit");
+var CONFIG_FILE = join(CONFIG_DIR, "config.json");
+function ensureConfigDir() {
+  if (!existsSync(CONFIG_DIR)) {
+    mkdirSync(CONFIG_DIR, { recursive: true });
+  }
+}
+function loadConfig() {
+  if (!existsSync(CONFIG_FILE)) {
+    return { customDirs: [] };
+  }
+  try {
+    return JSON.parse(readFileSync(CONFIG_FILE, "utf-8"));
+  } catch {
+    return { customDirs: [] };
+  }
+}
+function saveConfig(config) {
+  ensureConfigDir();
+  writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2));
+}
+function addDir(dir) {
+  const absDir = resolve(dir);
+  const config = loadConfig();
+  if (config.customDirs.includes(absDir)) {
+    console.log(`  Already added: ${absDir}`);
+    return;
+  }
+  if (!existsSync(absDir)) {
+    console.log(`  Warning: directory does not exist: ${absDir}`);
+    console.log(`  Adding anyway \u2014 it may appear later.
+`);
+  }
+  config.customDirs.push(absDir);
+  saveConfig(config);
+  console.log(`  Added: ${absDir}`);
+  console.log(`  Total custom dirs: ${config.customDirs.length}
+`);
+}
+function removeDir(dir) {
+  const absDir = resolve(dir);
+  const config = loadConfig();
+  const idx = config.customDirs.indexOf(absDir);
+  if (idx === -1) {
+    const match = config.customDirs.find((d) => d.includes(dir));
+    if (match) {
+      config.customDirs.splice(config.customDirs.indexOf(match), 1);
+      saveConfig(config);
+      console.log(`  Removed: ${match}`);
+      console.log(`  Remaining: ${config.customDirs.length}
+`);
+      return;
+    }
+    console.log(`  Not found: ${absDir}`);
+    console.log(`  Use --list-dirs to see saved directories.
+`);
+    return;
+  }
+  config.customDirs.splice(idx, 1);
+  saveConfig(config);
+  console.log(`  Removed: ${absDir}`);
+  console.log(`  Remaining: ${config.customDirs.length}
+`);
+}
+function listDirs() {
+  const config = loadConfig();
+  const home = homedir();
+  console.log("\n  Default log directories:");
+  console.log(`    Claude Code  \u2192 ${resolve(home, ".claude", "projects")}`);
+  console.log(`    Gemini CLI   \u2192 ${resolve(home, ".gemini", "tmp")}`);
+  console.log(`    OpenClaw     \u2192 ${resolve(home, ".openclaw", "agents", "main", "sessions")}`);
+  if (config.customDirs.length === 0) {
+    console.log("\n  Custom directories: (none)");
+  } else {
+    console.log(`
+  Custom directories (${config.customDirs.length}):`);
+    for (const d of config.customDirs) {
+      const exists = existsSync(d);
+      console.log(`    ${exists ? "+" : "-"} ${d}${exists ? "" : " (not found)"}`);
+    }
+  }
+  console.log(`
+  Config: ${CONFIG_FILE}
+`);
+}
+function searchLogs() {
+  const home = homedir();
+  const found = [];
+  console.log("\n  Searching for AI tool logs...\n");
+  const defaults = [
+    { name: "Claude Code", path: resolve(home, ".claude", "projects") },
+    { name: "Gemini CLI", path: resolve(home, ".gemini", "tmp") },
+    { name: "OpenClaw", path: resolve(home, ".openclaw", "agents", "main", "sessions") }
+  ];
+  for (const d of defaults) {
+    if (existsSync(d.path)) {
+      console.log(`  Found ${d.name}: ${d.path}`);
+      found.push(d.path);
+    }
+  }
+  if (process.platform === "win32") {
+    const usersDir = resolve(home, "..");
+    try {
+      const { readdirSync: readdirSync2, statSync: statSync2 } = __require("fs");
+      for (const user of readdirSync2(usersDir)) {
+        const userHome = join(usersDir, user);
+        if (userHome === home) continue;
+        try {
+          if (!statSync2(userHome).isDirectory()) continue;
+        } catch {
+          continue;
+        }
+        const otherPaths = [
+          { name: `Claude Code (${user})`, path: resolve(userHome, ".claude", "projects") },
+          { name: `Gemini CLI (${user})`, path: resolve(userHome, ".gemini", "tmp") },
+          { name: `OpenClaw (${user})`, path: resolve(userHome, ".openclaw", "agents", "main", "sessions") }
+        ];
+        for (const d of otherPaths) {
+          if (existsSync(d.path)) {
+            console.log(`  Found ${d.name}: ${d.path}`);
+            found.push(d.path);
+          }
+        }
+      }
+    } catch {
+    }
+  }
+  if (process.platform !== "win32") {
+    try {
+      const { readdirSync: readdirSync2 } = __require("fs");
+      for (const baseDir of ["/home", "/Users"]) {
+        if (!existsSync(baseDir)) continue;
+        for (const user of readdirSync2(baseDir)) {
+          const userHome = join(baseDir, user);
+          if (userHome === home) continue;
+          const otherPaths = [
+            { name: `Claude Code (${user})`, path: resolve(userHome, ".claude", "projects") },
+            { name: `Gemini CLI (${user})`, path: resolve(userHome, ".gemini", "tmp") },
+            { name: `OpenClaw (${user})`, path: resolve(userHome, ".openclaw", "agents", "main", "sessions") }
+          ];
+          for (const d of otherPaths) {
+            try {
+              if (existsSync(d.path)) {
+                console.log(`  Found ${d.name}: ${d.path}`);
+                found.push(d.path);
+              }
+            } catch {
+            }
+          }
+        }
+      }
+    } catch {
+    }
+  }
+  if (found.length === 0) {
+    console.log("  No AI tool logs found.\n");
+  } else {
+    console.log(`
+  Found ${found.length} log location(s).`);
+    console.log("  Default locations are scanned automatically.");
+    console.log("  To add a non-default location: npx solongate-audit --add-dir <path>\n");
+  }
+}
+
+// src/audit/collector.ts
+function collectClaude() {
+  const sessions = [];
+  const claudeDir = resolve2(homedir2(), ".claude", "projects");
+  if (!existsSync2(claudeDir)) return sessions;
+  for (const projectDir of readdirSync(claudeDir)) {
+    const projectPath = join2(claudeDir, projectDir);
+    if (!statSync(projectPath).isDirectory()) continue;
+    for (const file of readdirSync(projectPath)) {
+      if (!file.endsWith(".jsonl")) continue;
+      const filePath = join2(projectPath, file);
+      const sessionId = file.replace(".jsonl", "");
+      try {
+        const lines = readFileSync2(filePath, "utf-8").split("\n").filter(Boolean);
+        const toolCalls = [];
+        const userMessages = [];
+        let startTime = "";
+        let endTime = "";
+        let model = "";
+        for (const line of lines) {
+          try {
+            const entry = JSON.parse(line);
+            if (!entry.timestamp) continue;
+            if (!startTime) startTime = entry.timestamp;
+            endTime = entry.timestamp;
+            if (entry.type === "assistant") {
+              const content = entry.message?.content;
+              if (Array.isArray(content)) {
+                for (const block of content) {
+                  if (block.type === "tool_use") {
+                    toolCalls.push({
+                      id: block.id || "",
+                      toolName: block.name || "",
+                      arguments: block.input || {},
+                      timestamp: entry.timestamp,
+                      source: "claude",
+                      sessionId
+                    });
+                  }
+                }
+              }
+              if (entry.message?.model) model = entry.message.model;
+            }
+            if (entry.type === "user") {
+              const content = entry.message?.content;
+              if (typeof content === "string" && content.length > 0) {
+                userMessages.push({ timestamp: entry.timestamp, text: content.slice(0, 500) });
+              }
+              if (Array.isArray(content)) {
+                for (const block of content) {
+                  if (block.type === "tool_result") {
+                    const tc = toolCalls.find((t) => t.id === block.tool_use_id);
+                    if (tc) {
+                      const resultContent = block.content;
+                      if (typeof resultContent === "string") {
+                        tc.result = resultContent.slice(0, 2e3);
+                      } else if (Array.isArray(resultContent)) {
+                        tc.result = resultContent.map((c) => c.text || "").join("\n").slice(0, 2e3);
+                      }
+                      tc.isError = !!block.is_error;
+                    }
+                  }
+                }
+              }
+            }
+          } catch {
+          }
+        }
+        for (const um of userMessages) {
+          const umTime = new Date(um.timestamp).getTime();
+          const nextIdx = toolCalls.findIndex((tc) => new Date(tc.timestamp).getTime() > umTime);
+          if (nextIdx >= 0) um.nextToolCallIndex = nextIdx;
+        }
+        if (toolCalls.length > 0) {
+          sessions.push({ id: sessionId, source: "claude", startTime, endTime, model, toolCalls, userMessages, filePath });
+        }
+      } catch {
+      }
+    }
+  }
+  return sessions;
+}
+function collectGemini() {
+  const sessions = [];
+  const geminiDir = resolve2(homedir2(), ".gemini", "tmp");
+  if (!existsSync2(geminiDir)) return sessions;
+  for (const projectDir of readdirSync(geminiDir)) {
+    const chatsDir = join2(geminiDir, projectDir, "chats");
+    if (!existsSync2(chatsDir) || !statSync(chatsDir).isDirectory()) continue;
+    for (const file of readdirSync(chatsDir)) {
+      if (!file.startsWith("session-") || !file.endsWith(".json")) continue;
+      const filePath = join2(chatsDir, file);
+      try {
+        const data = JSON.parse(readFileSync2(filePath, "utf-8"));
+        const toolCalls = [];
+        const userMessages = [];
+        const sessionId = data.sessionId || file.replace(".json", "");
+        for (const msg of data.messages || []) {
+          if (msg.role === "user" && (msg.text || msg.content)) {
+            const text = String(msg.text || msg.content).slice(0, 500);
+            if (text.length > 0) {
+              userMessages.push({ timestamp: msg.timestamp || data.startTime || "", text });
+            }
+          }
+          if (!msg.toolCalls || !Array.isArray(msg.toolCalls)) continue;
+          for (const tc of msg.toolCalls) {
+            toolCalls.push({
+              id: tc.id || "",
+              toolName: tc.name || "",
+              arguments: tc.args || tc.arguments || {},
+              result: tc.result ? JSON.stringify(tc.result).slice(0, 2e3) : void 0,
+              isError: tc.status === "error",
+              timestamp: tc.timestamp || msg.timestamp || data.startTime || "",
+              source: "gemini",
+              sessionId
+            });
+          }
+        }
+        for (const um of userMessages) {
+          const umTime = new Date(um.timestamp).getTime();
+          const nextIdx = toolCalls.findIndex((tc) => new Date(tc.timestamp).getTime() > umTime);
+          if (nextIdx >= 0) um.nextToolCallIndex = nextIdx;
+        }
+        if (toolCalls.length > 0) {
+          sessions.push({
+            id: sessionId,
+            source: "gemini",
+            startTime: data.startTime || "",
+            endTime: data.lastUpdated || "",
+            model: data.messages?.[0]?.model || "",
+            toolCalls,
+            userMessages,
+            filePath
+          });
+        }
+      } catch {
+      }
+    }
+  }
+  return sessions;
+}
+function collectOpenClaw() {
+  const sessions = [];
+  const oclawDir = resolve2(homedir2(), ".openclaw", "agents", "main", "sessions");
+  if (!existsSync2(oclawDir)) return sessions;
+  for (const file of readdirSync(oclawDir)) {
+    if (!file.endsWith(".jsonl")) continue;
+    const filePath = join2(oclawDir, file);
+    const sessionId = file.replace(".jsonl", "");
+    try {
+      const lines = readFileSync2(filePath, "utf-8").split("\n").filter(Boolean);
+      const toolCalls = [];
+      const userMessages = [];
+      let startTime = "";
+      let endTime = "";
+      let model = "";
+      for (const line of lines) {
+        try {
+          const entry = JSON.parse(line);
+          if (!entry.timestamp) continue;
+          if (!startTime) startTime = entry.timestamp;
+          endTime = entry.timestamp;
+          if (entry.type === "model_change") {
+            model = entry.modelId || "";
+          }
+          if (entry.type === "message" && entry.message?.role === "user") {
+            const content = entry.message.content;
+            if (typeof content === "string" && content.length > 0) {
+              userMessages.push({ timestamp: entry.timestamp, text: content.slice(0, 500) });
+            }
+          }
+          if (entry.type === "message" && entry.message?.role === "assistant") {
+            const content = entry.message.content;
+            if (Array.isArray(content)) {
+              for (const block of content) {
+                if (block.type === "toolCall" || block.type === "tool_use") {
+                  toolCalls.push({
+                    id: block.id || "",
+                    toolName: block.name || "",
+                    arguments: block.arguments || block.input || {},
+                    timestamp: entry.timestamp,
+                    source: "openclaw",
+                    sessionId
+                  });
+                }
+              }
+            }
+          }
+          if (entry.type === "message" && entry.message?.role === "toolResult") {
+            const tc = toolCalls.find((t) => t.id === entry.message.toolCallId);
+            if (tc) {
+              const content = entry.message.content;
+              if (Array.isArray(content)) {
+                tc.result = content.map((c) => c.text || "").join("\n").slice(0, 2e3);
+              }
+              tc.isError = !!entry.message.isError;
+            }
+          }
+        } catch {
+        }
+      }
+      for (const um of userMessages) {
+        const umTime = new Date(um.timestamp).getTime();
+        const nextIdx = toolCalls.findIndex((tc) => new Date(tc.timestamp).getTime() > umTime);
+        if (nextIdx >= 0) um.nextToolCallIndex = nextIdx;
+      }
+      if (toolCalls.length > 0) {
+        sessions.push({ id: sessionId, source: "openclaw", startTime, endTime, model, toolCalls, userMessages, filePath });
+      }
+    } catch {
+    }
+  }
+  return sessions;
+}
+function collectCustomDirs() {
+  const sessions = [];
+  const config = loadConfig();
+  for (const dir of config.customDirs) {
+    if (!existsSync2(dir)) continue;
+    try {
+      for (const file of readdirSync(dir)) {
+        const filePath = join2(dir, file);
+        try {
+          if (!statSync(filePath).isFile()) continue;
+        } catch {
+          continue;
+        }
+        if (file.endsWith(".jsonl")) {
+          try {
+            const lines = readFileSync2(filePath, "utf-8").split("\n").filter(Boolean);
+            const toolCalls = [];
+            let startTime = "";
+            let endTime = "";
+            let model = "";
+            const sessionId = file.replace(".jsonl", "");
+            for (const line of lines) {
+              try {
+                const entry = JSON.parse(line);
+                if (!entry.timestamp) continue;
+                if (!startTime) startTime = entry.timestamp;
+                endTime = entry.timestamp;
+                if (entry.type === "model_change") model = entry.modelId || "";
+                if (entry.type === "assistant") {
+                  const content = entry.message?.content;
+                  if (Array.isArray(content)) {
+                    for (const block of content) {
+                      if (block.type === "tool_use") {
+                        toolCalls.push({ id: block.id || "", toolName: block.name || "", arguments: block.input || {}, timestamp: entry.timestamp, source: "claude", sessionId });
+                      }
+                    }
+                  }
+                  if (entry.message?.model) model = entry.message.model;
+                }
+                if (entry.type === "message" && entry.message?.role === "assistant") {
+                  const content = entry.message.content;
+                  if (Array.isArray(content)) {
+                    for (const block of content) {
+                      if (block.type === "toolCall" || block.type === "tool_use") {
+                        toolCalls.push({ id: block.id || "", toolName: block.name || "", arguments: block.arguments || block.input || {}, timestamp: entry.timestamp, source: "openclaw", sessionId });
+                      }
+                    }
+                  }
+                }
+                if (entry.type === "user") {
+                  const content = entry.message?.content;
+                  if (Array.isArray(content)) {
+                    for (const block of content) {
+                      if (block.type === "tool_result") {
+                        const tc = toolCalls.find((t) => t.id === block.tool_use_id);
+                        if (tc) {
+                          const rc = block.content;
+                          tc.result = typeof rc === "string" ? rc.slice(0, 2e3) : Array.isArray(rc) ? rc.map((c) => c.text || "").join("\n").slice(0, 2e3) : void 0;
+                          tc.isError = !!block.is_error;
+                        }
+                      }
+                    }
+                  }
+                }
+                if (entry.type === "message" && entry.message?.role === "toolResult") {
+                  const tc = toolCalls.find((t) => t.id === entry.message.toolCallId);
+                  if (tc) {
+                    const content = entry.message.content;
+                    if (Array.isArray(content)) {
+                      tc.result = content.map((c) => c.text || "").join("\n").slice(0, 2e3);
+                    }
+                    tc.isError = !!entry.message.isError;
+                  }
+                }
+              } catch {
+              }
+            }
+            if (toolCalls.length > 0) {
+              sessions.push({ id: sessionId, source: toolCalls[0].source, startTime, endTime, model, toolCalls, filePath });
+            }
+          } catch {
+          }
+        }
+        if (file.endsWith(".json")) {
+          try {
+            const data = JSON.parse(readFileSync2(filePath, "utf-8"));
+            if (!data.messages || !Array.isArray(data.messages)) continue;
+            const toolCalls = [];
+            const sessionId = data.sessionId || file.replace(".json", "");
+            for (const msg of data.messages) {
+              if (!msg.toolCalls || !Array.isArray(msg.toolCalls)) continue;
+              for (const tc of msg.toolCalls) {
+                toolCalls.push({ id: tc.id || "", toolName: tc.name || "", arguments: tc.args || tc.arguments || {}, result: tc.result ? JSON.stringify(tc.result).slice(0, 2e3) : void 0, isError: tc.status === "error", timestamp: tc.timestamp || msg.timestamp || data.startTime || "", source: "gemini", sessionId });
+              }
+            }
+            if (toolCalls.length > 0) {
+              sessions.push({ id: sessionId, source: "gemini", startTime: data.startTime || "", endTime: data.lastUpdated || "", model: data.messages?.[0]?.model || "", toolCalls, filePath });
+            }
+          } catch {
+          }
+        }
+      }
+    } catch {
+    }
+  }
+  return sessions;
+}
+function collectLogs() {
+  const claudeSessions = collectClaude();
+  const geminiSessions = collectGemini();
+  const openclawSessions = collectOpenClaw();
+  const customSessions = collectCustomDirs();
+  const sessions = [...claudeSessions, ...geminiSessions, ...openclawSessions, ...customSessions].sort((a, b) => (a.startTime || "").localeCompare(b.startTime || ""));
+  const sources = [];
+  if (claudeSessions.length > 0) sources.push("Claude Code");
+  if (geminiSessions.length > 0) sources.push("Gemini CLI");
+  if (openclawSessions.length > 0) sources.push("OpenClaw");
+  const allCalls = sessions.flatMap((s) => s.toolCalls);
+  const timestamps = allCalls.map((t) => t.timestamp).filter(Boolean).sort();
+  return {
+    sessions,
+    totalToolCalls: allCalls.length,
+    sources,
+    timeRange: timestamps.length > 0 ? { from: timestamps[0], to: timestamps[timestamps.length - 1] } : null
+  };
+}
+
+// src/audit/checks/chain-analysis.ts
+function isFileRead(tc) {
+  const t = tc.toolName.toLowerCase();
+  return t.includes("read") || t.includes("cat") || t.includes("grep") || t.includes("glob");
+}
+function isFileWrite(tc) {
+  const t = tc.toolName.toLowerCase();
+  return t.includes("write") || t.includes("edit");
+}
+function isShellExec(tc) {
+  const t = tc.toolName.toLowerCase();
+  return t.includes("bash") || t.includes("shell") || t.includes("exec") || t.includes("terminal");
+}
+function isNetworkCall(tc) {
+  const t = tc.toolName.toLowerCase();
+  const argStr = JSON.stringify(tc.arguments).toLowerCase();
+  return t.includes("web") || t.includes("fetch") || t.includes("navigate") || isShellExec(tc) && (argStr.includes("curl ") || argStr.includes("wget ") || argStr.includes("nc ") || argStr.includes("scp "));
+}
+function isPrivilegeEscalation(tc) {
+  if (!isShellExec(tc)) return false;
+  const argStr = JSON.stringify(tc.arguments).toLowerCase();
+  return /\bsudo\b/.test(argStr) || /\bchmod\b/.test(argStr) || /\bchown\b/.test(argStr) || /\brunas\b/.test(argStr);
+}
+function readsSensitiveFile(tc) {
+  const argStr = JSON.stringify(tc.arguments).toLowerCase();
+  return /\.env(?:\b|\.production|\.local|\.staging)/.test(argStr) || argStr.includes("credentials") || argStr.includes("id_rsa") || argStr.includes("id_ed25519") || argStr.includes(".pem") || argStr.includes("/etc/shadow") || argStr.includes("service-account");
+}
+function extractSummary(tc) {
+  const args2 = tc.arguments;
+  return String(args2.command || args2.file_path || args2.path || args2.url || JSON.stringify(args2).slice(0, 60));
+}
+var CHAIN_PATTERNS = [
+  {
+    name: "credential-exfiltration",
+    severity: "high",
+    description: "Credential file read followed by network call",
+    steps: [readsSensitiveFile, isNetworkCall],
+    maxGap: 10
+  },
+  {
+    name: "cross-contamination",
+    severity: "medium",
+    description: "File read followed by file write containing read content",
+    steps: [isFileRead, isFileWrite],
+    maxGap: 5,
+    requireContentOverlap: true
+  },
+  {
+    name: "privilege-escalation-sequence",
+    severity: "high",
+    description: "Normal read followed by privilege escalation then execution",
+    steps: [isFileRead, isPrivilegeEscalation, isShellExec],
+    maxGap: 8
+  },
+  {
+    name: "read-exec-chain",
+    severity: "medium",
+    description: "File read followed by shell exec using read content",
+    steps: [
+      (tc) => isFileRead(tc) && !readsSensitiveFile(tc),
+      (tc) => isShellExec(tc) && !isPrivilegeEscalation(tc)
+    ],
+    maxGap: 3,
+    requireContentOverlap: true
+  }
+];
+function hasContentOverlap(source, sink) {
+  const sourceResult = source.result || "";
+  if (sourceResult.length < 20) return false;
+  const sinkArgs = JSON.stringify(sink.arguments);
+  for (let i = 0; i < Math.min(sourceResult.length - 30, 500); i += 15) {
+    const chunk = sourceResult.slice(i, i + 30).trim();
+    if (chunk.length < 15) continue;
+    if (sinkArgs.includes(chunk)) return true;
+  }
+  return false;
+}
+function findRetryStorms(session) {
+  const matches = [];
+  const calls = session.toolCalls;
+  for (let i = 0; i < calls.length - 3; i++) {
+    const window = calls.slice(i, i + 4);
+    if (window.every((c) => c.toolName === window[0].toolName && c.isError)) {
+      matches.push({
+        chainName: "retry-storm",
+        sessionId: session.id,
+        steps: window.map((c, j) => ({
+          index: i + j,
+          toolName: c.toolName,
+          summary: `error: ${(c.result || "").slice(0, 50)}`
+        })),
+        severity: "low",
+        description: `${window[0].toolName} called ${window.length}+ times with consecutive errors`
+      });
+      break;
+    }
+  }
+  return matches;
+}
+function findChainMatches(session) {
+  const matches = [];
+  const calls = session.toolCalls;
+  matches.push(...findRetryStorms(session));
+  for (const pattern of CHAIN_PATTERNS) {
+    for (let startIdx = 0; startIdx < calls.length; startIdx++) {
+      if (!pattern.steps[0](calls[startIdx])) continue;
+      const stepMatches = [
+        { index: startIdx, toolName: calls[startIdx].toolName, summary: extractSummary(calls[startIdx]) }
+      ];
+      let currentIdx = startIdx;
+      let matched = true;
+      for (let stepNum = 1; stepNum < pattern.steps.length; stepNum++) {
+        let found = false;
+        for (let j = currentIdx + 1; j <= Math.min(currentIdx + pattern.maxGap, calls.length - 1); j++) {
+          if (pattern.steps[stepNum](calls[j])) {
+            stepMatches.push({ index: j, toolName: calls[j].toolName, summary: extractSummary(calls[j]) });
+            currentIdx = j;
+            found = true;
+            break;
+          }
+        }
+        if (!found) {
+          matched = false;
+          break;
+        }
+      }
+      if (!matched) continue;
+      if (pattern.requireContentOverlap) {
+        if (!hasContentOverlap(calls[stepMatches[0].index], calls[stepMatches[stepMatches.length - 1].index])) {
+          continue;
+        }
+      }
+      matches.push({
+        chainName: pattern.name,
+        sessionId: session.id,
+        steps: stepMatches,
+        severity: pattern.severity,
+        description: pattern.description
+      });
+      break;
+    }
+  }
+  return matches;
+}
+function analyzeChains(sessions) {
+  const allMatches = [];
+  for (const session of sessions) {
+    allMatches.push(...findChainMatches(session));
+  }
+  return allMatches;
+}
+
+// src/audit/checks/data-flow.ts
+var SENSITIVE_PATTERNS = [
+  { pattern: /sk-[a-zA-Z0-9]{20,}/, type: "openai_api_key" },
+  { pattern: /sk_live_[a-zA-Z0-9]+/, type: "stripe_key" },
+  { pattern: /Bearer\s+[a-zA-Z0-9._\-]{20,}/, type: "bearer_token" },
+  { pattern: /ghp_[a-zA-Z0-9]{36}/, type: "github_pat" },
+  { pattern: /glpat-[a-zA-Z0-9\-]{20,}/, type: "gitlab_pat" },
+  { pattern: /api[_-]?key\s*[:=]\s*['"]?([a-zA-Z0-9_\-]{16,})['"]?/i, type: "api_key" },
+  { pattern: /password\s*[:=]\s*['"]?([^\s'"]{8,})['"]?/i, type: "password" },
+  { pattern: /AWS[_A-Z]*KEY[_A-Z]*\s*[:=]\s*['"]?([A-Z0-9]{16,})['"]?/i, type: "aws_key" },
+  { pattern: /-----BEGIN\s+(RSA\s+)?PRIVATE\s+KEY-----/, type: "private_key" },
+  { pattern: /DATABASE_URL\s*[:=]\s*['"]?([^\s'"]+)['"]?/i, type: "database_url" }
+];
+var SENSITIVE_FILE_PATTERNS = [
+  /\.env(?:\b|\.production|\.local|\.staging)/,
+  /credentials/i,
+  /secrets?\b/i,
+  /id_rsa/,
+  /id_ed25519/,
+  /\.pem$/,
+  /service.account/i,
+  /\.npmrc/
+];
+function isSensitiveFileAccess(tc) {
+  const argStr = JSON.stringify(tc.arguments).toLowerCase();
+  return SENSITIVE_FILE_PATTERNS.some((p) => p.test(argStr));
+}
+function isNetworkOrExecSink(tc) {
+  const t = tc.toolName.toLowerCase();
+  const argStr = JSON.stringify(tc.arguments).toLowerCase();
+  return t.includes("web") || t.includes("fetch") || t.includes("navigate") || (t.includes("bash") || t.includes("shell") || t.includes("exec")) && (argStr.includes("curl") || argStr.includes("wget") || argStr.includes("nc ") || argStr.includes("scp ") || argStr.includes("http"));
+}
+function analyzeDataFlow(sessions) {
+  const leaks = [];
+  for (const session of sessions) {
+    const calls = session.toolCalls;
+    for (let i = 0; i < calls.length; i++) {
+      const source = calls[i];
+      const sourceResult = source.result || "";
+      if (sourceResult.length < 10) continue;
+      const foundTokens = [];
+      for (const { pattern, type } of SENSITIVE_PATTERNS) {
+        const match = sourceResult.match(pattern);
+        if (match) {
+          foundTokens.push({ type, value: (match[1] || match[0]).slice(0, 30) });
+        }
+      }
+      const isSensitiveRead = isSensitiveFileAccess(source);
+      if (foundTokens.length === 0 && !isSensitiveRead) continue;
+      for (let j = i + 1; j < Math.min(i + 20, calls.length); j++) {
+        const sink = calls[j];
+        if (!isNetworkOrExecSink(sink)) continue;
+        const sinkArgs = JSON.stringify(sink.arguments);
+        for (const token of foundTokens) {
+          if (sinkArgs.includes(token.value.slice(0, 15))) {
+            leaks.push({
+              sessionId: session.id,
+              sourceIndex: i,
+              sinkIndex: j,
+              sourceToolName: source.toolName,
+              sinkToolName: sink.toolName,
+              dataType: token.type,
+              pattern: token.value.slice(0, 20) + "..."
+            });
+            break;
+          }
+        }
+        if (isSensitiveRead && sourceResult.length > 20) {
+          for (let k = 0; k < Math.min(sourceResult.length - 20, 300); k += 20) {
+            const chunk = sourceResult.slice(k, k + 20).trim();
+            if (chunk.length < 10) continue;
+            if (sinkArgs.includes(chunk)) {
+              leaks.push({
+                sessionId: session.id,
+                sourceIndex: i,
+                sinkIndex: j,
+                sourceToolName: source.toolName,
+                sinkToolName: sink.toolName,
+                dataType: "file_content",
+                pattern: chunk.slice(0, 20) + "..."
+              });
+              break;
+            }
+          }
+        }
+      }
+    }
+  }
+  return leaks;
+}
+
+// src/audit/checks/baseline.ts
+function getPrivilegeLevel(toolName, args2) {
+  const t = toolName.toLowerCase();
+  const argStr = JSON.stringify(args2).toLowerCase();
+  if (t.includes("web") || t.includes("fetch") || t.includes("navigate")) return 4;
+  if ((t.includes("bash") || t.includes("shell") || t.includes("exec")) && (argStr.includes("curl") || argStr.includes("wget") || argStr.includes("nc "))) return 4;
+  if (t.includes("bash") || t.includes("shell") || t.includes("exec") || t.includes("terminal")) return 3;
+  if (t.includes("write") || t.includes("edit") || t.includes("delete") || t.includes("notebook")) return 2;
+  return 1;
+}
+function getToolCategory(toolName) {
+  const t = toolName.toLowerCase();
+  if (t.includes("read") || t.includes("cat") || t.includes("grep") || t.includes("glob") || t.includes("search")) return "read";
+  if (t.includes("write") || t.includes("edit")) return "write";
+  if (t.includes("bash") || t.includes("shell") || t.includes("exec") || t.includes("terminal")) return "exec";
+  if (t.includes("web") || t.includes("fetch") || t.includes("navigate") || t.includes("browser")) return "network";
+  if (t.includes("task") || t.includes("todo") || t.includes("agent")) return "orchestration";
+  return "other";
+}
+function computeBaseline(sessions, source) {
+  const filtered = source === "all" ? sessions : sessions.filter((s) => s.source === source);
+  const callCounts = filtered.map((s) => s.toolCalls.length);
+  const avgToolCalls = callCounts.length > 0 ? callCounts.reduce((a, b) => a + b, 0) / callCounts.length : 0;
+  const stddevToolCalls = callCounts.length > 1 ? Math.sqrt(callCounts.reduce((sum, c) => sum + (c - avgToolCalls) ** 2, 0) / (callCounts.length - 1)) : 0;
+  const durations = filtered.filter((s) => s.startTime && s.endTime).map((s) => new Date(s.endTime).getTime() - new Date(s.startTime).getTime()).filter((d) => !isNaN(d) && d > 0);
+  const avgDurationMs = durations.length > 0 ? durations.reduce((a, b) => a + b, 0) / durations.length : 0;
+  const stddevDurationMs = durations.length > 1 ? Math.sqrt(durations.reduce((sum, d) => sum + (d - avgDurationMs) ** 2, 0) / (durations.length - 1)) : 0;
+  const totalCalls = filtered.reduce((sum, s) => sum + s.toolCalls.length, 0);
+  const categoryCount = {};
+  for (const s of filtered) {
+    for (const tc of s.toolCalls) {
+      const cat = getToolCategory(tc.toolName);
+      categoryCount[cat] = (categoryCount[cat] || 0) + 1;
+    }
+  }
+  const toolTypeDistribution = {};
+  for (const [cat, count] of Object.entries(categoryCount)) {
+    toolTypeDistribution[cat] = totalCalls > 0 ? count / totalCalls * 100 : 0;
+  }
+  return { source, avgToolCalls, stddevToolCalls, toolTypeDistribution, avgDurationMs, stddevDurationMs };
+}
+function detectAnomalies(sessions, baselines) {
+  const anomalies = [];
+  const allBaseline = baselines.find((b) => b.source === "all");
+  if (!allBaseline || sessions.length < 3) return anomalies;
+  for (const session of sessions) {
+    const baseline = baselines.find((b) => b.source === session.source) || allBaseline;
+    const deviations = [];
+    if (baseline.stddevToolCalls > 0) {
+      const zScore = (session.toolCalls.length - baseline.avgToolCalls) / baseline.stddevToolCalls;
+      if (zScore > 2) {
+        deviations.push(`tool calls ${zScore.toFixed(1)}x stddev above mean (${session.toolCalls.length} vs avg ${Math.round(baseline.avgToolCalls)})`);
+      }
+    }
+    if (session.startTime && session.endTime && baseline.stddevDurationMs > 0) {
+      const duration = new Date(session.endTime).getTime() - new Date(session.startTime).getTime();
+      if (!isNaN(duration) && duration > 0) {
+        const zScore = (duration - baseline.avgDurationMs) / baseline.stddevDurationMs;
+        if (zScore > 2) {
+          deviations.push(`duration ${zScore.toFixed(1)}x stddev above mean`);
+        }
+      }
+    }
+    const sessionCategories = {};
+    for (const tc of session.toolCalls) {
+      const cat = getToolCategory(tc.toolName);
+      sessionCategories[cat] = (sessionCategories[cat] || 0) + 1;
+    }
+    const sessionTotal = session.toolCalls.length || 1;
+    for (const [cat, count] of Object.entries(sessionCategories)) {
+      const sessionPct = count / sessionTotal * 100;
+      const baselinePct = baseline.toolTypeDistribution[cat] || 0;
+      if (sessionPct > baselinePct * 3 && sessionPct > 10 && baselinePct > 0) {
+        deviations.push(`${cat}: ${sessionPct.toFixed(0)}% vs baseline ${baselinePct.toFixed(0)}%`);
+      }
+    }
+    if (deviations.length > 0) {
+      anomalies.push({
+        sessionId: session.id,
+        source: session.source,
+        deviations,
+        severity: deviations.length >= 3 ? "high" : deviations.length >= 2 ? "medium" : "low"
+      });
+    }
+  }
+  return anomalies;
+}
+function detectPermissionDrift(sessions) {
+  const drifts = [];
+  for (const session of sessions) {
+    const calls = session.toolCalls;
+    if (calls.length < 8) continue;
+    const mid = Math.floor(calls.length / 2);
+    const firstHalf = calls.slice(0, mid);
+    const secondHalf = calls.slice(mid);
+    const earlyLevels = firstHalf.map((tc) => getPrivilegeLevel(tc.toolName, tc.arguments));
+    const lateLevels = secondHalf.map((tc) => getPrivilegeLevel(tc.toolName, tc.arguments));
+    const earlyAvg = earlyLevels.reduce((a, b) => a + b, 0) / earlyLevels.length;
+    const lateAvg = lateLevels.reduce((a, b) => a + b, 0) / lateLevels.length;
+    const driftRatio = earlyAvg > 0 ? lateAvg / earlyAvg : lateAvg;
+    const earlyTools = new Set(firstHalf.map((tc) => getToolCategory(tc.toolName)));
+    const lateTools = new Set(secondHalf.map((tc) => getToolCategory(tc.toolName)));
+    const newToolTypes = [...lateTools].filter((t) => !earlyTools.has(t));
+    if (driftRatio > 1.5 || newToolTypes.includes("exec") || newToolTypes.includes("network")) {
+      drifts.push({
+        sessionId: session.id,
+        earlyPrivilegeLevel: earlyAvg,
+        latePrivilegeLevel: lateAvg,
+        driftRatio,
+        newToolTypes
+      });
+    }
+  }
+  return drifts;
+}
+var CRITICAL_ACTIONS = [
+  { pattern: /\b(git\s+push|npm\s+publish|docker\s+push|kubectl\s+apply|terraform\s+apply)\b/i, action: "deploy" },
+  { pattern: /rm\s+-rf\s+[\/~$.*]|del\s+\/[sf]|drop\s+(table|database)/i, action: "delete" },
+  { pattern: /chmod\s+[0-7]{3,4}|chown\b|sudo\b/i, action: "privilege" }
+];
+function actionMatchesUserRequest(action, userText) {
+  const lower = userText.toLowerCase();
+  switch (action) {
+    case "deploy":
+      return /\b(deploy|push|publish|release|ship|yayınla|gönder)\b/.test(lower);
+    case "delete":
+      return /\b(delete|remove|clean|drop|purge|sil|kaldır|temizle)\b/.test(lower);
+    case "privilege":
+      return /\b(chmod|chown|sudo|permission|root|admin|yetki)\b/.test(lower);
+    default:
+      return false;
+  }
+}
+function findUnsolicitedActions(sessions) {
+  const unsolicited = [];
+  for (const session of sessions) {
+    const userMsgs = session.userMessages || [];
+    if (userMsgs.length === 0) continue;
+    for (let i = 0; i < session.toolCalls.length; i++) {
+      const tc = session.toolCalls[i];
+      const t = tc.toolName.toLowerCase();
+      if (!(t.includes("bash") || t.includes("shell") || t.includes("exec"))) continue;
+      const argStr = JSON.stringify(tc.arguments);
+      for (const { pattern, action } of CRITICAL_ACTIONS) {
+        if (!pattern.test(argStr)) continue;
+        const tcTime = new Date(tc.timestamp).getTime();
+        const precedingMsgs = userMsgs.filter((um) => new Date(um.timestamp).getTime() < tcTime);
+        const lastMsg = precedingMsgs.length > 0 ? precedingMsgs[precedingMsgs.length - 1] : void 0;
+        const userRequestedIt = lastMsg && actionMatchesUserRequest(action, lastMsg.text);
+        if (!userRequestedIt) {
+          unsolicited.push({
+            sessionId: session.id,
+            toolCallIndex: i,
+            toolName: tc.toolName,
+            action,
+            lastUserMessageBefore: lastMsg?.text.slice(0, 100),
+            timeSinceLastUserMessage: lastMsg ? tcTime - new Date(lastMsg.timestamp).getTime() : void 0
+          });
+        }
+        break;
+      }
+    }
+  }
+  return unsolicited;
+}
+function analyzeBaseline(sessions) {
+  const sources = [...new Set(sessions.map((s) => s.source))];
+  const baselines = [
+    computeBaseline(sessions, "all"),
+    ...sources.map((s) => computeBaseline(sessions, s))
+  ];
+  const anomalies = detectAnomalies(sessions, baselines);
+  const permissionDrifts = detectPermissionDrift(sessions);
+  return { baselines, anomalies, permissionDrifts };
+}
+
+// src/audit/checks/asi01-goal-hijacking.ts
+var INJECTION_PATTERNS = [
+  /ignore\s+(previous|above|all)\s+(instructions|rules)/i,
+  /you\s+are\s+now\s+(a|an|the)/i,
+  /\<\/?system\s*>/i,
+  /\[\s*INST\s*\]/i,
+  /act\s+as\s+(a|an|if)\s+you/i,
+  /forget\s+(everything|all|your)\s+(instructions|rules|context)/i,
+  /override\s+(your|the|all)\s+(instructions|rules|safety)/i,
+  /new\s+instructions?\s*:/i,
+  /do\s+not\s+follow\s+(any|your|the)\s+(previous|original)/i,
+  /disregard\s+(all|any|your)\s+(previous|prior|original)/i
+];
+function checkGoalHijacking(data, deep) {
+  const code = "ASI01";
+  const title = "Goal Hijacking";
+  const evidence = [];
+  let injectionAttempts = 0;
+  const examples = [];
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const argStr = JSON.stringify(tc.arguments);
+    const resultStr = tc.result || "";
+    for (const pattern of INJECTION_PATTERNS) {
+      if (pattern.test(argStr)) {
+        injectionAttempts++;
+        if (examples.length < 3) {
+          examples.push(`${tc.toolName}: arg matches ${pattern.source.slice(0, 30)}`);
+        }
+        break;
+      }
+    }
+    for (const pattern of INJECTION_PATTERNS) {
+      if (pattern.test(resultStr)) {
+        injectionAttempts++;
+        if (examples.length < 3) {
+          examples.push(`${tc.toolName}: result contains injection pattern`);
+        }
+        break;
+      }
+    }
+  }
+  evidence.push({ icon: "info", text: `Scanned ${data.totalToolCalls} tool calls for prompt injection patterns` });
+  if (injectionAttempts === 0) {
+    evidence.push({ icon: "found", text: "No prompt injection patterns detected in tool calls or results" });
+  } else {
+    evidence.push({ icon: "warn", text: `${injectionAttempts} potential prompt injection pattern(s) detected` });
+    for (const ex of examples) {
+      evidence.push({ icon: "warn", text: `  ${ex}` });
+    }
+  }
+  let encodedPayloads = 0;
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const r = tc.result || "";
+    if (/[A-Za-z0-9+/]{50,}={0,2}/.test(r) && /base64|decode|eval/i.test(r)) {
+      encodedPayloads++;
+    }
+  }
+  if (encodedPayloads > 0) {
+    evidence.push({ icon: "warn", text: `${encodedPayloads} tool result(s) contain encoded payloads (potential obfuscated injection)` });
+  }
+  if (deep) {
+    const hijackChains = deep.chains.filter(
+      (c) => c.chainName === "cross-contamination" || c.chainName === "read-exec-chain"
+    );
+    if (hijackChains.length > 0) {
+      evidence.push({ icon: "warn", text: `${hijackChains.length} hijacking chain(s): file content flowing into execution` });
+      for (const chain of hijackChains.slice(0, 3)) {
+        evidence.push({ icon: "warn", text: `  ${chain.steps.map((s) => s.toolName).join(" \u2192 ")} (${chain.description})` });
+      }
+      injectionAttempts += hijackChains.length;
+    }
+  }
+  if (injectionAttempts === 0 && encodedPayloads === 0) {
+    return {
+      code,
+      title,
+      status: "PROTECTED",
+      evidence,
+      summary: "No prompt injection patterns found in agent logs.",
+      details: `Scanned ${data.totalToolCalls} tool calls. No known injection patterns (delimiter injection, role hijacking, encoded payloads) detected in arguments or results.`
+    };
+  }
+  const total = data.totalToolCalls || 1;
+  const rate = ((injectionAttempts + encodedPayloads) / total * 100).toFixed(2);
+  if ((injectionAttempts + encodedPayloads) / total < 5e-3) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${injectionAttempts} potential injection pattern(s) in ${total} calls (${rate}%).`,
+      details: "Low-frequency injection patterns found. Could be false positives or minor attempts. Review the flagged calls.",
+      recommendation: "Enable input guard on MCP proxy to block injection patterns before tool execution."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: `${injectionAttempts} prompt injection patterns in ${total} calls (${rate}%).`,
+    details: "Injection patterns found in tool arguments or results. Agents may have processed malicious instructions from external content.",
+    recommendation: "Enable input guard + AI Judge for semantic prompt injection analysis."
+  };
+}
+
+// src/audit/checks/asi02-tool-misuse.ts
+var SENSITIVE_FILES = [".env.production", "credentials.json", "id_rsa", "id_ed25519", ".pem", "/etc/shadow", "/etc/passwd", "service-account.json", ".npmrc"];
+var DESTRUCTIVE_PATTERNS = [
+  /rm\s+-rf\s+[\/~$.]/,
+  // rm -rf on root, home, or current dir
+  /rm\s+-rf\s+\*/,
+  // rm -rf *
+  /del\s+\/[sf]/i,
+  // del /f or /s on Windows
+  /format\s+[a-z]:/i,
+  // format C:
+  /drop\s+(table|database)/i,
+  /truncate\s+table/i
+];
+var EXFIL_PATTERNS = [
+  /\bnc\s+-[a-z]*\s+\S+\s+\d+/,
+  // nc connecting to host:port
+  /\bncat\s+/,
+  // ncat usage
+  />\s*\/dev\/tcp/,
+  // bash /dev/tcp redirect
+  /curl\s+.*--upload-file/,
+  // curl upload
+  /scp\s+\S+\s+\S+@/
+  // scp to remote
+];
+var WILDCARD_QUERIES = ["SELECT *", "WHERE 1=1", "WHERE true", "OR 1=1"];
+function checkToolMisuse(data, deep) {
+  const code = "ASI02";
+  const title = "Tool Misuse";
+  const evidence = [];
+  let sensitiveAccess = 0;
+  let destructiveCmds = 0;
+  let exfilAttempts = 0;
+  let wildcardQueries = 0;
+  const flagged = [];
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const argStr = JSON.stringify(tc.arguments).toLowerCase();
+    const toolLower = tc.toolName.toLowerCase();
+    if (toolLower.includes("read") || toolLower.includes("file") || toolLower.includes("cat")) {
+      for (const sf of SENSITIVE_FILES) {
+        if (argStr.includes(sf.toLowerCase())) {
+          sensitiveAccess++;
+          if (flagged.length < 5) flagged.push(`${tc.toolName}: accessed ${sf}`);
+          break;
+        }
+      }
+    }
+    if (toolLower.includes("bash") || toolLower.includes("shell") || toolLower.includes("exec") || toolLower.includes("terminal")) {
+      for (const dp of DESTRUCTIVE_PATTERNS) {
+        if (dp.test(argStr)) {
+          destructiveCmds++;
+          if (flagged.length < 5) flagged.push(`${tc.toolName}: destructive command matching ${dp.source.slice(0, 30)}`);
+          break;
+        }
+      }
+      for (const ep of EXFIL_PATTERNS) {
+        if (ep.test(argStr)) {
+          exfilAttempts++;
+          if (flagged.length < 5) flagged.push(`${tc.toolName}: potential exfiltration via ${ep.source.slice(0, 25)}`);
+          break;
+        }
+      }
+    }
+    if (toolLower.includes("query") || toolLower.includes("sql") || toolLower.includes("db")) {
+      for (const wq of WILDCARD_QUERIES) {
+        if (argStr.includes(wq.toLowerCase())) {
+          wildcardQueries++;
+          if (flagged.length < 5) flagged.push(`${tc.toolName}: wildcard query "${wq}"`);
+          break;
+        }
+      }
+    }
+  }
+  if (deep) {
+    const exfilChains = deep.chains.filter((c) => c.chainName === "credential-exfiltration");
+    if (exfilChains.length > 0) {
+      exfilAttempts += exfilChains.length;
+      flagged.push(...exfilChains.slice(0, 2).map(
+        (c) => `Chain: ${c.steps.map((s) => s.toolName).join(" \u2192 ")} (${c.description})`
+      ));
+    }
+    if (deep.dataFlowLeaks.length > 0) {
+      exfilAttempts += deep.dataFlowLeaks.length;
+      for (const leak of deep.dataFlowLeaks.slice(0, 3)) {
+        flagged.push(`Data flow: ${leak.sourceToolName} (${leak.dataType}) \u2192 ${leak.sinkToolName}`);
+      }
+    }
+  }
+  const totalIssues = sensitiveAccess + destructiveCmds + exfilAttempts + wildcardQueries;
+  evidence.push({ icon: "info", text: `Scanned ${data.totalToolCalls} tool calls for misuse patterns` });
+  if (sensitiveAccess > 0) evidence.push({ icon: "warn", text: `${sensitiveAccess} sensitive file access(es) (.env, credentials, keys)` });
+  if (destructiveCmds > 0) evidence.push({ icon: "warn", text: `${destructiveCmds} destructive command(s) (rm, del, drop, truncate)` });
+  if (exfilAttempts > 0) evidence.push({ icon: "warn", text: `${exfilAttempts} potential data exfiltration attempt(s) (curl, wget, nc)` });
+  if (wildcardQueries > 0) evidence.push({ icon: "warn", text: `${wildcardQueries} wildcard database query(ies) (SELECT *, WHERE 1=1)` });
+  for (const f of flagged) {
+    evidence.push({ icon: "warn", text: `  ${f}` });
+  }
+  if (totalIssues === 0) {
+    evidence.push({ icon: "found", text: "No tool misuse patterns detected" });
+    return {
+      code,
+      title,
+      status: "PROTECTED",
+      evidence,
+      summary: "No tool misuse detected in agent logs.",
+      details: `Scanned ${data.totalToolCalls} tool calls. No sensitive file access, destructive commands, exfiltration attempts, or wildcard queries found.`
+    };
+  }
+  const total = data.totalToolCalls || 1;
+  const rate = (totalIssues / total * 100).toFixed(2);
+  if (totalIssues / total < 0.01 && exfilAttempts === 0) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${totalIssues} tool misuse pattern(s) in ${total} calls (${rate}%).`,
+      details: "Low-frequency misuse patterns. May be legitimate development operations. Review flagged calls.",
+      recommendation: "Add policy.json with DENY rules for sensitive files and destructive commands."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: `${totalIssues} tool misuse pattern(s) in ${total} calls (${rate}%).`,
+    details: "Agents accessed sensitive files, ran destructive commands, or attempted data exfiltration. No policy enforcement prevented these actions.",
+    recommendation: "Create policy.json with DENY rules. Enforce via MCP proxy with argument constraints."
+  };
+}
+
+// src/audit/checks/asi03-identity-abuse.ts
+function checkIdentityAbuse(data, deep) {
+  const code = "ASI03";
+  const title = "Identity Abuse";
+  const evidence = [];
+  const sourceMap = /* @__PURE__ */ new Map();
+  for (const s of data.sessions) {
+    sourceMap.set(s.source, (sourceMap.get(s.source) || 0) + 1);
+  }
+  evidence.push({ icon: "info", text: `${data.sessions.length} session(s) from ${data.sources.join(", ")}` });
+  const sessionsWithModel = data.sessions.filter((s) => s.model);
+  if (sessionsWithModel.length === data.sessions.length) {
+    evidence.push({ icon: "found", text: "All sessions have model identity recorded" });
+  } else if (sessionsWithModel.length > 0) {
+    evidence.push({ icon: "warn", text: `${data.sessions.length - sessionsWithModel.length} session(s) missing model identity` });
+  } else {
+    evidence.push({ icon: "missing", text: "No sessions have model identity recorded" });
+  }
+  const fileAccessBySource = /* @__PURE__ */ new Map();
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const file = tc.arguments.file_path || tc.arguments.path || tc.arguments.filename;
+    if (file && typeof file === "string") {
+      if (!fileAccessBySource.has(tc.source)) fileAccessBySource.set(tc.source, /* @__PURE__ */ new Set());
+      fileAccessBySource.get(tc.source).add(file);
+    }
+  }
+  if (fileAccessBySource.size > 1) {
+    const sources = [...fileAccessBySource.keys()];
+    const overlap = /* @__PURE__ */ new Set();
+    for (const file of fileAccessBySource.get(sources[0]) || []) {
+      for (let i = 1; i < sources.length; i++) {
+        if (fileAccessBySource.get(sources[i])?.has(file)) overlap.add(file);
+      }
+    }
+    if (overlap.size > 0) {
+      evidence.push({ icon: "warn", text: `${overlap.size} file(s) accessed by multiple agents without privilege separation` });
+    }
+  }
+  let privEscalation = 0;
+  const privPatterns = ["/etc/passwd", "/etc/shadow", "chmod ", "chown ", "sudo ", "runas ", "admin", "root"];
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const argStr = JSON.stringify(tc.arguments).toLowerCase();
+    if (privPatterns.some((p) => argStr.includes(p))) privEscalation++;
+  }
+  if (privEscalation > 0) {
+    evidence.push({ icon: "warn", text: `${privEscalation} potential privilege escalation attempt(s) in logs` });
+  }
+  if (deep) {
+    const credFlows = deep.dataFlowLeaks.filter(
+      (l) => ["api_key", "bearer_token", "aws_key", "private_key", "password", "openai_api_key", "stripe_key", "github_pat"].includes(l.dataType)
+    );
+    if (credFlows.length > 0) {
+      evidence.push({ icon: "warn", text: `${credFlows.length} credential(s) flowed through tool calls without identity verification` });
+      for (const cf of credFlows.slice(0, 3)) {
+        evidence.push({ icon: "warn", text: `  ${cf.sourceToolName} (${cf.dataType}) \u2192 ${cf.sinkToolName}` });
+      }
+      privEscalation += credFlows.length;
+    }
+  }
+  evidence.push({ icon: "missing", text: "No principal binding \u2014 API keys not bound to agent identities in logs" });
+  evidence.push({ icon: "missing", text: "No verified principal in audit trail (identity is self-reported)" });
+  const issues = privEscalation + (fileAccessBySource.size > 1 ? 1 : 0);
+  if (issues === 0 && sessionsWithModel.length === data.sessions.length) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: "Agent identity tracked in logs, but no principal binding.",
+      details: "Sessions record which model/agent ran. But identity is self-reported, not cryptographically verified. No per-agent privilege boundaries.",
+      recommendation: "Add principal binding. Enable strict identity mode. Add agentTrustMap for per-agent privileges."
+    };
+  }
+  const total = data.totalToolCalls || 1;
+  const privRate = (privEscalation / total * 100).toFixed(2);
+  if (issues > 0 && privEscalation / total < 0.05) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${privEscalation} privilege escalation pattern(s) in ${total} calls (${privRate}%).`,
+      details: `Low-frequency privilege patterns found. May include legitimate admin operations. No principal binding or verified identity.`,
+      recommendation: "Add principal binding. Enable strict identity mode. Implement per-agent privilege scoping."
+    };
+  }
+  if (issues > 0) {
+    return {
+      code,
+      title,
+      status: "NOT_PROTECTED",
+      evidence,
+      summary: `${privEscalation} privilege escalation pattern(s) in ${total} calls (${privRate}%).`,
+      details: `High-frequency privilege escalation found. Multiple agents accessing same resources without separation. No principal binding or verified identity.`,
+      recommendation: "Add principal binding. Enable strict identity mode. Implement per-agent privilege scoping."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: "No agent identity verification or privilege control in logs.",
+    details: "Agent identity is not tracked or verified. No principal binding, no per-agent permissions. Any agent can act with full privileges.",
+    recommendation: "Set up MCP proxy (tracks identity). Add principal binding. Enable strict identity mode."
+  };
+}
+
+// src/audit/checks/asi04-supply-chain.ts
+function checkSupplyChain(data) {
+  const code = "ASI04";
+  const title = "Supply Chain";
+  const evidence = [];
+  let latestInstalls = 0;
+  let unpinnedInstalls = 0;
+  let unknownTools = 0;
+  const flagged = [];
+  const knownTools = [
+    "read",
+    "write",
+    "edit",
+    "glob",
+    "grep",
+    "bash",
+    "shell",
+    "exec",
+    "list",
+    "search",
+    "file",
+    "directory",
+    "notebook",
+    "web",
+    "browser",
+    "navigate",
+    "screenshot",
+    "mcp_filesystem",
+    "mcp_playwright",
+    "task",
+    "todo",
+    "memory",
+    "ask"
+  ];
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const argStr = JSON.stringify(tc.arguments).toLowerCase();
+    const toolLower = tc.toolName.toLowerCase();
+    if (toolLower.includes("bash") || toolLower.includes("shell") || toolLower.includes("exec")) {
+      if (argStr.includes("npm install") || argStr.includes("npm i ") || argStr.includes("pnpm add") || argStr.includes("yarn add")) {
+        if (argStr.includes("@latest")) {
+          latestInstalls++;
+          if (flagged.length < 5) flagged.push(`${tc.toolName}: installed package with @latest`);
+        }
+        if (!/@\d+\.\d+/.test(argStr) && !argStr.includes("@latest")) {
+          unpinnedInstalls++;
+        }
+      }
+      if (argStr.includes("pip install") && !argStr.includes("==")) {
+        unpinnedInstalls++;
+        if (flagged.length < 5) flagged.push(`${tc.toolName}: pip install without pinned version`);
+      }
+    }
+    if (!knownTools.some((kt) => toolLower.includes(kt))) {
+      unknownTools++;
+    }
+  }
+  evidence.push({ icon: "info", text: `Scanned ${data.totalToolCalls} tool calls for supply chain risks` });
+  if (latestInstalls > 0) {
+    evidence.push({ icon: "warn", text: `${latestInstalls} package install(s) with @latest \u2014 unpinned, can change without notice` });
+  }
+  if (unpinnedInstalls > 0) {
+    evidence.push({ icon: "warn", text: `${unpinnedInstalls} package install(s) without pinned version` });
+  }
+  if (unknownTools > 0) {
+    evidence.push({ icon: "info", text: `${unknownTools} calls to non-standard tools (may include injected tools)` });
+  }
+  for (const f of flagged) {
+    evidence.push({ icon: "warn", text: `  ${f}` });
+  }
+  evidence.push({ icon: "missing", text: "No deny-undeclared-default rule \u2014 unknown tools are not blocked" });
+  evidence.push({ icon: "missing", text: "No tool allowlist verification in logs" });
+  const totalIssues = latestInstalls + unpinnedInstalls;
+  if (totalIssues === 0) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: "No risky package installs detected, but no tool allowlist.",
+      details: "No @latest or unpinned package installs found in logs. But no deny-undeclared-default rule exists to block unknown tools.",
+      recommendation: "Add deny-undeclared-default rule. Add tool allowlist. Pin all package versions."
+    };
+  }
+  if (totalIssues <= 5) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${totalIssues} risky package install(s) \u2014 low frequency.`,
+      details: "Some packages installed without pinned versions, but at low frequency. Review and pin specific versions.",
+      recommendation: "Pin all package versions. Add deny-undeclared-default rule. Add tool allowlist."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: `${totalIssues} risky package install(s) detected in logs.`,
+    details: "Agents installed packages without pinned versions. A compromised package could inject malicious tools. No tool allowlist blocks unknown tools.",
+    recommendation: "Pin all package versions. Add deny-undeclared-default rule. Add tool allowlist."
+  };
+}
+
+// src/audit/checks/asi05-code-execution.ts
+var DANGEROUS_PATTERNS = [
+  { pattern: /eval\s*\(/, label: "eval() \u2014 arbitrary code execution" },
+  { pattern: /\bexec\s*\(/, label: "exec() \u2014 arbitrary code execution" },
+  { pattern: /python\s+-c\s+['"]/, label: "python -c inline code execution" },
+  { pattern: /node\s+-e\s+['"]/, label: "node -e inline code execution" },
+  { pattern: /curl\s+.*\|\s*(ba)?sh/, label: "curl pipe to shell \u2014 remote code execution" },
+  { pattern: /wget\s+.*\|\s*(ba)?sh/, label: "wget pipe to shell \u2014 remote code execution" },
+  { pattern: /base64\s+-d\s*\|/, label: "base64 decode piped to execution" },
+  { pattern: /powershell\s+-e(ncodedcommand)?/i, label: "powershell encoded command" }
+];
+function checkCodeExecution(data, deep) {
+  const code = "ASI05";
+  const title = "Code Execution";
+  const evidence = [];
+  let shellCalls = 0;
+  let dangerousExec = 0;
+  let noSandbox = true;
+  const flagged = [];
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const toolLower = tc.toolName.toLowerCase();
+    const argStr = JSON.stringify(tc.arguments);
+    if (toolLower.includes("bash") || toolLower.includes("shell") || toolLower.includes("exec") || toolLower.includes("terminal")) {
+      shellCalls++;
+      if (argStr.includes("docker ") || argStr.includes("sandbox") || argStr.includes("container")) {
+        noSandbox = false;
+      }
+      for (const { pattern, label } of DANGEROUS_PATTERNS) {
+        if (pattern.test(argStr)) {
+          dangerousExec++;
+          if (flagged.length < 5) flagged.push(`${tc.toolName}: ${label}`);
+          break;
+        }
+      }
+    }
+  }
+  evidence.push({ icon: "info", text: `${shellCalls} shell/exec call(s) found in ${data.sessions.length} session(s)` });
+  if (shellCalls === 0) {
+    evidence.push({ icon: "found", text: "No shell execution calls detected in logs" });
+    return {
+      code,
+      title,
+      status: "PROTECTED",
+      evidence,
+      summary: "No code execution detected in agent logs.",
+      details: "No shell commands, eval, or script execution found in any session."
+    };
+  }
+  if (dangerousExec > 0) {
+    evidence.push({ icon: "warn", text: `${dangerousExec} dangerous execution pattern(s) detected` });
+    for (const f of flagged) {
+      evidence.push({ icon: "warn", text: `  ${f}` });
+    }
+  } else {
+    evidence.push({ icon: "found", text: "No dangerous execution patterns (injection, chaining) detected" });
+  }
+  if (noSandbox) {
+    evidence.push({ icon: "missing", text: "No sandbox/container execution detected \u2014 all commands run on host" });
+  } else {
+    evidence.push({ icon: "found", text: "Some commands executed in container/sandbox environment" });
+  }
+  if (deep) {
+    const execChains = deep.chains.filter(
+      (c) => c.chainName === "privilege-escalation-sequence" || c.chainName === "read-exec-chain"
+    );
+    if (execChains.length > 0) {
+      evidence.push({ icon: "warn", text: `${execChains.length} execution chain(s): file content flowing into shell commands` });
+      for (const chain of execChains.slice(0, 3)) {
+        evidence.push({ icon: "warn", text: `  ${chain.steps.map((s) => s.toolName).join(" \u2192 ")}` });
+      }
+      dangerousExec += execChains.length;
+    }
+  }
+  evidence.push({ icon: "missing", text: "No REVIEW decision \u2014 code execution not routed for human approval" });
+  if (dangerousExec === 0 && !noSandbox) {
+    return {
+      code,
+      title,
+      status: "PROTECTED",
+      evidence,
+      summary: "Shell calls detected but executed in sandbox with no dangerous patterns.",
+      details: `${shellCalls} shell calls found. No command injection patterns. Container isolation detected.`
+    };
+  }
+  if (dangerousExec === 0) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${shellCalls} shell calls \u2014 no injection patterns, but no sandbox.`,
+      details: "Shell commands were executed on the host system without container isolation. No command injection patterns detected, but any bypass means full system access.",
+      recommendation: "Add REVIEW decision for code exec tools. Add Dockerfile for sandbox. Add input guard."
+    };
+  }
+  const dangerRate = shellCalls > 0 ? (dangerousExec / shellCalls * 100).toFixed(2) : "0";
+  if (dangerousExec / (shellCalls || 1) < 5e-3) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${dangerousExec} dangerous pattern(s) in ${shellCalls} shell calls (${dangerRate}%).`,
+      details: "Very low-frequency dangerous patterns. Likely legitimate usage. No sandbox or human approval.",
+      recommendation: "Add REVIEW decision for code exec. Add sandbox (Dockerfile). Add input guard."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: `${dangerousExec} dangerous pattern(s) in ${shellCalls} shell calls (${dangerRate}%).`,
+    details: "Agents executed shell commands with dangerous patterns (command chaining, injection, eval). No sandbox, no human approval. Full RCE possible.",
+    recommendation: "Add REVIEW decision for code exec. Add sandbox (Dockerfile). Add input guard + command restrictions."
+  };
+}
+
+// src/audit/checks/asi06-memory-poisoning.ts
+var MINJA_PATTERNS = [
+  /skip\s+(authorization|auth)\s+checks?/i,
+  /user\s+is\s+(verified\s+)?admin/i,
+  /full\s+access\s+(granted|enabled)/i,
+  /ignore\s+(security|safety|restriction)/i,
+  /bypass\s+(auth|security|check)/i,
+  /you\s+have\s+permission/i,
+  /elevated\s+privileges?/i,
+  /disable\s+(logging|audit|monitoring)/i,
+  /trust\s+this\s+(source|input|data)/i,
+  /no\s+verification\s+needed/i
+];
+function checkMemoryPoisoning(data) {
+  const code = "ASI06";
+  const title = "Memory Poisoning";
+  const evidence = [];
+  let poisoningPatterns = 0;
+  let unscanResults = 0;
+  const flagged = [];
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const result = tc.result || "";
+    for (const pattern of MINJA_PATTERNS) {
+      if (pattern.test(result)) {
+        poisoningPatterns++;
+        if (flagged.length < 3) {
+          flagged.push(`${tc.toolName}: result contains "${result.match(pattern)?.[0]}"`);
+        }
+        break;
+      }
+    }
+    if (result.length > 100) unscanResults++;
+  }
+  evidence.push({ icon: "info", text: `Scanned ${data.totalToolCalls} tool results for memory poisoning patterns` });
+  evidence.push({ icon: "info", text: `${unscanResults} tool result(s) returned substantial data (>100 chars) \u2014 unscanned` });
+  if (poisoningPatterns > 0) {
+    evidence.push({ icon: "warn", text: `${poisoningPatterns} MINJA-style poisoning pattern(s) detected in tool results` });
+    for (const f of flagged) {
+      evidence.push({ icon: "warn", text: `  ${f}` });
+    }
+  } else {
+    evidence.push({ icon: "found", text: "No MINJA poisoning patterns detected in tool results" });
+  }
+  evidence.push({ icon: "missing", text: "No response scanning \u2014 tool outputs go directly into agent context" });
+  evidence.push({ icon: "missing", text: "No memory validation \u2014 poisoned data can persist across sessions" });
+  evidence.push({ icon: "missing", text: "No context isolation between tool results" });
+  if (poisoningPatterns > 0) {
+    return {
+      code,
+      title,
+      status: "NOT_PROTECTED",
+      evidence,
+      summary: `${poisoningPatterns} memory poisoning pattern(s) found in tool results.`,
+      details: 'Tool results contain instructions that could manipulate agent behavior (MINJA attack). Patterns like "skip authorization" or "user is admin" found in data returned to agents.',
+      recommendation: "Implement response scanning with MINJA-informed rules. Add memory validation. Add context isolation."
+    };
+  }
+  if (unscanResults > 50) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${unscanResults} unscanned tool results \u2014 no poisoning detected, but no scanning exists.`,
+      details: `${unscanResults} tool results with substantial data passed directly to agent context without scanning. No MINJA patterns detected yet, but no scanning exists to catch future attacks.`,
+      recommendation: "Implement response scanning for tool outputs. Add MINJA-informed rules."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "PARTIAL",
+    evidence,
+    summary: "No poisoning detected, but no scanning exists to prevent it.",
+    details: "No MINJA patterns found in current logs. But tool outputs are not scanned \u2014 future attacks would go undetected.",
+    recommendation: "Implement response scanning with MINJA-informed rules. Add memory validation."
+  };
+}
+
+// src/audit/checks/asi07-inter-agent.ts
+function checkInterAgent(data) {
+  const code = "ASI07";
+  const title = "Inter-Agent Comms";
+  const evidence = [];
+  const agentSources = new Set(data.sessions.map((s) => s.source));
+  const multiAgent = agentSources.size > 1;
+  let delegationCalls = 0;
+  let agentSpawns = 0;
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const toolLower = tc.toolName.toLowerCase();
+    const argStr = JSON.stringify(tc.arguments).toLowerCase();
+    if (toolLower.includes("task") || toolLower.includes("agent") || toolLower.includes("delegate")) {
+      delegationCalls++;
+    }
+    if (argStr.includes("subagent") || argStr.includes("sub_agent") || argStr.includes("spawn")) {
+      agentSpawns++;
+    }
+  }
+  evidence.push({ icon: "info", text: `${agentSources.size} agent source(s): ${[...agentSources].join(", ")}` });
+  if (multiAgent) {
+    evidence.push({ icon: "warn", text: "Multiple agents active \u2014 no authenticated communication between them" });
+  }
+  if (delegationCalls > 0) {
+    evidence.push({ icon: "warn", text: `${delegationCalls} task delegation call(s) \u2014 no receipt chain or depth limits` });
+  }
+  if (agentSpawns > 0) {
+    evidence.push({ icon: "warn", text: `${agentSpawns} sub-agent spawn(s) \u2014 no fan-out limit` });
+  }
+  evidence.push({ icon: "missing", text: "No receipt chain \u2014 inter-agent messages have no verified identity trail" });
+  evidence.push({ icon: "missing", text: "No delegation depth limit (maxChainDepth)" });
+  evidence.push({ icon: "missing", text: "No fan-out limit (maxFanOut)" });
+  evidence.push({ icon: "missing", text: "No agent-to-agent authentication protocol" });
+  evidence.push({ icon: "missing", text: "No message integrity verification between agents" });
+  if (!multiAgent && delegationCalls === 0) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: "Single-agent usage \u2014 no inter-agent security needed yet.",
+      details: "Only one agent source detected. No delegation or sub-agent spawning. Inter-agent security not tested but also not needed for current usage.",
+      recommendation: "When using multi-agent systems, add receipt chain tracking, delegation limits, and authentication."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: multiAgent ? "Multiple agents active with no communication security." : `${delegationCalls} delegation(s) without receipt chain or depth limits.`,
+    details: "Agents communicate without authentication, receipts, or depth limits. A compromised agent can forge messages, create unlimited delegation chains, and spread malicious instructions.",
+    recommendation: "Add receipt chain tracking. Set maxChainDepth and maxFanOut limits. Add agent authentication."
+  };
+}
+
+// src/audit/checks/asi08-cascading-failures.ts
+function checkCascadingFailures(data, deep) {
+  const code = "ASI08";
+  const title = "Cascading Failures";
+  const evidence = [];
+  const allCalls = data.sessions.flatMap((s) => s.toolCalls);
+  const errorCalls = allCalls.filter((tc) => tc.isError);
+  const errorRate = allCalls.length > 0 ? errorCalls.length / allCalls.length : 0;
+  let burstDetected = 0;
+  for (const session of data.sessions) {
+    const calls = session.toolCalls;
+    for (let i = 0; i < calls.length - 5; i++) {
+      const window = calls.slice(i, i + 5);
+      const t0 = new Date(window[0].timestamp).getTime();
+      const t4 = new Date(window[4].timestamp).getTime();
+      if (t4 - t0 < 2e3 && !isNaN(t0) && !isNaN(t4)) {
+        burstDetected++;
+        break;
+      }
+    }
+  }
+  let retryStorms = 0;
+  for (const session of data.sessions) {
+    const calls = session.toolCalls;
+    for (let i = 0; i < calls.length - 3; i++) {
+      const window = calls.slice(i, i + 3);
+      if (window.every((c) => c.toolName === window[0].toolName && c.isError)) {
+        retryStorms++;
+        break;
+      }
+    }
+  }
+  let errorSpikes = 0;
+  for (const session of data.sessions) {
+    const errors = session.toolCalls.filter((tc) => tc.isError);
+    if (errors.length >= 5) {
+      const t0 = new Date(errors[0].timestamp).getTime();
+      const tN = new Date(errors[errors.length - 1].timestamp).getTime();
+      if (tN - t0 < 3e4 && !isNaN(t0) && !isNaN(tN)) {
+        errorSpikes++;
+      }
+    }
+  }
+  evidence.push({ icon: "info", text: `${allCalls.length} tool calls, ${errorCalls.length} errors (${(errorRate * 100).toFixed(1)}% error rate)` });
+  if (errorRate > 0.2) {
+    evidence.push({ icon: "warn", text: `High error rate: ${(errorRate * 100).toFixed(1)}% \u2014 potential cascading failure indicator` });
+  } else if (errorCalls.length > 0) {
+    evidence.push({ icon: "info", text: `Error rate ${(errorRate * 100).toFixed(1)}% \u2014 within normal range` });
+  }
+  if (burstDetected > 0) {
+    evidence.push({ icon: "warn", text: `${burstDetected} burst pattern(s) detected (5+ calls in <2s) \u2014 no rate limiting` });
+  }
+  if (retryStorms > 0) {
+    evidence.push({ icon: "warn", text: `${retryStorms} retry storm(s) detected (3+ consecutive errors on same tool)` });
+  }
+  if (errorSpikes > 0) {
+    evidence.push({ icon: "warn", text: `${errorSpikes} error spike(s) detected (5+ errors in <30s)` });
+  }
+  if (deep) {
+    const retryChains = deep.chains.filter((c) => c.chainName === "retry-storm");
+    if (retryChains.length > retryStorms) retryStorms = retryChains.length;
+    const highAnomalies = deep.anomalies.filter((a) => a.severity === "high");
+    if (highAnomalies.length > 0) {
+      evidence.push({ icon: "warn", text: `${highAnomalies.length} session(s) with abnormal behavior vs baseline` });
+      for (const a of highAnomalies.slice(0, 3)) {
+        evidence.push({ icon: "warn", text: `  Session ${a.sessionId.slice(0, 8)}: ${a.deviations[0]}` });
+      }
+    }
+  }
+  evidence.push({ icon: "missing", text: "No fail-closed behavior detected in logs" });
+  evidence.push({ icon: "missing", text: "No circuit breaker pattern detected" });
+  evidence.push({ icon: "missing", text: "No timeout enforcement detected" });
+  const totalIssues = burstDetected + retryStorms + errorSpikes + (errorRate > 0.2 ? 1 : 0);
+  if (totalIssues === 0 && errorRate <= 0.05) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: "No failure patterns detected, but no safeguards exist.",
+      details: "Logs show normal operation \u2014 no bursts, retry storms, or error spikes. But no fail-closed design, circuit breakers, or timeouts exist to prevent future cascading failures.",
+      recommendation: "Implement fail-closed mode. Add circuit breakers. Add timeout enforcement."
+    };
+  }
+  const sessionCount = data.sessions.length || 1;
+  const issueRate = (totalIssues / sessionCount * 100).toFixed(0);
+  if (totalIssues > 0 && totalIssues / sessionCount < 0.3) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${totalIssues} failure pattern(s) in ${sessionCount} sessions (${issueRate}%).`,
+      details: "Some burst patterns or retry storms found at low frequency. No fail-closed design, no circuit breakers.",
+      recommendation: "Implement fail-closed mode. Add circuit breakers. Add rate limiting."
+    };
+  }
+  if (totalIssues > 0) {
+    return {
+      code,
+      title,
+      status: "NOT_PROTECTED",
+      evidence,
+      summary: `${totalIssues} failure pattern(s) in ${sessionCount} sessions (${issueRate}%).`,
+      details: "Burst patterns, retry storms, or error spikes found in many sessions. No fail-closed design, no circuit breakers, no timeouts.",
+      recommendation: "Implement fail-closed mode. Add circuit breakers. Add rate limiting. Add timeout enforcement."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: "No cascading failure safeguards. High error rate in logs.",
+    details: "Error rate exceeds threshold. No fail-closed behavior, no circuit breakers, no spike detection exist to prevent cascading failures.",
+    recommendation: "Implement fail-closed mode. Add circuit breakers. Add spike detection. Add timeout enforcement."
+  };
+}
+
+// src/audit/checks/asi09-human-trust.ts
+var HIGH_IMPACT_TOOLS = ["deploy", "publish"];
+var SHELL_TOOLS = ["bash", "shell", "exec", "terminal"];
+function checkHumanTrust(data, deep) {
+  const code = "ASI09";
+  const title = "Human-Agent Trust";
+  const evidence = [];
+  let shellCalls = 0;
+  let writeOps = 0;
+  let deleteOps = 0;
+  let deployOps = 0;
+  for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+    const toolLower = tc.toolName.toLowerCase();
+    const argStr = JSON.stringify(tc.arguments).toLowerCase();
+    if (SHELL_TOOLS.some((ct) => toolLower.includes(ct)) || HIGH_IMPACT_TOOLS.some((ct) => toolLower.includes(ct))) {
+      shellCalls++;
+    }
+    if (toolLower.includes("write") || toolLower.includes("edit") || toolLower.includes("notebookedit")) {
+      writeOps++;
+    }
+    const isShellTool = SHELL_TOOLS.some((ct) => toolLower.includes(ct));
+    if (isShellTool) {
+      if (/rm\s+-rf\s+[\/~$.*]/.test(argStr) || /del\s+\/[sf]/i.test(argStr) || /drop\s+(table|database)/i.test(argStr)) {
+        deleteOps++;
+      }
+      if (/\b(git\s+push|npm\s+publish|docker\s+push|kubectl\s+apply|terraform\s+apply)\b/.test(argStr)) {
+        deployOps++;
+      }
+    }
+  }
+  evidence.push({ icon: "info", text: `${shellCalls} shell/exec call(s) in ${data.sessions.length} session(s)` });
+  evidence.push({ icon: "info", text: `${writeOps} file write(s), ${deleteOps} delete operation(s), ${deployOps} deploy/publish action(s)` });
+  if (deployOps > 0) {
+    evidence.push({ icon: "warn", text: `${deployOps} deploy/publish action(s) executed without human approval gate` });
+  }
+  if (deleteOps > 0) {
+    evidence.push({ icon: "warn", text: `${deleteOps} delete operation(s) executed without human approval gate` });
+  }
+  if (deep && deep.unsolicitedActions.length > 0) {
+    evidence.push({ icon: "warn", text: `${deep.unsolicitedActions.length} critical action(s) with no matching user request` });
+    for (const ua of deep.unsolicitedActions.slice(0, 3)) {
+      const ago = ua.timeSinceLastUserMessage ? `(${Math.round(ua.timeSinceLastUserMessage / 1e3)}s after last user msg)` : "(no preceding user message)";
+      evidence.push({ icon: "warn", text: `  ${ua.toolName}: ${ua.action} ${ago}` });
+    }
+    deployOps += deep.unsolicitedActions.filter((a) => a.action === "deploy").length;
+    deleteOps += deep.unsolicitedActions.filter((a) => a.action === "delete").length;
+  }
+  evidence.push({ icon: "missing", text: "No approval routing \u2014 critical actions not routed for human review" });
+  evidence.push({ icon: "missing", text: "No raw intent routing \u2014 humans may see agent-reframed summaries" });
+  evidence.push({ icon: "missing", text: "No policy-generated explanations \u2014 agents frame their own requests" });
+  evidence.push({ icon: "missing", text: "No protection against approval fatigue" });
+  if (shellCalls === 0) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: "No critical actions in logs, but no approval workflow exists.",
+      details: "No file writes, deletions, or deployments detected. But no human approval workflow exists \u2014 when critical actions occur, they will execute without review.",
+      recommendation: "Implement approval routing for critical actions. Add raw intent display."
+    };
+  }
+  if (deployOps === 0 && deleteOps === 0) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${shellCalls} shell calls without approval routing, but no high-impact actions.`,
+      details: "Shell commands executed without human approval workflow. No deployments or destructive deletions detected. But no approval routing exists for when high-impact actions occur.",
+      recommendation: "Implement approval routing. Add raw intent routing. Ensure policy-generated explanations."
+    };
+  }
+  const impactRate = shellCalls > 0 ? ((deployOps + deleteOps) / shellCalls * 100).toFixed(1) : "0";
+  if ((deployOps + deleteOps) / (shellCalls || 1) < 0.1) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${deployOps + deleteOps} high-impact action(s) in ${shellCalls} shell calls (${impactRate}%).`,
+      details: "Some deploy/delete operations without approval, but at low frequency relative to total shell usage.",
+      recommendation: "Implement approval routing for critical actions. Add raw intent display."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: `${deployOps + deleteOps} high-impact action(s) in ${shellCalls} shell calls (${impactRate}%).`,
+    details: "Deployments, deletions, or publishes executed without human review. No approval routing, no raw intent display, no policy-generated explanations.",
+    recommendation: "Implement approval routing for critical actions. Add raw intent display. Ensure policy-generated explanations."
+  };
+}
+
+// src/audit/checks/asi10-rogue-agents.ts
+function checkRogueAgents(data, deep) {
+  const code = "ASI10";
+  const title = "Rogue Agents";
+  const evidence = [];
+  let scopeEscalation = 0;
+  let volumeSpikes = 0;
+  let unusualTools = 0;
+  const avgCallsPerSession = data.sessions.length > 0 ? data.totalToolCalls / data.sessions.length : 0;
+  for (const session of data.sessions) {
+    if (session.toolCalls.length > avgCallsPerSession * 3 && avgCallsPerSession > 10) {
+      volumeSpikes++;
+    }
+    const calls = session.toolCalls;
+    const firstHalf = calls.slice(0, Math.floor(calls.length / 2));
+    const secondHalf = calls.slice(Math.floor(calls.length / 2));
+    const firstDangerous = firstHalf.filter((c) => {
+      const t = c.toolName.toLowerCase();
+      return t.includes("exec") || t.includes("bash") || t.includes("shell") || t.includes("delete");
+    }).length;
+    const secondDangerous = secondHalf.filter((c) => {
+      const t = c.toolName.toLowerCase();
+      return t.includes("exec") || t.includes("bash") || t.includes("shell") || t.includes("delete");
+    }).length;
+    if (secondHalf.length > 5 && secondDangerous > firstDangerous * 2 && secondDangerous > 3) {
+      scopeEscalation++;
+    }
+    const toolSet = new Set(calls.map((c) => c.toolName));
+    for (const tool of toolSet) {
+      const otherSessions = data.sessions.filter((s) => s.id !== session.id);
+      const usedElsewhere = otherSessions.some((s) => s.toolCalls.some((tc) => tc.toolName === tool));
+      if (!usedElsewhere && calls.filter((c) => c.toolName === tool).length > 5) {
+        unusualTools++;
+      }
+    }
+  }
+  evidence.push({ icon: "info", text: `${data.sessions.length} session(s), avg ${Math.round(avgCallsPerSession)} calls/session` });
+  if (volumeSpikes > 0) {
+    evidence.push({ icon: "warn", text: `${volumeSpikes} session(s) with 3x+ volume spike (anomalous activity)` });
+  }
+  if (scopeEscalation > 0) {
+    evidence.push({ icon: "warn", text: `${scopeEscalation} session(s) show scope escalation (reads \u2192 exec/delete)` });
+  }
+  if (unusualTools > 0) {
+    evidence.push({ icon: "warn", text: `${unusualTools} unusual tool usage pattern(s) (tools only used in one session)` });
+  }
+  if (deep) {
+    if (deep.permissionDrifts.length > 0) {
+      scopeEscalation = Math.max(scopeEscalation, deep.permissionDrifts.length);
+      for (const drift of deep.permissionDrifts.slice(0, 3)) {
+        evidence.push({
+          icon: "warn",
+          text: `Session ${drift.sessionId.slice(0, 8)}: privilege drift ${drift.driftRatio.toFixed(1)}x (level ${drift.earlyPrivilegeLevel.toFixed(1)} \u2192 ${drift.latePrivilegeLevel.toFixed(1)})` + (drift.newToolTypes.length > 0 ? ` | new: ${drift.newToolTypes.join(", ")}` : "")
+        });
+      }
+    }
+    if (deep.anomalies.length > 0) {
+      volumeSpikes = Math.max(volumeSpikes, deep.anomalies.length);
+      evidence.push({ icon: "warn", text: `${deep.anomalies.length} session(s) deviate >2 stddev from behavioral baseline` });
+      for (const a of deep.anomalies.slice(0, 3)) {
+        evidence.push({ icon: "warn", text: `  ${a.sessionId.slice(0, 8)}: ${a.deviations[0]}` });
+      }
+    }
+    const allBaseline = deep.baselines.find((b) => b.source === "all");
+    if (allBaseline) {
+      const dist = Object.entries(allBaseline.toolTypeDistribution).sort((a, b) => b[1] - a[1]).map(([k, v]) => `${k}:${v.toFixed(0)}%`).join(", ");
+      evidence.push({ icon: "info", text: `Baseline: avg ${Math.round(allBaseline.avgToolCalls)} calls/session | ${dist}` });
+    }
+  }
+  evidence.push({ icon: "missing", text: "No remote kill switch \u2014 cannot instantly stop a rogue agent" });
+  evidence.push({ icon: "missing", text: "No auto-shutdown on anomalous behavior" });
+  evidence.push({ icon: "missing", text: "No scope boundaries \u2014 agents can self-escalate" });
+  const totalAnomalies = volumeSpikes + scopeEscalation;
+  const sessionCount = data.sessions.length || 1;
+  const anomalyRate = (totalAnomalies / sessionCount * 100).toFixed(0);
+  if (totalAnomalies > 0 && totalAnomalies / sessionCount < 0.2) {
+    return {
+      code,
+      title,
+      status: "PARTIAL",
+      evidence,
+      summary: `${totalAnomalies} anomaly(ies) in ${sessionCount} sessions (${anomalyRate}%) \u2014 no kill switch.`,
+      details: "Some anomalous patterns at low frequency. No CUSUM baselines or kill switch, but current risk is moderate.",
+      recommendation: "Implement CUSUM behavioral baselines. Add remote kill switch. Add auto-shutdown on anomaly."
+    };
+  }
+  if (totalAnomalies > 0) {
+    return {
+      code,
+      title,
+      status: "NOT_PROTECTED",
+      evidence,
+      summary: `${totalAnomalies} anomaly(ies) in ${sessionCount} sessions (${anomalyRate}%) \u2014 no kill switch.`,
+      details: "Volume spikes or scope escalation patterns found in many sessions. No CUSUM baselines to detect drift. No remote kill switch or auto-shutdown.",
+      recommendation: "Implement CUSUM behavioral baselines. Add remote kill switch. Add auto-shutdown on anomaly."
+    };
+  }
+  return {
+    code,
+    title,
+    status: "NOT_PROTECTED",
+    evidence,
+    summary: "No behavioral monitoring or kill switch. Rogue agents undetectable.",
+    details: "No behavioral baselines, no drift detection, no kill switch. If an agent becomes rogue, there is no way to detect or stop it.",
+    recommendation: "Implement CUSUM behavioral baselines. Add remote kill switch. Add auto-shutdown. Set scope boundaries."
+  };
+}
+
+// src/audit/checks/index.ts
+function runAllChecks(data) {
+  const { baselines, anomalies, permissionDrifts } = analyzeBaseline(data.sessions);
+  const deep = {
+    chains: analyzeChains(data.sessions),
+    dataFlowLeaks: analyzeDataFlow(data.sessions),
+    permissionDrifts,
+    baselines,
+    anomalies,
+    unsolicitedActions: findUnsolicitedActions(data.sessions)
+  };
+  return [
+    checkGoalHijacking(data, deep),
+    checkToolMisuse(data, deep),
+    checkIdentityAbuse(data, deep),
+    checkSupplyChain(data),
+    checkCodeExecution(data, deep),
+    checkMemoryPoisoning(data),
+    checkInterAgent(data),
+    checkCascadingFailures(data, deep),
+    checkHumanTrust(data, deep),
+    checkRogueAgents(data, deep)
+  ];
+}
+
+// ../../node_modules/.pnpm/chalk@5.6.2/node_modules/chalk/source/vendor/ansi-styles/index.js
+var ANSI_BACKGROUND_OFFSET = 10;
+var wrapAnsi16 = (offset = 0) => (code) => `\x1B[${code + offset}m`;
+var wrapAnsi256 = (offset = 0) => (code) => `\x1B[${38 + offset};5;${code}m`;
+var wrapAnsi16m = (offset = 0) => (red, green, blue) => `\x1B[${38 + offset};2;${red};${green};${blue}m`;
+var styles = {
+  modifier: {
+    reset: [0, 0],
+    // 21 isn't widely supported and 22 does the same thing
+    bold: [1, 22],
+    dim: [2, 22],
+    italic: [3, 23],
+    underline: [4, 24],
+    overline: [53, 55],
+    inverse: [7, 27],
+    hidden: [8, 28],
+    strikethrough: [9, 29]
+  },
+  color: {
+    black: [30, 39],
+    red: [31, 39],
+    green: [32, 39],
+    yellow: [33, 39],
+    blue: [34, 39],
+    magenta: [35, 39],
+    cyan: [36, 39],
+    white: [37, 39],
+    // Bright color
+    blackBright: [90, 39],
+    gray: [90, 39],
+    // Alias of `blackBright`
+    grey: [90, 39],
+    // Alias of `blackBright`
+    redBright: [91, 39],
+    greenBright: [92, 39],
+    yellowBright: [93, 39],
+    blueBright: [94, 39],
+    magentaBright: [95, 39],
+    cyanBright: [96, 39],
+    whiteBright: [97, 39]
+  },
+  bgColor: {
+    bgBlack: [40, 49],
+    bgRed: [41, 49],
+    bgGreen: [42, 49],
+    bgYellow: [43, 49],
+    bgBlue: [44, 49],
+    bgMagenta: [45, 49],
+    bgCyan: [46, 49],
+    bgWhite: [47, 49],
+    // Bright color
+    bgBlackBright: [100, 49],
+    bgGray: [100, 49],
+    // Alias of `bgBlackBright`
+    bgGrey: [100, 49],
+    // Alias of `bgBlackBright`
+    bgRedBright: [101, 49],
+    bgGreenBright: [102, 49],
+    bgYellowBright: [103, 49],
+    bgBlueBright: [104, 49],
+    bgMagentaBright: [105, 49],
+    bgCyanBright: [106, 49],
+    bgWhiteBright: [107, 49]
+  }
+};
+var modifierNames = Object.keys(styles.modifier);
+var foregroundColorNames = Object.keys(styles.color);
+var backgroundColorNames = Object.keys(styles.bgColor);
+var colorNames = [...foregroundColorNames, ...backgroundColorNames];
+function assembleStyles() {
+  const codes = /* @__PURE__ */ new Map();
+  for (const [groupName, group] of Object.entries(styles)) {
+    for (const [styleName, style] of Object.entries(group)) {
+      styles[styleName] = {
+        open: `\x1B[${style[0]}m`,
+        close: `\x1B[${style[1]}m`
+      };
+      group[styleName] = styles[styleName];
+      codes.set(style[0], style[1]);
+    }
+    Object.defineProperty(styles, groupName, {
+      value: group,
+      enumerable: false
+    });
+  }
+  Object.defineProperty(styles, "codes", {
+    value: codes,
+    enumerable: false
+  });
+  styles.color.close = "\x1B[39m";
+  styles.bgColor.close = "\x1B[49m";
+  styles.color.ansi = wrapAnsi16();
+  styles.color.ansi256 = wrapAnsi256();
+  styles.color.ansi16m = wrapAnsi16m();
+  styles.bgColor.ansi = wrapAnsi16(ANSI_BACKGROUND_OFFSET);
+  styles.bgColor.ansi256 = wrapAnsi256(ANSI_BACKGROUND_OFFSET);
+  styles.bgColor.ansi16m = wrapAnsi16m(ANSI_BACKGROUND_OFFSET);
+  Object.defineProperties(styles, {
+    rgbToAnsi256: {
+      value(red, green, blue) {
+        if (red === green && green === blue) {
+          if (red < 8) {
+            return 16;
+          }
+          if (red > 248) {
+            return 231;
+          }
+          return Math.round((red - 8) / 247 * 24) + 232;
+        }
+        return 16 + 36 * Math.round(red / 255 * 5) + 6 * Math.round(green / 255 * 5) + Math.round(blue / 255 * 5);
+      },
+      enumerable: false
+    },
+    hexToRgb: {
+      value(hex) {
+        const matches = /[a-f\d]{6}|[a-f\d]{3}/i.exec(hex.toString(16));
+        if (!matches) {
+          return [0, 0, 0];
+        }
+        let [colorString] = matches;
+        if (colorString.length === 3) {
+          colorString = [...colorString].map((character) => character + character).join("");
+        }
+        const integer = Number.parseInt(colorString, 16);
+        return [
+          /* eslint-disable no-bitwise */
+          integer >> 16 & 255,
+          integer >> 8 & 255,
+          integer & 255
+          /* eslint-enable no-bitwise */
+        ];
+      },
+      enumerable: false
+    },
+    hexToAnsi256: {
+      value: (hex) => styles.rgbToAnsi256(...styles.hexToRgb(hex)),
+      enumerable: false
+    },
+    ansi256ToAnsi: {
+      value(code) {
+        if (code < 8) {
+          return 30 + code;
+        }
+        if (code < 16) {
+          return 90 + (code - 8);
+        }
+        let red;
+        let green;
+        let blue;
+        if (code >= 232) {
+          red = ((code - 232) * 10 + 8) / 255;
+          green = red;
+          blue = red;
+        } else {
+          code -= 16;
+          const remainder = code % 36;
+          red = Math.floor(code / 36) / 5;
+          green = Math.floor(remainder / 6) / 5;
+          blue = remainder % 6 / 5;
+        }
+        const value = Math.max(red, green, blue) * 2;
+        if (value === 0) {
+          return 30;
+        }
+        let result = 30 + (Math.round(blue) << 2 | Math.round(green) << 1 | Math.round(red));
+        if (value === 2) {
+          result += 60;
+        }
+        return result;
+      },
+      enumerable: false
+    },
+    rgbToAnsi: {
+      value: (red, green, blue) => styles.ansi256ToAnsi(styles.rgbToAnsi256(red, green, blue)),
+      enumerable: false
+    },
+    hexToAnsi: {
+      value: (hex) => styles.ansi256ToAnsi(styles.hexToAnsi256(hex)),
+      enumerable: false
+    }
+  });
+  return styles;
+}
+var ansiStyles = assembleStyles();
+var ansi_styles_default = ansiStyles;
+
+// ../../node_modules/.pnpm/chalk@5.6.2/node_modules/chalk/source/vendor/supports-color/index.js
+import process2 from "process";
+import os from "os";
+import tty from "tty";
+function hasFlag(flag, argv = globalThis.Deno ? globalThis.Deno.args : process2.argv) {
+  const prefix = flag.startsWith("-") ? "" : flag.length === 1 ? "-" : "--";
+  const position = argv.indexOf(prefix + flag);
+  const terminatorPosition = argv.indexOf("--");
+  return position !== -1 && (terminatorPosition === -1 || position < terminatorPosition);
+}
+var { env } = process2;
+var flagForceColor;
+if (hasFlag("no-color") || hasFlag("no-colors") || hasFlag("color=false") || hasFlag("color=never")) {
+  flagForceColor = 0;
+} else if (hasFlag("color") || hasFlag("colors") || hasFlag("color=true") || hasFlag("color=always")) {
+  flagForceColor = 1;
+}
+function envForceColor() {
+  if ("FORCE_COLOR" in env) {
+    if (env.FORCE_COLOR === "true") {
+      return 1;
+    }
+    if (env.FORCE_COLOR === "false") {
+      return 0;
+    }
+    return env.FORCE_COLOR.length === 0 ? 1 : Math.min(Number.parseInt(env.FORCE_COLOR, 10), 3);
+  }
+}
+function translateLevel(level) {
+  if (level === 0) {
+    return false;
+  }
+  return {
+    level,
+    hasBasic: true,
+    has256: level >= 2,
+    has16m: level >= 3
+  };
+}
+function _supportsColor(haveStream, { streamIsTTY, sniffFlags = true } = {}) {
+  const noFlagForceColor = envForceColor();
+  if (noFlagForceColor !== void 0) {
+    flagForceColor = noFlagForceColor;
+  }
+  const forceColor = sniffFlags ? flagForceColor : noFlagForceColor;
+  if (forceColor === 0) {
+    return 0;
+  }
+  if (sniffFlags) {
+    if (hasFlag("color=16m") || hasFlag("color=full") || hasFlag("color=truecolor")) {
+      return 3;
+    }
+    if (hasFlag("color=256")) {
+      return 2;
+    }
+  }
+  if ("TF_BUILD" in env && "AGENT_NAME" in env) {
+    return 1;
+  }
+  if (haveStream && !streamIsTTY && forceColor === void 0) {
+    return 0;
+  }
+  const min = forceColor || 0;
+  if (env.TERM === "dumb") {
+    return min;
+  }
+  if (process2.platform === "win32") {
+    const osRelease = os.release().split(".");
+    if (Number(osRelease[0]) >= 10 && Number(osRelease[2]) >= 10586) {
+      return Number(osRelease[2]) >= 14931 ? 3 : 2;
+    }
+    return 1;
+  }
+  if ("CI" in env) {
+    if (["GITHUB_ACTIONS", "GITEA_ACTIONS", "CIRCLECI"].some((key) => key in env)) {
+      return 3;
+    }
+    if (["TRAVIS", "APPVEYOR", "GITLAB_CI", "BUILDKITE", "DRONE"].some((sign) => sign in env) || env.CI_NAME === "codeship") {
+      return 1;
+    }
+    return min;
+  }
+  if ("TEAMCITY_VERSION" in env) {
+    return /^(9\.(0*[1-9]\d*)\.|\d{2,}\.)/.test(env.TEAMCITY_VERSION) ? 1 : 0;
+  }
+  if (env.COLORTERM === "truecolor") {
+    return 3;
+  }
+  if (env.TERM === "xterm-kitty") {
+    return 3;
+  }
+  if (env.TERM === "xterm-ghostty") {
+    return 3;
+  }
+  if (env.TERM === "wezterm") {
+    return 3;
+  }
+  if ("TERM_PROGRAM" in env) {
+    const version = Number.parseInt((env.TERM_PROGRAM_VERSION || "").split(".")[0], 10);
+    switch (env.TERM_PROGRAM) {
+      case "iTerm.app": {
+        return version >= 3 ? 3 : 2;
+      }
+      case "Apple_Terminal": {
+        return 2;
+      }
+    }
+  }
+  if (/-256(color)?$/i.test(env.TERM)) {
+    return 2;
+  }
+  if (/^screen|^xterm|^vt100|^vt220|^rxvt|color|ansi|cygwin|linux/i.test(env.TERM)) {
+    return 1;
+  }
+  if ("COLORTERM" in env) {
+    return 1;
+  }
+  return min;
+}
+function createSupportsColor(stream, options = {}) {
+  const level = _supportsColor(stream, {
+    streamIsTTY: stream && stream.isTTY,
+    ...options
+  });
+  return translateLevel(level);
+}
+var supportsColor = {
+  stdout: createSupportsColor({ isTTY: tty.isatty(1) }),
+  stderr: createSupportsColor({ isTTY: tty.isatty(2) })
+};
+var supports_color_default = supportsColor;
+
+// ../../node_modules/.pnpm/chalk@5.6.2/node_modules/chalk/source/utilities.js
+function stringReplaceAll(string, substring, replacer) {
+  let index = string.indexOf(substring);
+  if (index === -1) {
+    return string;
+  }
+  const substringLength = substring.length;
+  let endIndex = 0;
+  let returnValue = "";
+  do {
+    returnValue += string.slice(endIndex, index) + substring + replacer;
+    endIndex = index + substringLength;
+    index = string.indexOf(substring, endIndex);
+  } while (index !== -1);
+  returnValue += string.slice(endIndex);
+  return returnValue;
+}
+function stringEncaseCRLFWithFirstIndex(string, prefix, postfix, index) {
+  let endIndex = 0;
+  let returnValue = "";
+  do {
+    const gotCR = string[index - 1] === "\r";
+    returnValue += string.slice(endIndex, gotCR ? index - 1 : index) + prefix + (gotCR ? "\r\n" : "\n") + postfix;
+    endIndex = index + 1;
+    index = string.indexOf("\n", endIndex);
+  } while (index !== -1);
+  returnValue += string.slice(endIndex);
+  return returnValue;
+}
+
+// ../../node_modules/.pnpm/chalk@5.6.2/node_modules/chalk/source/index.js
+var { stdout: stdoutColor, stderr: stderrColor } = supports_color_default;
+var GENERATOR = /* @__PURE__ */ Symbol("GENERATOR");
+var STYLER = /* @__PURE__ */ Symbol("STYLER");
+var IS_EMPTY = /* @__PURE__ */ Symbol("IS_EMPTY");
+var levelMapping = [
+  "ansi",
+  "ansi",
+  "ansi256",
+  "ansi16m"
+];
+var styles2 = /* @__PURE__ */ Object.create(null);
+var applyOptions = (object, options = {}) => {
+  if (options.level && !(Number.isInteger(options.level) && options.level >= 0 && options.level <= 3)) {
+    throw new Error("The `level` option should be an integer from 0 to 3");
+  }
+  const colorLevel = stdoutColor ? stdoutColor.level : 0;
+  object.level = options.level === void 0 ? colorLevel : options.level;
+};
+var chalkFactory = (options) => {
+  const chalk2 = (...strings) => strings.join(" ");
+  applyOptions(chalk2, options);
+  Object.setPrototypeOf(chalk2, createChalk.prototype);
+  return chalk2;
+};
+function createChalk(options) {
+  return chalkFactory(options);
+}
+Object.setPrototypeOf(createChalk.prototype, Function.prototype);
+for (const [styleName, style] of Object.entries(ansi_styles_default)) {
+  styles2[styleName] = {
+    get() {
+      const builder = createBuilder(this, createStyler(style.open, style.close, this[STYLER]), this[IS_EMPTY]);
+      Object.defineProperty(this, styleName, { value: builder });
+      return builder;
+    }
+  };
+}
+styles2.visible = {
+  get() {
+    const builder = createBuilder(this, this[STYLER], true);
+    Object.defineProperty(this, "visible", { value: builder });
+    return builder;
+  }
+};
+var getModelAnsi = (model, level, type, ...arguments_) => {
+  if (model === "rgb") {
+    if (level === "ansi16m") {
+      return ansi_styles_default[type].ansi16m(...arguments_);
+    }
+    if (level === "ansi256") {
+      return ansi_styles_default[type].ansi256(ansi_styles_default.rgbToAnsi256(...arguments_));
+    }
+    return ansi_styles_default[type].ansi(ansi_styles_default.rgbToAnsi(...arguments_));
+  }
+  if (model === "hex") {
+    return getModelAnsi("rgb", level, type, ...ansi_styles_default.hexToRgb(...arguments_));
+  }
+  return ansi_styles_default[type][model](...arguments_);
+};
+var usedModels = ["rgb", "hex", "ansi256"];
+for (const model of usedModels) {
+  styles2[model] = {
+    get() {
+      const { level } = this;
+      return function(...arguments_) {
+        const styler = createStyler(getModelAnsi(model, levelMapping[level], "color", ...arguments_), ansi_styles_default.color.close, this[STYLER]);
+        return createBuilder(this, styler, this[IS_EMPTY]);
+      };
+    }
+  };
+  const bgModel = "bg" + model[0].toUpperCase() + model.slice(1);
+  styles2[bgModel] = {
+    get() {
+      const { level } = this;
+      return function(...arguments_) {
+        const styler = createStyler(getModelAnsi(model, levelMapping[level], "bgColor", ...arguments_), ansi_styles_default.bgColor.close, this[STYLER]);
+        return createBuilder(this, styler, this[IS_EMPTY]);
+      };
+    }
+  };
+}
+var proto = Object.defineProperties(() => {
+}, {
+  ...styles2,
+  level: {
+    enumerable: true,
+    get() {
+      return this[GENERATOR].level;
+    },
+    set(level) {
+      this[GENERATOR].level = level;
+    }
+  }
+});
+var createStyler = (open, close, parent) => {
+  let openAll;
+  let closeAll;
+  if (parent === void 0) {
+    openAll = open;
+    closeAll = close;
+  } else {
+    openAll = parent.openAll + open;
+    closeAll = close + parent.closeAll;
+  }
+  return {
+    open,
+    close,
+    openAll,
+    closeAll,
+    parent
+  };
+};
+var createBuilder = (self, _styler, _isEmpty) => {
+  const builder = (...arguments_) => applyStyle(builder, arguments_.length === 1 ? "" + arguments_[0] : arguments_.join(" "));
+  Object.setPrototypeOf(builder, proto);
+  builder[GENERATOR] = self;
+  builder[STYLER] = _styler;
+  builder[IS_EMPTY] = _isEmpty;
+  return builder;
+};
+var applyStyle = (self, string) => {
+  if (self.level <= 0 || !string) {
+    return self[IS_EMPTY] ? "" : string;
+  }
+  let styler = self[STYLER];
+  if (styler === void 0) {
+    return string;
+  }
+  const { openAll, closeAll } = styler;
+  if (string.includes("\x1B")) {
+    while (styler !== void 0) {
+      string = stringReplaceAll(string, styler.close, styler.open);
+      styler = styler.parent;
+    }
+  }
+  const lfIndex = string.indexOf("\n");
+  if (lfIndex !== -1) {
+    string = stringEncaseCRLFWithFirstIndex(string, closeAll, openAll, lfIndex);
+  }
+  return openAll + string + closeAll;
+};
+Object.defineProperties(createChalk.prototype, styles2);
+var chalk = createChalk();
+var chalkStderr = createChalk({ level: stderrColor ? stderrColor.level : 0 });
+var source_default = chalk;
+
+// src/audit/reporter.ts
+var STATUS_ICON = {
+  PROTECTED: source_default.green("\u2705"),
+  PARTIAL: source_default.yellow("\u26A0\uFE0F"),
+  NOT_PROTECTED: source_default.red("\u274C")
+};
+var STATUS_LABEL = {
+  PROTECTED: source_default.green.bold("PROTECTED"),
+  PARTIAL: source_default.yellow.bold("PARTIAL"),
+  NOT_PROTECTED: source_default.red.bold("NOT PROTECTED")
+};
+var EV_ICON = {
+  found: source_default.green("\u2022"),
+  missing: source_default.red("\u2022"),
+  warn: source_default.yellow("\u2022"),
+  info: source_default.dim("\u2022")
+};
+function printHeader() {
+  console.log("");
+  const title = "  SolonGate Security Audit \u2014 OWASP Agentic Top 10  ";
+  const border = "\u2500".repeat(title.length);
+  console.log(source_default.bold.white("\u250C" + border + "\u2510"));
+  console.log(source_default.bold.white("\u2502") + title + source_default.bold.white("\u2502"));
+  console.log(source_default.bold.white("\u2514" + border + "\u2518"));
+  console.log("");
+}
+function printLogSummary(data) {
+  if (data.sources.length > 0) {
+    console.log(source_default.dim("  AI Tools: ") + data.sources.join(", "));
+  } else {
+    console.log(source_default.dim("  AI Tools: ") + source_default.red("No AI tool logs found"));
+  }
+  console.log(source_default.dim("  Sessions: ") + `${data.sessions.length} total, ${data.totalToolCalls} tool calls`);
+  if (data.timeRange) {
+    const from = new Date(data.timeRange.from).toLocaleDateString();
+    const to = new Date(data.timeRange.to).toLocaleDateString();
+    console.log(source_default.dim("  Period: ") + `${from} \u2014 ${to}`);
+  }
+  console.log("");
+}
+function calcScore(results) {
+  let score = 0, fixCount = 0;
+  for (const r of results) {
+    if (r.status === "PROTECTED") score += 1;
+    else if (r.status === "PARTIAL") score += 0.5;
+    if (r.status === "NOT_PROTECTED") fixCount++;
+  }
+  return { intScore: Math.floor(score), fixCount };
+}
+function printCompactReport(results) {
+  const sorted = [...results].sort((a, b) => {
+    const order = { PROTECTED: 0, PARTIAL: 1, NOT_PROTECTED: 2 };
+    return order[a.status] - order[b.status];
+  });
+  for (const r of sorted) {
+    console.log(`${STATUS_ICON[r.status]} ${`${r.code} ${r.title}`.padEnd(24)} ${STATUS_LABEL[r.status]}`);
+    console.log(source_default.dim(`   ${r.summary}`));
+  }
+  console.log("");
+}
+function printScore(results) {
+  const { intScore, fixCount } = calcScore(results);
+  console.log(`  Security Score: ${(intScore >= 7 ? source_default.green : intScore >= 4 ? source_default.yellow : source_default.red).bold(`${intScore}/10`)}`);
+  console.log("");
+  if (fixCount > 0) {
+    console.log(`  Fix ${fixCount} critical issue${fixCount > 1 ? "s" : ""} \u2192 ${source_default.cyan.underline("solongate.com")}`);
+  } else if (intScore < 10) {
+    console.log(source_default.yellow.dim("  No critical gaps, but improvements possible."));
+  } else {
+    console.log(source_default.green.bold("  Maximum protection achieved!"));
+  }
+  console.log("");
+}
+function printDetailedReport(results) {
+  const sorted = [...results].sort((a, b) => {
+    const order = { PROTECTED: 0, PARTIAL: 1, NOT_PROTECTED: 2 };
+    return order[a.status] - order[b.status];
+  });
+  console.log(source_default.bold("\u2500".repeat(56)));
+  console.log(source_default.bold("  DETAILED ANALYSIS"));
+  console.log(source_default.bold("\u2500".repeat(56)));
+  console.log("");
+  for (const r of sorted) {
+    console.log(`  ${STATUS_ICON[r.status]} ${source_default.bold(`${r.code} ${r.title}`)}  ${STATUS_LABEL[r.status]}`);
+    console.log(`     ${r.summary}`);
+    console.log("");
+    for (const e of r.evidence) {
+      const lines = e.text.split("\n");
+      console.log(`     ${EV_ICON[e.icon]} ${lines[0]}`);
+      for (let i = 1; i < lines.length; i++) console.log(`       ${lines[i]}`);
+    }
+    console.log("");
+    console.log(`     ${source_default.dim(r.details)}`);
+    if (r.recommendation) {
+      console.log("");
+      console.log(`     ${source_default.cyan("\u279C")} ${source_default.cyan(r.recommendation)}`);
+    }
+    console.log("");
+    console.log(source_default.dim("     " + "\u2500".repeat(46)));
+    console.log("");
+  }
+}
+function printFooter(results) {
+  const { intScore, fixCount } = calcScore(results);
+  console.log(`  Security Score: ${intScore}/10` + (fixCount > 0 ? " \u2014 Critical risks detected." : ""));
+  if (fixCount > 0) {
+    console.log(`  Run ${source_default.cyan("npx solongate")} to fix \u2192 ${source_default.cyan.underline("solongate.com")}`);
+  }
+  console.log("");
+}
+var SOURCE_COLOR = {
+  claude: source_default.magenta,
+  gemini: source_default.blue,
+  openclaw: source_default.green
+};
+var SOURCE_LABEL = {
+  claude: "Claude",
+  gemini: "Gemini",
+  openclaw: "OClaw"
+};
+function truncate(s, max) {
+  if (s.length <= max) return s;
+  return s.slice(0, max - 1) + "\u2026";
+}
+function formatTime(ts) {
+  if (!ts) return "          ";
+  try {
+    const d = new Date(ts);
+    return d.toLocaleTimeString("en-GB", { hour: "2-digit", minute: "2-digit", second: "2-digit" });
+  } catch {
+    return ts.slice(11, 19);
+  }
+}
+function formatDate(ts) {
+  if (!ts) return "";
+  try {
+    const d = new Date(ts);
+    return d.toLocaleDateString("en-GB", { day: "2-digit", month: "2-digit" });
+  } catch {
+    return "";
+  }
+}
+function extractArgSummary(args2) {
+  if (args2.command) return String(args2.command);
+  if (args2.file_path) return String(args2.file_path);
+  if (args2.path) return String(args2.path);
+  if (args2.pattern) return String(args2.pattern);
+  if (args2.url) return String(args2.url);
+  if (args2.query) return String(args2.query);
+  if (args2.old_string) return `"${String(args2.old_string).slice(0, 30)}" \u2192 "${String(args2.new_string || "").slice(0, 30)}"`;
+  if (args2.content) return `[${String(args2.content).length} chars]`;
+  const keys = Object.keys(args2);
+  if (keys.length > 0) return JSON.stringify(args2);
+  return "";
+}
+function printToolCall(tc, detailed = false, model) {
+  const color = SOURCE_COLOR[tc.source] || source_default.white;
+  const label = SOURCE_LABEL[tc.source] || tc.source;
+  const time = formatTime(tc.timestamp);
+  const tool = truncate(tc.toolName, 16);
+  const errorMark = tc.isError ? source_default.red(" ERR") : "";
+  if (!detailed) {
+    const argSummary = truncate(extractArgSummary(tc.arguments).replace(/[\n\r]/g, " "), 70);
+    console.log(
+      `  ${source_default.dim(time)} ${color(label.padEnd(6))} ${source_default.white(tool.padEnd(17))} ${source_default.dim(argSummary)}${errorMark}`
+    );
+    return;
+  }
+  console.log(
+    `  ${source_default.dim(time)} ${color(label.padEnd(6))} ${source_default.white.bold(tool)}${errorMark}`
+  );
+  console.log(`  ${" ".repeat(9)}${source_default.dim("ID:")} ${source_default.dim(tc.id.slice(0, 12))}  ${source_default.dim("Session:")} ${source_default.dim(tc.sessionId.slice(0, 12))}${model ? "  " + source_default.dim("Model:") + " " + source_default.dim(model) : ""}`);
+  const argStr = extractArgSummary(tc.arguments).replace(/[\n\r]/g, " ");
+  if (argStr.length > 0) {
+    if (argStr.length <= 120) {
+      console.log(`  ${" ".repeat(9)}${source_default.cyan("\u25B8")} ${argStr}`);
+    } else {
+      const lines = argStr.match(/.{1,120}/g) || [argStr];
+      console.log(`  ${" ".repeat(9)}${source_default.cyan("\u25B8")} ${lines[0]}`);
+      for (let i = 1; i < Math.min(lines.length, 4); i++) {
+        console.log(`  ${" ".repeat(11)}${lines[i]}`);
+      }
+      if (lines.length > 4) console.log(`  ${" ".repeat(11)}${source_default.dim(`... +${lines.length - 4} more lines`)}`);
+    }
+  }
+  if (tc.result) {
+    const resultStr = tc.result.replace(/[\n\r]+/g, " ").trim();
+    if (resultStr.length > 0) {
+      const icon = tc.isError ? source_default.red("\u2718") : source_default.green("\u2714");
+      const preview = truncate(resultStr, 120);
+      console.log(`  ${" ".repeat(9)}${icon} ${source_default.dim(preview)}`);
+    }
+  }
+  console.log("");
+}
+function printLogs(data, limit = 50, detailed = true) {
+  console.log("");
+  console.log(source_default.bold("  Recent Tool Calls"));
+  console.log(source_default.dim("  " + "\u2500".repeat(90)));
+  if (!detailed) {
+    console.log(source_default.dim("  Time     Source Tool              Arguments"));
+    console.log(source_default.dim("  " + "\u2500".repeat(90)));
+  }
+  const sessionMap = new Map(data.sessions.map((s) => [s.id, s]));
+  const allCalls = data.sessions.flatMap((s) => s.toolCalls).sort((a, b) => (a.timestamp || "").localeCompare(b.timestamp || ""));
+  const recent = allCalls.slice(-limit);
+  let lastDate = "";
+  for (const tc of recent) {
+    const date = formatDate(tc.timestamp);
+    if (date !== lastDate) {
+      lastDate = date;
+      console.log(source_default.dim(`
+  \u2500\u2500 ${date} \u2500\u2500`));
+    }
+    const session = sessionMap.get(tc.sessionId);
+    printToolCall(tc, detailed, session?.model);
+  }
+  const errorCount = recent.filter((tc) => tc.isError).length;
+  const sources = [...new Set(recent.map((tc) => tc.source))];
+  console.log("");
+  console.log(source_default.dim(`  Showing last ${recent.length} of ${allCalls.length} total tool calls`));
+  if (errorCount > 0) {
+    console.log(source_default.dim(`  ${errorCount} error(s) in view | Sources: ${sources.join(", ")}`));
+  }
+  console.log("");
+}
+
+// src/audit/export.ts
+import { writeFileSync as writeFileSync2 } from "fs";
+import { resolve as resolve3 } from "path";
+function getFilePath(ext) {
+  return resolve3(process.cwd(), `solongate-audit-report.${ext}`);
+}
+function exportJSON({ data, results }) {
+  const { intScore } = calcScore(results);
+  const allCalls = data.sessions.flatMap(
+    (s) => s.toolCalls.map((tc) => ({
+      ...tc,
+      model: s.model || null
+    }))
+  );
+  const payload = {
+    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    score: intScore,
+    maxScore: 10,
+    summary: {
+      sources: data.sources,
+      sessions: data.sessions.length,
+      totalToolCalls: data.totalToolCalls,
+      timeRange: data.timeRange
+    },
+    auditResults: results.map((r) => ({
+      code: r.code,
+      title: r.title,
+      status: r.status,
+      summary: r.summary,
+      details: r.details,
+      recommendation: r.recommendation || null,
+      evidence: r.evidence
+    })),
+    sessions: data.sessions.map((s) => ({
+      id: s.id,
+      source: s.source,
+      model: s.model || null,
+      startTime: s.startTime,
+      endTime: s.endTime || null,
+      filePath: s.filePath,
+      toolCallCount: s.toolCalls.length
+    })),
+    toolCalls: allCalls.sort((a, b) => (a.timestamp || "").localeCompare(b.timestamp || ""))
+  };
+  const filePath = getFilePath("json");
+  writeFileSync2(filePath, JSON.stringify(payload, null, 2), "utf-8");
+  return filePath;
+}
+function escapeCSV(value) {
+  const str = String(value ?? "");
+  if (str.includes(",") || str.includes('"') || str.includes("\n") || str.includes("\r")) {
+    return '"' + str.replace(/"/g, '""') + '"';
+  }
+  return str;
+}
+function exportCSV({ data }) {
+  const headers = ["timestamp", "source", "sessionId", "model", "toolCallId", "toolName", "arguments", "result", "isError"];
+  const rows = [headers.join(",")];
+  const sessionMap = new Map(data.sessions.map((s) => [s.id, s]));
+  const allCalls = data.sessions.flatMap((s) => s.toolCalls).sort((a, b) => (a.timestamp || "").localeCompare(b.timestamp || ""));
+  for (const tc of allCalls) {
+    const session = sessionMap.get(tc.sessionId);
+    rows.push([
+      escapeCSV(tc.timestamp),
+      escapeCSV(tc.source),
+      escapeCSV(tc.sessionId),
+      escapeCSV(session?.model || ""),
+      escapeCSV(tc.id),
+      escapeCSV(tc.toolName),
+      escapeCSV(JSON.stringify(tc.arguments)),
+      escapeCSV(tc.result || ""),
+      escapeCSV(tc.isError ? "true" : "false")
+    ].join(","));
+  }
+  const filePath = getFilePath("csv");
+  writeFileSync2(filePath, rows.join("\n"), "utf-8");
+  return filePath;
+}
+function escapeHTML(str) {
+  return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
+}
+function exportHTML({ data, results }) {
+  const { intScore, fixCount } = calcScore(results);
+  const allCalls = data.sessions.flatMap((s) => s.toolCalls).sort((a, b) => (b.timestamp || "").localeCompare(a.timestamp || ""));
+  const sessionMap = new Map(data.sessions.map((s) => [s.id, s]));
+  const errorCount = allCalls.filter((tc) => tc.isError).length;
+  const statusIcon = {
+    PROTECTED: "&#x2705;",
+    PARTIAL: "&#x26A0;&#xFE0F;",
+    NOT_PROTECTED: "&#x274C;"
+  };
+  const sourceLabel = {
+    claude: "Claude",
+    gemini: "Gemini",
+    openclaw: "OpenClaw"
+  };
+  const pillClass = {
+    PROTECTED: "pill pill-green",
+    PARTIAL: "pill pill-yellow",
+    NOT_PROTECTED: "pill pill-red"
+  };
+  const auditRows = results.sort((a, b) => {
+    const order = { PROTECTED: 0, PARTIAL: 1, NOT_PROTECTED: 2 };
+    return (order[a.status] ?? 2) - (order[b.status] ?? 2);
+  }).map((r) => `
+      <tr>
+        <td style="text-align:center;font-size:14px">${statusIcon[r.status]}</td>
+        <td><span class="code-tag">${escapeHTML(r.code)}</span></td>
+        <td class="cat">${escapeHTML(r.title)}</td>
+        <td><span class="${pillClass[r.status]}">${r.status.replace(/_/g, " ")}</span></td>
+        <td class="det">${escapeHTML(r.summary)}</td>
+        <td class="det">${r.recommendation ? escapeHTML(r.recommendation) : ""}</td>
+      </tr>`).join("");
+  const toolRows = allCalls.map((tc) => {
+    const session = sessionMap.get(tc.sessionId);
+    const argFull = escapeHTML(JSON.stringify(tc.arguments, null, 2));
+    const hasArgs = argFull !== "{}";
+    const resStr = escapeHTML((tc.result || "").slice(0, 500));
+    const src = tc.source;
+    const srcClass = "src-" + src;
+    const time = tc.timestamp ? new Date(tc.timestamp).toLocaleTimeString("en-GB", { hour: "2-digit", minute: "2-digit", second: "2-digit" }) : "";
+    const dateShort = tc.timestamp ? new Date(tc.timestamp).toLocaleDateString("en-GB", { day: "2-digit", month: "2-digit" }) : "";
+    const dateFull = tc.timestamp ? new Date(tc.timestamp).toLocaleDateString("en-GB", { day: "numeric", month: "long", year: "numeric" }) : "";
+    return `
+      <tr class="log-row ${tc.isError ? "err-row" : ""}" data-source="${src}" data-date="${dateFull}">
+        <td class="ts"><span class="d">${dateShort}</span> ${time}</td>
+        <td><span class="src-tag ${srcClass}">${sourceLabel[src] || src}</span></td>
+        <td class="tool">${escapeHTML(tc.toolName)}${tc.isError ? '<span class="err-tag">ERR</span>' : ""}</td>
+        <td class="args">${hasArgs ? `<div class="acc"><span class="acc-toggle">args</span><div class="acc-body"><div><pre>${argFull}</pre></div></div></div>` : '<span style="color:#2a2a2e">&mdash;</span>'}</td>
+        <td>${resStr ? `<div class="acc"><span class="acc-toggle">${tc.isError ? '<span style="color:#f87171">error</span>' : "result"}</span><div class="acc-body"><div><pre>${resStr}</pre></div></div></div>` : '<span style="color:#2a2a2e">&mdash;</span>'}</td>
+        <td class="meta">${escapeHTML(tc.id.slice(0, 8))}<br>${escapeHTML(session?.model || "-")}</td>
+      </tr>`;
+  }).join("");
+  const scoreColor = intScore >= 7 ? "#22c55e" : intScore >= 4 ? "#eab308" : "#ef4444";
+  const logoHtml = `<img src="https://cdn.solongate.com/icon-256x256.png" alt="SolonGate" width="36" height="36" style="border-radius:8px">`;
+  const html = `<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<link rel="icon" type="image/png" href="https://cdn.solongate.com/icon-32x32.png" sizes="32x32">
+<link rel="icon" type="image/png" href="https://cdn.solongate.com/icon-16x16.png" sizes="16x16">
+<link rel="apple-touch-icon" href="https://cdn.solongate.com/icon-192x192.png">
+<title>SolonGate Audit Report</title>
+<style>
+  :root { --bg: #0c0c0e; --surface: #161618; --surface2: #1e1e21; --border: #2a2a2e; --text: #e8e8ec; --text2: #8b8b96; --accent: #7c8aff; }
+  * { box-sizing: border-box; margin: 0; padding: 0; }
+
+  /* Custom scrollbar \u2014 thin, dark, auto-hide */
+  *::-webkit-scrollbar { width: 5px; height: 5px; }
+  *::-webkit-scrollbar-track { background: transparent; }
+  *::-webkit-scrollbar-thumb { background: transparent; border-radius: 4px; transition: background 0.3s; }
+  *:hover::-webkit-scrollbar-thumb { background: #333; }
+  *::-webkit-scrollbar-thumb:hover { background: #555; }
+  *::-webkit-scrollbar-button { display: none; width: 0; height: 0; }
+  * { scrollbar-width: thin; scrollbar-color: transparent transparent; }
+  *:hover { scrollbar-color: #333 transparent; }
+  body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Helvetica, Arial, sans-serif; background: var(--bg); color: var(--text); line-height: 1.6; -webkit-font-smoothing: antialiased; }
+  .wrap { max-width: 1360px; margin: 0 auto; padding: 48px 40px 80px; }
+
+  /* Header */
+  .hdr { display: flex; align-items: center; gap: 14px; margin-bottom: 40px; }
+  .hdr svg { flex-shrink: 0; }
+  .hdr-text h1 { font-size: 20px; font-weight: 600; letter-spacing: -0.3px; color: #fff; }
+  .hdr-text p { font-size: 12px; color: var(--text2); margin-top: 1px; }
+
+  /* Grid */
+  .grid4 { display: grid; grid-template-columns: repeat(4, 1fr); gap: 12px; margin-bottom: 28px; }
+  @media (max-width: 800px) { .grid4 { grid-template-columns: repeat(2, 1fr); } }
+  .card { background: var(--surface); border: 1px solid var(--border); border-radius: 10px; padding: 18px 20px; }
+  .card-label { font-size: 10px; color: var(--text2); text-transform: uppercase; letter-spacing: 1.2px; font-weight: 500; }
+  .card-val { font-size: 26px; font-weight: 700; margin-top: 4px; color: #fff; }
+  .card-sub { font-size: 11px; color: var(--text2); margin-top: 2px; }
+
+  /* Score */
+  .score-bar { background: var(--surface); border: 1px solid var(--border); border-radius: 10px; padding: 24px 28px; margin-bottom: 28px; display: flex; align-items: center; gap: 24px; }
+  .ring { width: 80px; height: 80px; position: relative; flex-shrink: 0; }
+  .ring svg { width: 100%; height: 100%; transform: rotate(-90deg); }
+  .ring circle { fill: none; stroke-width: 6; }
+  .ring .track { stroke: var(--surface2); }
+  .ring .fill { stroke: ${scoreColor}; stroke-linecap: round; stroke-dasharray: 0 251; }
+  .ring .num { position: absolute; inset: 0; display: flex; align-items: center; justify-content: center; font-size: 22px; font-weight: 700; color: ${scoreColor}; }
+  .score-txt h3 { font-size: 15px; font-weight: 600; color: #fff; }
+  .score-txt p { font-size: 13px; color: var(--text2); margin-top: 2px; }
+  .score-txt a { color: ${scoreColor}; text-decoration: none; font-weight: 500; }
+
+  /* Section */
+  .sec { margin-bottom: 28px; }
+  .sec-hdr { font-size: 13px; font-weight: 600; color: var(--text2); text-transform: uppercase; letter-spacing: 0.8px; margin-bottom: 12px; display: flex; align-items: center; gap: 8px; }
+  .sec-count { background: var(--surface2); font-size: 10px; padding: 1px 7px; border-radius: 8px; font-weight: 600; color: var(--text2); }
+
+  /* Table */
+  table { width: 100%; border-collapse: collapse; background: var(--surface); border: 1px solid var(--border); border-radius: 10px; overflow: hidden; }
+  th { text-align: left; padding: 10px 14px; background: var(--surface2); font-size: 10px; text-transform: uppercase; letter-spacing: 0.8px; color: var(--text2); font-weight: 600; }
+  td { padding: 9px 14px; border-top: 1px solid var(--border); font-size: 12px; vertical-align: top; }
+  tbody tr { transition: background 0.15s; }
+  tbody tr:hover { background: rgba(124,138,255,0.04); }
+  .err-row { background: rgba(239,68,68,0.05); }
+  .err-row:hover { background: rgba(239,68,68,0.08); }
+
+  /* Badges */
+  .pill { display: inline-block; padding: 2px 9px; border-radius: 4px; font-size: 10px; font-weight: 600; text-transform: uppercase; letter-spacing: 0.3px; }
+  .pill-green { background: rgba(34,197,94,0.12); color: #4ade80; }
+  .pill-yellow { background: rgba(234,179,8,0.12); color: #facc15; }
+  .pill-red { background: rgba(239,68,68,0.12); color: #f87171; }
+  .code-tag { color: var(--accent); font-weight: 600; font-size: 11px; }
+  .src-tag { display: inline-block; padding: 1px 7px; border-radius: 3px; font-size: 10px; font-weight: 600; }
+  .src-claude { background: rgba(192,132,252,0.12); color: #c084fc; }
+  .src-gemini { background: rgba(96,165,250,0.12); color: #60a5fa; }
+  .src-openclaw { background: rgba(74,222,128,0.12); color: #4ade80; }
+  .err-tag { background: rgba(239,68,68,0.15); color: #f87171; padding: 0 5px; border-radius: 3px; font-size: 9px; font-weight: 700; margin-left: 4px; }
+  .cat { font-weight: 500; }
+  .det { font-size: 11px; color: var(--text2); max-width: 280px; line-height: 1.4; }
+
+  /* Mono cells */
+  .ts { white-space: nowrap; font-family: 'SF Mono', 'Cascadia Code', 'Consolas', monospace; font-size: 11px; color: var(--text2); }
+  .ts .d { color: #3f3f46; }
+  .tool { font-family: 'SF Mono', 'Cascadia Code', 'Consolas', monospace; font-size: 11px; font-weight: 500; white-space: nowrap; }
+  .args { font-family: 'SF Mono', 'Cascadia Code', 'Consolas', monospace; font-size: 11px; max-width: 380px; word-break: break-all; line-height: 1.4; }
+  .meta { font-family: 'SF Mono', 'Cascadia Code', 'Consolas', monospace; font-size: 10px; color: var(--text2); white-space: nowrap; }
+
+  /* Accordion \u2014 animated with CSS grid trick */
+  .acc { margin-top: 4px; }
+  .acc-toggle { cursor: pointer; color: var(--accent); font-size: 10px; font-weight: 500; user-select: none; display: inline-flex; align-items: center; gap: 3px; opacity: 0.7; transition: opacity 0.15s; }
+  .acc-toggle:hover { opacity: 1; }
+  .acc-toggle::before { content: '\\25B8'; font-size: 8px; transition: transform 0.25s cubic-bezier(0.4, 0, 0.2, 1); display: inline-block; }
+  .acc-body { display: grid; grid-template-rows: 0fr; transition: grid-template-rows 0.3s cubic-bezier(0.4, 0, 0.2, 1), opacity 0.25s ease; opacity: 0; }
+  .acc-body > div { overflow: hidden; }
+  .acc.open .acc-toggle::before { transform: rotate(90deg); }
+  .acc.open .acc-body { grid-template-rows: 1fr; opacity: 1; }
+  .acc pre { background: var(--bg); padding: 10px 12px; border-radius: 6px; margin-top: 6px; font-size: 10px; max-height: 220px; overflow: auto; white-space: pre-wrap; word-break: break-all; border: 1px solid var(--border); color: var(--text2); line-height: 1.5; }
+
+  /* Filter */
+  .filters { display: flex; gap: 8px; margin-bottom: 12px; flex-wrap: wrap; }
+  .filters input, .filters select { background: var(--surface); border: 1px solid var(--border); color: var(--text); padding: 7px 12px; border-radius: 6px; font-size: 12px; outline: none; transition: border-color 0.2s; }
+  .filters input:focus, .filters select:focus { border-color: var(--accent); }
+  .filters input { flex: 1; min-width: 220px; }
+
+  /* Pagination */
+  .pager { display: flex; align-items: center; justify-content: center; gap: 4px; margin-top: 16px; flex-wrap: wrap; }
+  .pager button { background: var(--surface); border: 1px solid var(--border); color: var(--text2); padding: 6px 12px; border-radius: 6px; font-size: 12px; cursor: pointer; transition: background 0.15s, color 0.15s, border-color 0.15s; }
+  .pager button:hover { background: var(--surface2); color: var(--text); }
+  .pager button.active { background: var(--accent); color: #000; border-color: var(--accent); font-weight: 600; }
+  .pager button:disabled { opacity: 0.3; cursor: default; }
+  .pager .pager-info { font-size: 11px; color: var(--text2); margin: 0 8px; }
+  .date-sep { background: var(--surface2); }
+  .date-sep td { padding: 6px 14px; font-size: 11px; font-weight: 600; color: var(--text2); letter-spacing: 0.5px; border: none; }
+
+  /* Skeleton loading */
+  .skel-row td { padding: 12px 14px; }
+  .skel-bar { height: 12px; border-radius: 4px; background: var(--surface2); position: relative; overflow: hidden; }
+  .skel-bar::after { content: ''; position: absolute; inset: 0; background: linear-gradient(90deg, transparent, rgba(255,255,255,0.03), transparent); animation: shimmer 1.8s infinite; }
+  @keyframes shimmer { 0% { transform: translateX(-100%); } 100% { transform: translateX(100%); } }
+  .skel-w1 { width: 72px; }
+  .skel-w2 { width: 52px; }
+  .skel-w3 { width: 88px; }
+  .skel-w4 { width: 120px; }
+  .skel-w5 { width: 90px; }
+  .skel-w6 { width: 60px; }
+  #lt tbody.loading .log-row { display: none; }
+  #lt tbody.loading .date-sep { display: none; }
+
+  /* Footer */
+  .ftr { text-align: center; margin-top: 56px; padding-top: 24px; border-top: 1px solid var(--border); }
+  .ftr a { color: var(--text2); text-decoration: none; font-size: 12px; font-weight: 500; transition: color 0.15s; }
+  .ftr a:hover { color: #fff; }
+  .ftr p { color: #3f3f46; font-size: 11px; margin-top: 4px; }
+
+  @media print {
+    body { background: #fff; color: #111; }
+    .wrap { padding: 16px; }
+    .card, .score-bar, table { background: #fff; border-color: #e5e5e5; }
+    th { background: #f5f5f5; color: #333; }
+    td { border-color: #eee; }
+    .acc pre { background: #f8f8f8; border-color: #e5e5e5; }
+    tbody tr:hover { background: transparent; }
+    .err-row { background: #fef2f2; }
+    .filters { display: none; }
+    @page { size: A4 landscape; margin: 8mm; }
+  }
+</style>
+</head>
+<body>
+<div class="wrap">
+
+<div class="hdr">
+  ${logoHtml}
+  <div class="hdr-text">
+    <h1>Security Audit</h1>
+    <p>OWASP Agentic Top 10 &middot; ${(/* @__PURE__ */ new Date()).toLocaleDateString("en-GB", { day: "numeric", month: "short", year: "numeric" })}</p>
+  </div>
+</div>
+
+<div class="grid4">
+  <div class="card"><div class="card-label">AI Tools</div><div class="card-val">${data.sources.length}</div><div class="card-sub">${data.sources.join(", ") || "None"}</div></div>
+  <div class="card"><div class="card-label">Sessions</div><div class="card-val">${data.sessions.length}</div><div class="card-sub">${data.timeRange ? new Date(data.timeRange.from).toLocaleDateString("en-GB", { day: "numeric", month: "short" }) + " &ndash; " + new Date(data.timeRange.to).toLocaleDateString("en-GB", { day: "numeric", month: "short", year: "numeric" }) : "-"}</div></div>
+  <div class="card"><div class="card-label">Tool Calls</div><div class="card-val">${data.totalToolCalls.toLocaleString()}</div><div class="card-sub">${errorCount > 0 ? errorCount + " error" + (errorCount > 1 ? "s" : "") : "No errors"}</div></div>
+  <div class="card"><div class="card-label">Critical Issues</div><div class="card-val" style="color:${fixCount > 0 ? "#f87171" : "#4ade80"}">${fixCount}</div><div class="card-sub">${fixCount > 0 ? "need attention" : "none"}</div></div>
+</div>
+
+<div class="score-bar">
+  <div class="ring">
+    <svg viewBox="0 0 100 100"><circle class="track" cx="50" cy="50" r="40"/><circle class="fill" cx="50" cy="50" r="40"/></svg>
+    <div class="num">${intScore}</div>
+  </div>
+  <div class="score-txt">
+    <h3>${intScore}/10</h3>
+    <p>${intScore >= 7 ? "Good protection." : intScore >= 4 ? "Several categories need attention." : "Critical gaps across multiple categories."}</p>
+    ${fixCount > 0 ? `<p style="margin-top:6px"><a href="https://solongate.com">Fix ${fixCount} issue${fixCount > 1 ? "s" : ""} &rarr;</a></p>` : ""}
+  </div>
+</div>
+
+<div class="sec">
+  <div class="sec-hdr">Audit Results <span class="sec-count">${results.length}</span></div>
+  <table>
+    <thead><tr><th style="width:32px"></th><th>Code</th><th>Category</th><th>Status</th><th>Details</th><th>Recommendation</th></tr></thead>
+    <tbody>${auditRows}</tbody>
+  </table>
+</div>
+
+<div class="sec">
+  <div class="sec-hdr">Tool Calls <span class="sec-count">${allCalls.length.toLocaleString()}</span></div>
+  <div class="filters">
+    <input type="text" id="q" placeholder="Search..." oninput="applyFilters()">
+    <select id="sf" onchange="applyFilters()"><option value="">All sources</option><option value="claude">Claude</option><option value="gemini">Gemini</option><option value="openclaw">OpenClaw</option></select>
+    <select id="ef" onchange="applyFilters()"><option value="">All</option><option value="e">Errors</option><option value="s">Success</option></select>
+    <select id="df" onchange="applyFilters()"><option value="">All dates</option></select>
+  </div>
+  <table id="lt">
+    <thead><tr><th>Time</th><th>Source</th><th>Tool</th><th>Arguments</th><th>Result</th><th>Meta</th></tr></thead>
+    <tbody class="loading">
+      ${Array.from({ length: 12 }, () => `<tr class="skel-row"><td><div class="skel-bar skel-w1"></div></td><td><div class="skel-bar skel-w2"></div></td><td><div class="skel-bar skel-w3"></div></td><td><div class="skel-bar skel-w4"></div></td><td><div class="skel-bar skel-w5"></div></td><td><div class="skel-bar skel-w6"></div></td></tr>`).join("")}
+      ${toolRows}
+    </tbody>
+  </table>
+  <div class="pager" id="pager"></div>
+</div>
+
+<div class="ftr">
+  <a href="https://solongate.com">solongate.com</a>
+  <p>AI Agent Security</p>
+</div>
+
+</div>
+<script>
+(function(){
+  var PER_PAGE = 100;
+  var page = 1;
+  var allRows = Array.from(document.querySelectorAll('#lt tbody tr.log-row'));
+  var filtered = allRows.slice();
+  var tbody = document.querySelector('#lt tbody');
+
+  // Populate date dropdown
+  var dates = [];
+  var seen = {};
+  allRows.forEach(function(r){
+    var d = r.getAttribute('data-date');
+    if(d && !seen[d]){ seen[d]=1; dates.push(d); }
+  });
+  var df = document.getElementById('df');
+  dates.forEach(function(d){
+    var o = document.createElement('option');
+    o.value = d; o.textContent = d;
+    df.appendChild(o);
+  });
+
+  // Accordion
+  document.addEventListener('click',function(e){
+    var t=e.target.closest('.acc-toggle');
+    if(t){t.closest('.acc').classList.toggle('open');}
+  });
+
+  function applyFilters(){
+    var q = document.getElementById('q').value.toLowerCase();
+    var s = document.getElementById('sf').value;
+    var ef = document.getElementById('ef').value;
+    var dv = document.getElementById('df').value;
+    filtered = allRows.filter(function(r){
+      var txt = r.textContent.toLowerCase();
+      var src = r.getAttribute('data-source')||'';
+      var dt = r.getAttribute('data-date')||'';
+      var err = r.classList.contains('err-row');
+      return (!q||txt.indexOf(q)!==-1)&&(!s||src===s)&&(!dv||dt===dv)&&(!ef||(ef==='e'&&err)||(ef==='s'&&!err));
+    });
+    page = 1;
+    render();
+  }
+  window.applyFilters = applyFilters;
+
+  function render(){
+    var total = filtered.length;
+    var pages = Math.max(1, Math.ceil(total / PER_PAGE));
+    if(page > pages) page = pages;
+    var start = (page-1)*PER_PAGE;
+    var end = Math.min(start+PER_PAGE, total);
+    var slice = filtered.slice(start, end);
+
+    // Clear tbody and insert date-grouped rows
+    tbody.innerHTML = '';
+    var lastDate = '';
+    slice.forEach(function(r){
+      var d = r.getAttribute('data-date')||'';
+      if(d && d !== lastDate){
+        lastDate = d;
+        var sep = document.createElement('tr');
+        sep.className = 'date-sep';
+        sep.innerHTML = '<td colspan="6">' + d + '</td>';
+        tbody.appendChild(sep);
+      }
+      tbody.appendChild(r);
+    });
+
+    // Pagination controls
+    var pager = document.getElementById('pager');
+    var html = '';
+    html += '<button '+(page<=1?'disabled':'')+' onclick="pg('+(page-1)+')">&lsaquo;</button>';
+    var s = Math.max(1, page-3), e = Math.min(pages, page+3);
+    if(s > 1) html += '<button onclick="pg(1)">1</button>';
+    if(s > 2) html += '<span class="pager-info">&hellip;</span>';
+    for(var i=s;i<=e;i++){
+      html += '<button class="'+(i===page?'active':'')+'" onclick="pg('+i+')">'+i+'</button>';
+    }
+    if(e < pages-1) html += '<span class="pager-info">&hellip;</span>';
+    if(e < pages) html += '<button onclick="pg('+pages+')">'+pages+'</button>';
+    html += '<button '+(page>=pages?'disabled':'')+' onclick="pg('+(page+1)+')">&rsaquo;</button>';
+    html += '<span class="pager-info">' + (start+1) + '&ndash;' + end + ' of ' + total + '</span>';
+    pager.innerHTML = html;
+  }
+
+  window.pg = function(p){ page=p; render(); window.scrollTo({top:document.getElementById('lt').offsetTop-80,behavior:'smooth'}); };
+
+  // Score ring animation
+  requestAnimationFrame(function(){setTimeout(function(){
+    var c=document.querySelector('.ring .fill');
+    if(c) c.style.strokeDasharray='${Math.round(intScore / 10 * 251)} 251';
+  },100)});
+
+  // Remove skeleton, show real rows
+  tbody.classList.remove('loading');
+  document.querySelectorAll('.skel-row').forEach(function(r){ r.remove(); });
+  render();
+})();
+</script>
+</body>
+</html>`;
+  const filePath = getFilePath("html");
+  writeFileSync2(filePath, html, "utf-8");
+  return filePath;
+}
+function exportPDF(payload) {
+  const { data, results } = payload;
+  const htmlPath = exportHTML(payload);
+  const pdfHtml = `<!DOCTYPE html>
+<html><head>
+<meta charset="UTF-8">
+<meta http-equiv="refresh" content="0;url=${htmlPath.replace(/\\/g, "/")}">
+</head>
+<body>
+<p>Opening report... If not redirected, <a href="${htmlPath.replace(/\\/g, "/")}">click here</a> and press Ctrl+P to save as PDF.</p>
+</body></html>`;
+  const filePath = getFilePath("pdf.html");
+  writeFileSync2(filePath, pdfHtml, "utf-8");
+  return filePath;
+}
+function exportAll(payload) {
+  return [
+    exportJSON(payload),
+    exportCSV(payload),
+    exportHTML(payload),
+    exportPDF(payload)
+  ];
+}
+function runExport(format, payload) {
+  console.log("");
+  if (format === "all") {
+    const files = exportAll(payload);
+    for (const f of files) {
+      console.log(`  ${source_default.green("\u2714")} ${f}`);
+    }
+  } else {
+    let filePath;
+    switch (format) {
+      case "json":
+        filePath = exportJSON(payload);
+        break;
+      case "csv":
+        filePath = exportCSV(payload);
+        break;
+      case "html":
+        filePath = exportHTML(payload);
+        break;
+      case "pdf":
+        filePath = exportPDF(payload);
+        break;
+      default:
+        console.log(source_default.red(`  Unknown format: ${format}`));
+        console.log(source_default.dim("  Supported: json, csv, html, pdf, all"));
+        process.exit(1);
+    }
+    console.log(`  ${source_default.green("\u2714")} Exported: ${filePath}`);
+  }
+  console.log("");
+}
+
+// src/audit/spinner.ts
+var FRAMES = ["\u280B", "\u2819", "\u2839", "\u2838", "\u283C", "\u2834", "\u2826", "\u2827", "\u2807", "\u280F"];
+var Spinner = class {
+  interval = null;
+  frame = 0;
+  message;
+  constructor(message) {
+    this.message = message;
+  }
+  start() {
+    this.frame = 0;
+    this.interval = setInterval(() => {
+      const icon = source_default.cyan(FRAMES[this.frame % FRAMES.length]);
+      process.stdout.write(`\r  ${icon} ${source_default.dim(this.message)}`);
+      this.frame++;
+    }, 80);
+    return this;
+  }
+  update(message) {
+    this.message = message;
+  }
+  stop(finalMessage) {
+    if (this.interval) {
+      clearInterval(this.interval);
+      this.interval = null;
+    }
+    process.stdout.write("\r\x1B[2K");
+    if (finalMessage) {
+      console.log(`  ${source_default.green("\u2714")} ${source_default.dim(finalMessage)}`);
+    }
+  }
+};
+
+// src/audit/index.ts
+var args = process.argv.slice(2);
+if (args.includes("--add-dir")) {
+  const idx = args.indexOf("--add-dir");
+  const dir = args[idx + 1];
+  if (!dir) {
+    console.log("  Usage: solongate-audit --add-dir <path>");
+    process.exit(1);
+  }
+  addDir(dir);
+  process.exit(0);
+}
+if (args.includes("--remove-dir")) {
+  const idx = args.indexOf("--remove-dir");
+  const dir = args[idx + 1];
+  if (!dir) {
+    console.log("  Usage: solongate-audit --remove-dir <path>");
+    process.exit(1);
+  }
+  removeDir(dir);
+  process.exit(0);
+}
+if (args.includes("--list-dirs")) {
+  listDirs();
+  process.exit(0);
+}
+if (args.includes("--search")) {
+  searchLogs();
+  process.exit(0);
+}
+if (args.includes("--help") || args.includes("-h")) {
+  console.log(`
+  solongate-audit \u2014 AI agent audit log tool
+
+  Usage:
+    npx solongate-audit                 Scan logs and show report
+    npx solongate-audit --detailed      Show detailed analysis per category
+    npx solongate-audit --logs          Show recent tool calls (last 50)
+    npx solongate-audit --logs 100      Show last N tool calls
+    npx solongate-audit --watch         Live monitoring with log feed
+    npx solongate-audit --json          Machine-readable JSON output
+
+  Export:
+    npx solongate-audit --export json   Export full report as JSON
+    npx solongate-audit --export csv    Export tool calls as CSV
+    npx solongate-audit --export html   Export visual HTML report
+    npx solongate-audit --export pdf    Export PDF-ready HTML (print to PDF)
+    npx solongate-audit --export all    Export all formats at once
+
+  Log directories:
+    npx solongate-audit --search        Search system for AI tool logs
+    npx solongate-audit --list-dirs     Show all log directories
+    npx solongate-audit --add-dir <path>    Add a custom log directory
+    npx solongate-audit --remove-dir <path> Remove a custom log directory
+
+  Config: ~/.solongate-audit/config.json
+`);
+  process.exit(0);
+}
+var showDetailed = args.includes("--detailed") || args.includes("-d");
+var showJson = args.includes("--json");
+var showWatch = args.includes("--watch") || args.includes("-w");
+var showLogs = args.includes("--logs") || args.includes("-l");
+var showExport = args.includes("--export") || args.includes("-e");
+function getLogLimit() {
+  const idx = args.indexOf("--logs") !== -1 ? args.indexOf("--logs") : args.indexOf("-l");
+  if (idx !== -1 && args[idx + 1] && !args[idx + 1].startsWith("-")) {
+    return parseInt(args[idx + 1], 10) || 50;
+  }
+  return 50;
+}
+function runAudit(silent = false) {
+  const spinner = silent ? null : new Spinner("Scanning AI tool logs...");
+  spinner?.start();
+  const data = collectLogs();
+  spinner?.update("Running OWASP Agentic Top 10 checks...");
+  const results = runAllChecks(data);
+  const { intScore } = calcScore(results);
+  spinner?.stop(`Scanned ${data.totalToolCalls} tool calls across ${data.sessions.length} sessions`);
+  return { data, results, intScore };
+}
+function printReport(data, results) {
+  printHeader();
+  printLogSummary(data);
+  printCompactReport(results);
+  printScore(results);
+  if (showDetailed) {
+    printDetailedReport(results);
+    printFooter(results);
+  }
+}
+if (showExport) {
+  const idx = args.indexOf("--export") !== -1 ? args.indexOf("--export") : args.indexOf("-e");
+  const format = args[idx + 1];
+  if (!format || format.startsWith("-")) {
+    console.log("  Usage: solongate-audit --export <json|csv|html|pdf|all>");
+    process.exit(1);
+  }
+  const { data, results } = runAudit();
+  printReport(data, results);
+  runExport(format, { data, results });
+  process.exit(0);
+}
+if (showWatch) {
+  let lastToolCount = 0;
+  let lastSessionCount = 0;
+  let seenIds = /* @__PURE__ */ new Set();
+  const init = () => {
+    const { data, results } = runAudit();
+    lastToolCount = data.totalToolCalls;
+    lastSessionCount = data.sessions.length;
+    for (const tc of data.sessions.flatMap((s) => s.toolCalls)) {
+      seenIds.add(tc.id + tc.timestamp);
+    }
+    process.stdout.write("\x1B[2J\x1B[H");
+    printReport(data, results);
+    const allCalls = data.sessions.flatMap((s) => s.toolCalls).sort((a, b) => (a.timestamp || "").localeCompare(b.timestamp || ""));
+    const last10 = allCalls.slice(-10);
+    console.log("");
+    console.log(source_default.bold("  Live Log Feed"));
+    console.log(source_default.dim("  " + "\u2500".repeat(80)));
+    console.log(source_default.dim("  Time     Source Tool              Arguments"));
+    console.log(source_default.dim("  " + "\u2500".repeat(80)));
+    for (const tc of last10) {
+      printToolCall(tc, true);
+    }
+    console.log("");
+    console.log(source_default.dim("  Waiting for new tool calls..."));
+  };
+  init();
+  setInterval(() => {
+    const { data, results } = runAudit(true);
+    if (data.totalToolCalls !== lastToolCount || data.sessions.length !== lastSessionCount) {
+      const newCalls = data.sessions.flatMap((s) => s.toolCalls).filter((tc) => !seenIds.has(tc.id + tc.timestamp)).sort((a, b) => (a.timestamp || "").localeCompare(b.timestamp || ""));
+      if (newCalls.length > 0) {
+        process.stdout.write("\x1B[1A\x1B[2K");
+        for (const tc of newCalls) {
+          seenIds.add(tc.id + tc.timestamp);
+          printToolCall(tc, true);
+        }
+        const { intScore } = calcScore(results);
+        const errorCount = data.sessions.flatMap((s) => s.toolCalls).filter((tc) => tc.isError).length;
+        console.log("");
+        console.log(source_default.dim(`  ${data.totalToolCalls} calls | ${data.sessions.length} sessions | ${errorCount} errors | Score: ${intScore}/10 | LIVE`));
+      }
+      lastToolCount = data.totalToolCalls;
+      lastSessionCount = data.sessions.length;
+    }
+  }, 2e3);
+} else if (showLogs) {
+  const { data } = runAudit();
+  printHeader();
+  printLogSummary(data);
+  printLogs(data, getLogLimit());
+} else {
+  const { data, results, intScore } = runAudit(showJson);
+  if (showJson) {
+    console.log(JSON.stringify({
+      score: intScore,
+      maxScore: 10,
+      results,
+      summary: {
+        sources: data.sources,
+        sessions: data.sessions.length,
+        totalToolCalls: data.totalToolCalls,
+        timeRange: data.timeRange
+      }
+    }, null, 2));
+  } else {
+    printReport(data, results);
+  }
+  process.exit(intScore >= 7 ? 0 : 1);
+}