@surfinguard/core-engine 0.1.0 → 1.0.0

package/dist/session-tracker.js

@@ -0,0 +1,286 @@
+import { loadChainPatterns } from './patterns.js';
+const SESSION_TIMEOUT_MS = 30 * 60 * 1000; // 30 minutes
+const MAX_ACTIONS_PER_SESSION = 50;
+const TREND_WINDOW = 5; // Number of recent actions to compute trend
+/**
+ * In-memory session tracker for multi-step attack chain detection.
+ */
+export class SessionTracker {
+    sessions = new Map();
+    chainDefinitions;
+    constructor() {
+        this.chainDefinitions = loadChainPatterns().chains;
+    }
+    /**
+     * Record an action result in a session and detect chains.
+     */
+    recordAction(sessionId, input, result, agentId) {
+        const session = this.getOrCreateSession(sessionId, agentId);
+        const now = Date.now();
+        const summary = {
+            type: input.type,
+            value: input.value,
+            score: result.score,
+            level: result.level,
+            primitive: result.primitive,
+            timestamp: now,
+        };
+        // Append action (cap at MAX_ACTIONS)
+        if (session.actions.length >= MAX_ACTIONS_PER_SESSION) {
+            session.actions.shift();
+        }
+        session.actions.push(summary);
+        session.actionCount++;
+        session.lastActivityAt = now;
+        // Update peak score
+        if (result.score > session.peakScore) {
+            session.peakScore = result.score;
+        }
+        // Update cumulative primitive scores
+        if (result.primitive) {
+            session.cumulativePrimitiveScores[result.primitive] =
+                (session.cumulativePrimitiveScores[result.primitive] || 0) + result.score;
+        }
+        // Detect chains
+        const chainDetections = this.detectChains(session);
+        session.activeChains = chainDetections.map((c) => c.chainId);
+        // Compute risk trend
+        session.riskTrend = this.computeTrend(session);
+        // Calculate context boost from chains
+        const contextBoost = chainDetections.reduce((sum, c) => sum + c.scoreBoost, 0);
+        return {
+            contextBoost,
+            chainDetections,
+            riskTrend: session.riskTrend,
+        };
+    }
+    /**
+     * Get a session by ID.
+     */
+    getSession(sessionId) {
+        const session = this.sessions.get(sessionId);
+        if (session && this.isExpired(session)) {
+            this.sessions.delete(sessionId);
+            return undefined;
+        }
+        return session;
+    }
+    /**
+     * Get session summary info (for API responses).
+     */
+    getSessionInfo(sessionId) {
+        const session = this.getSession(sessionId);
+        if (!session)
+            return undefined;
+        return {
+            sessionId: session.sessionId,
+            agentId: session.agentId,
+            startedAt: session.startedAt,
+            lastActivityAt: session.lastActivityAt,
+            actionCount: session.actionCount,
+            peakScore: session.peakScore,
+            riskTrend: session.riskTrend,
+            activeChains: session.activeChains,
+        };
+    }
+    /**
+     * Build an ActionContext from session state (for passing to engine).
+     */
+    buildContext(sessionId) {
+        const session = this.getSession(sessionId);
+        if (!session)
+            return undefined;
+        // Compute trust level from session behavior (lower with more danger)
+        const dangerCount = session.actions.filter((a) => a.level === 'DANGER').length;
+        const trustLevel = Math.max(0, 1.0 - dangerCount * 0.2);
+        return {
+            sessionId: session.sessionId,
+            agentId: session.agentId,
+            priorActions: session.actions.slice(),
+            trustLevel,
+        };
+    }
+    /**
+     * Clear a specific session.
+     */
+    clearSession(sessionId) {
+        this.sessions.delete(sessionId);
+    }
+    /**
+     * Remove all expired sessions.
+     */
+    pruneExpiredSessions() {
+        let pruned = 0;
+        for (const [id, session] of this.sessions) {
+            if (this.isExpired(session)) {
+                this.sessions.delete(id);
+                pruned++;
+            }
+        }
+        return pruned;
+    }
+    /**
+     * Get all active session IDs.
+     */
+    getActiveSessionIds() {
+        this.pruneExpiredSessions();
+        return Array.from(this.sessions.keys());
+    }
+    getOrCreateSession(sessionId, agentId) {
+        let session = this.sessions.get(sessionId);
+        if (session && this.isExpired(session)) {
+            this.sessions.delete(sessionId);
+            session = undefined;
+        }
+        if (!session) {
+            const now = Date.now();
+            session = {
+                sessionId,
+                agentId,
+                startedAt: now,
+                lastActivityAt: now,
+                actionCount: 0,
+                cumulativePrimitiveScores: {
+                    DESTRUCTION: 0,
+                    EXFILTRATION: 0,
+                    ESCALATION: 0,
+                    PERSISTENCE: 0,
+                    MANIPULATION: 0,
+                },
+                peakScore: 0,
+                actions: [],
+                activeChains: [],
+                riskTrend: 'stable',
+            };
+            this.sessions.set(sessionId, session);
+        }
+        return session;
+    }
+    isExpired(session) {
+        return Date.now() - session.lastActivityAt > SESSION_TIMEOUT_MS;
+    }
+    /**
+     * Detect active chains in a session by walking chain definitions.
+     */
+    detectChains(session) {
+        const detections = [];
+        const now = Date.now();
+        for (const chain of this.chainDefinitions) {
+            const windowStart = now - chain.windowMs;
+            const windowActions = session.actions.filter((a) => a.timestamp >= windowStart);
+            if (windowActions.length === 0)
+                continue;
+            // Handle repeat-only chains (like CH08)
+            if (chain.minOccurrences && chain.steps.length === 1 && chain.steps[0].repeat) {
+                const step = chain.steps[0];
+                const matches = windowActions.filter((a) => this.actionMatchesStep(a, step));
+                if (matches.length >= chain.minOccurrences) {
+                    detections.push({
+                        chainId: chain.id,
+                        name: chain.name,
+                        matchedSteps: matches.slice(0, chain.minOccurrences).map(() => step.label),
+                        scoreBoost: chain.scoreBoost,
+                    });
+                }
+                continue;
+            }
+            // Walk steps in order through the actions
+            const matchedSteps = [];
+            let stepIndex = 0;
+            let currentStepMatched = false;
+            for (const action of windowActions) {
+                if (stepIndex >= chain.steps.length)
+                    break;
+                const currentStep = chain.steps[stepIndex];
+                if (this.actionMatchesStep(action, currentStep)) {
+                    matchedSteps.push(currentStep.label);
+                    currentStepMatched = true;
+                    // If step repeats and there's a next step, check if we should advance
+                    if (currentStep.repeat && stepIndex + 1 < chain.steps.length) {
+                        const nextStep = chain.steps[stepIndex + 1];
+                        if (this.actionMatchesStep(action, nextStep)) {
+                            // This action matches both — prefer progression
+                            stepIndex++;
+                            currentStepMatched = false;
+                            matchedSteps[matchedSteps.length - 1] = nextStep.label;
+                        }
+                        // else stay on current repeating step
+                    }
+                    else if (!currentStep.repeat) {
+                        stepIndex++;
+                        currentStepMatched = false;
+                    }
+                }
+                else if (currentStep.repeat && currentStepMatched && stepIndex + 1 < chain.steps.length) {
+                    // Current repeating step was matched before but this action doesn't match it
+                    // Try advancing to the next step
+                    const nextStep = chain.steps[stepIndex + 1];
+                    if (this.actionMatchesStep(action, nextStep)) {
+                        matchedSteps.push(nextStep.label);
+                        stepIndex += 2;
+                        currentStepMatched = false;
+                    }
+                }
+            }
+            if (stepIndex >= chain.steps.length || matchedSteps.length >= chain.steps.length) {
+                detections.push({
+                    chainId: chain.id,
+                    name: chain.name,
+                    matchedSteps,
+                    scoreBoost: chain.scoreBoost,
+                });
+            }
+        }
+        return detections;
+    }
+    actionMatchesStep(action, step) {
+        // Action type must match
+        if (!step.actionTypes.includes(action.type))
+            return false;
+        // Min score check
+        if (step.minScore !== undefined && action.score < step.minScore)
+            return false;
+        // Primitive check
+        if (step.primitives && step.primitives.length > 0) {
+            if (!action.primitive || !step.primitives.includes(action.primitive))
+                return false;
+        }
+        // Value pattern check (case-insensitive substring)
+        if (step.valuePatterns && step.valuePatterns.length > 0) {
+            const lowerValue = action.value.toLowerCase();
+            const matches = step.valuePatterns.some((p) => lowerValue.includes(p.toLowerCase()));
+            if (!matches)
+                return false;
+        }
+        return true;
+    }
+    computeTrend(session) {
+        const actions = session.actions;
+        if (actions.length < 3)
+            return 'stable';
+        const recentCount = Math.min(TREND_WINDOW, actions.length);
+        const recent = actions.slice(-recentCount);
+        const olderCount = Math.min(TREND_WINDOW, actions.length - recentCount);
+        if (olderCount === 0) {
+            // Only recent actions available — check if scores are ascending
+            const firstHalf = recent.slice(0, Math.floor(recent.length / 2));
+            const secondHalf = recent.slice(Math.floor(recent.length / 2));
+            const avgFirst = firstHalf.reduce((s, a) => s + a.score, 0) / firstHalf.length;
+            const avgSecond = secondHalf.reduce((s, a) => s + a.score, 0) / secondHalf.length;
+            if (avgSecond > avgFirst + 1)
+                return 'rising';
+            if (avgSecond < avgFirst - 1)
+                return 'declining';
+            return 'stable';
+        }
+        const older = actions.slice(-(recentCount + olderCount), -recentCount);
+        const avgRecent = recent.reduce((s, a) => s + a.score, 0) / recent.length;
+        const avgOlder = older.reduce((s, a) => s + a.score, 0) / older.length;
+        if (avgRecent > avgOlder + 1)
+            return 'rising';
+        if (avgRecent < avgOlder - 1)
+            return 'declining';
+        return 'stable';
+    }
+}
+//# sourceMappingURL=session-tracker.js.map

package/dist/session-tracker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-tracker.js","sourceRoot":"","sources":["../src/session-tracker.ts"],"names":[],"mappings":"AAWA,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAElD,MAAM,kBAAkB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,aAAa;AACxD,MAAM,uBAAuB,GAAG,EAAE,CAAC;AACnC,MAAM,YAAY,GAAG,CAAC,CAAC,CAAC,4CAA4C;AAEpE;;GAEG;AACH,MAAM,OAAO,cAAc;IACjB,QAAQ,GAAG,IAAI,GAAG,EAAwB,CAAC;IAC3C,gBAAgB,CAAoB;IAE5C;QACE,IAAI,CAAC,gBAAgB,GAAG,iBAAiB,EAAE,CAAC,MAAM,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,YAAY,CACV,SAAiB,EACjB,KAAkB,EAClB,MAAmB,EACnB,OAAgB;QAMhB,MAAM,OAAO,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,OAAO,GAAkB;YAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,SAAS,EAAE,GAAG;SACf,CAAC;QAEF,qCAAqC;QACrC,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,IAAI,uBAAuB,EAAE,CAAC;YACtD,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAC1B,CAAC;QACD,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,WAAW,EAAE,CAAC;QACtB,OAAO,CAAC,cAAc,GAAG,GAAG,CAAC;QAE7B,oBAAoB;QACpB,IAAI,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;YACrC,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC;QACnC,CAAC;QAED,qCAAqC;QACrC,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,OAAO,CAAC,yBAAyB,CAAC,MAAM,CAAC,SAAS,CAAC;gBACjD,CAAC,OAAO,CAAC,yBAAyB,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC;QAC9E,CAAC;QAED,gBAAgB;QAChB,MAAM,eAAe,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QACnD,OAAO,CAAC,YAAY,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAE7D,qBAAqB;QACrB,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAE/C,sCAAsC;QACtC,MAAM,YAAY,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAE/E,OAAO;YACL,YAAY;YACZ,eAAe;YACf,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,SAAiB;QAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC7C,IAAI,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;YACvC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAChC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,SAAiB;QAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO;YAAE,OAAO,SAAS,CAAC;QAC/B,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,YAAY,EAAE,OAAO,CAAC,YAAY;SACnC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,SAAiB;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO;YAAE,OAAO,SAAS,CAAC;QAE/B,qEAAqE;QACrE,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;QAC/E,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,WAAW,GAAG,GAAG,CAAC,CAAC;QAExD,OAAO;YACL,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE;YACrC,UAAU;SACX,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,SAAiB;QAC5B,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,oBAAoB;QAClB,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,KAAK,MAAM,CAAC,EAAE,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1C,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACzB,MAAM,EAAE,CAAC;YACX,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,mBAAmB;QACjB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;IAC1C,CAAC;IAEO,kBAAkB,CAAC,SAAiB,EAAE,OAAgB;QAC5D,IAAI,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;YACvC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAChC,OAAO,GAAG,SAAS,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,OAAO,GAAG;gBACR,SAAS;gBACT,OAAO;gBACP,SAAS,EAAE,GAAG;gBACd,cAAc,EAAE,GAAG;gBACnB,WAAW,EAAE,CAAC;gBACd,yBAAyB,EAAE;oBACzB,WAAW,EAAE,CAAC;oBACd,YAAY,EAAE,CAAC;oBACf,UAAU,EAAE,CAAC;oBACb,WAAW,EAAE,CAAC;oBACd,YAAY,EAAE,CAAC;iBAChB;gBACD,SAAS,EAAE,CAAC;gBACZ,OAAO,EAAE,EAAE;gBACX,YAAY,EAAE,EAAE;gBAChB,SAAS,EAAE,QAAQ;aACpB,CAAC;YACF,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,SAAS,CAAC,OAAqB;QACrC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,cAAc,GAAG,kBAAkB,CAAC;IAClE,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,OAAqB;QACxC,MAAM,UAAU,GAAqB,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC1C,MAAM,WAAW,GAAG,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC;YACzC,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,WAAW,CAAC,CAAC;YAEhF,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YAEzC,wCAAwC;YACxC,IAAI,KAAK,CAAC,cAAc,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC9E,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC5B,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;gBAC7E,IAAI,OAAO,CAAC,MAAM,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;oBAC3C,UAAU,CAAC,IAAI,CAAC;wBACd,OAAO,EAAE,KAAK,CAAC,EAAE;wBACjB,IAAI,EAAE,KAAK,CAAC,IAAI;wBAChB,YAAY,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC;wBAC1E,UAAU,EAAE,KAAK,CAAC,UAAU;qBAC7B,CAAC,CAAC;gBACL,CAAC;gBACD,SAAS;YACX,CAAC;YAED,0CAA0C;YAC1C,MAAM,YAAY,GAAa,EAAE,CAAC;YAClC,IAAI,SAAS,GAAG,CAAC,CAAC;YAClB,IAAI,kBAAkB,GAAG,KAAK,CAAC;YAE/B,KAAK,MAAM,MAAM,IAAI,aAAa,EAAE,CAAC;gBACnC,IAAI,SAAS,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM;oBAAE,MAAM;gBAE3C,MAAM,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBAE3C,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,WAAW,CAAC,EAAE,CAAC;oBAChD,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;oBACrC,kBAAkB,GAAG,IAAI,CAAC;oBAE1B,sEAAsE;oBACtE,IAAI,WAAW,CAAC,MAAM,IAAI,SAAS,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;wBAC7D,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;wBAC5C,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC;4BAC7C,gDAAgD;4BAChD,SAAS,EAAE,CAAC;4BACZ,kBAAkB,GAAG,KAAK,CAAC;4BAC3B,YAAY,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC;wBACzD,CAAC;wBACD,sCAAsC;oBACxC,CAAC;yBAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;wBAC/B,SAAS,EAAE,CAAC;wBACZ,kBAAkB,GAAG,KAAK,CAAC;oBAC7B,CAAC;gBACH,CAAC;qBAAM,IAAI,WAAW,CAAC,MAAM,IAAI,kBAAkB,IAAI,SAAS,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;oBAC1F,6EAA6E;oBAC7E,iCAAiC;oBACjC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;oBAC5C,IAAI,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC;wBAC7C,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;wBAClC,SAAS,IAAI,CAAC,CAAC;wBACf,kBAAkB,GAAG,KAAK,CAAC;oBAC7B,CAAC;gBACH,CAAC;YACH,CAAC;YAED,IAAI,SAAS,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjF,UAAU,CAAC,IAAI,CAAC;oBACd,OAAO,EAAE,KAAK,CAAC,EAAE;oBACjB,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,YAAY;oBACZ,UAAU,EAAE,KAAK,CAAC,UAAU;iBAC7B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,iBAAiB,CACvB,MAAqB,EACrB,IAKC;QAED,yBAAyB;QACzB,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC;QAE1D,kBAAkB;QAClB,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,IAAI,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAE9E,kBAAkB;QAClB,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClD,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC;gBAAE,OAAO,KAAK,CAAC;QACrF,CAAC;QAED,mDAAmD;QACnD,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxD,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;YAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;YACrF,IAAI,CAAC,OAAO;gBAAE,OAAO,KAAK,CAAC;QAC7B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,YAAY,CAAC,OAAqB;QACxC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;QAChC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,QAAQ,CAAC;QAExC,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,OAAO,CAAC,MAAM,GAAG,WAAW,CAAC,CAAC;QAExE,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;YACrB,gEAAgE;YAChE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YACjE,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YAC/D,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,SAAS,CAAC,MAAM,CAAC;YAC/E,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,UAAU,CAAC,MAAM,CAAC;YAElF,IAAI,SAAS,GAAG,QAAQ,GAAG,CAAC;gBAAE,OAAO,QAAQ,CAAC;YAC9C,IAAI,SAAS,GAAG,QAAQ,GAAG,CAAC;gBAAE,OAAO,WAAW,CAAC;YACjD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW,GAAG,UAAU,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC;QACvE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC;QAC1E,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC;QAEvE,IAAI,SAAS,GAAG,QAAQ,GAAG,CAAC;YAAE,OAAO,QAAQ,CAAC;QAC9C,IAAI,SAAS,GAAG,QAAQ,GAAG,CAAC;YAAE,OAAO,WAAW,CAAC;QACjD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@surfinguard/core-engine",
-  "version": "0.1.0",
-  "description": "Heuristic scoring engine for the Surfinguard AI Security SDK — 5 analyzers, 68 threat patterns",
+  "version": "1.0.0",
+  "description": "Heuristic scoring engine for the Surfinguard AI Security SDK — 18 analyzers, 152 threat patterns",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -11,16 +11,12 @@
       "import": "./dist/index.js"
     }
   },
-  "files": ["dist", "patterns"],
-  "scripts": {
-    "build": "tsc",
-    "test": "vitest run",
-    "test:watch": "vitest",
-    "clean": "rm -rf dist",
-    "lint": "eslint src/"
-  },
+  "files": [
+    "dist",
+    "patterns"
+  ],
   "dependencies": {
-    "@surfinguard/types": "workspace:^"
+    "@surfinguard/types": "^1.0.0"
   },
   "license": "MIT",
   "repository": {
@@ -40,5 +36,12 @@
   ],
   "engines": {
     "node": ">=20.0.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "clean": "rm -rf dist",
+    "lint": "tsc --noEmit"
   }
-}
+}

package/patterns/agent-comm.json

@@ -0,0 +1,97 @@
+{
+  "version": "1.0.0",
+  "threats": [
+    {
+      "id": "MA01",
+      "name": "Malicious task delegation",
+      "primitive": "ESCALATION",
+      "severity": 8,
+      "description": "Agent spawns or delegates tasks to other agents to bypass permissions or escalate capabilities"
+    },
+    {
+      "id": "MA02",
+      "name": "Context poisoning across agents",
+      "primitive": "MANIPULATION",
+      "severity": 8,
+      "description": "Agent injects or modifies shared context, memory, or system prompts of other agents"
+    },
+    {
+      "id": "MA03",
+      "name": "Tool sharing escalation",
+      "primitive": "ESCALATION",
+      "severity": 8,
+      "description": "Agent shares sensitive tools or capabilities with untrusted or unauthorized agents"
+    },
+    {
+      "id": "MA04",
+      "name": "MCP tool abuse",
+      "primitive": "ESCALATION",
+      "severity": 8,
+      "description": "Agent connects to untrusted MCP servers or invokes arbitrary MCP tools"
+    }
+  ],
+  "taskDelegationPatterns": [
+    "spawn.*agent",
+    "delegate.*task",
+    "create.*sub-?agent",
+    "fork.*agent",
+    "launch.*worker.*agent",
+    "assign.*agent.*task",
+    "new.*agent.*execute",
+    "dispatch.*to.*agent",
+    "instruct.*agent"
+  ],
+  "contextPoisoningPatterns": [
+    "inject.*context",
+    "override.*system.*prompt",
+    "modify.*agent.*memory",
+    "alter.*shared.*context",
+    "poison.*context",
+    "corrupt.*agent.*state",
+    "rewrite.*agent.*instructions",
+    "overwrite.*memory",
+    "manipulate.*context.*window"
+  ],
+  "toolSharingPatterns": [
+    "share.*tool.*with",
+    "grant.*tool.*access",
+    "expose.*tool.*to",
+    "delegate.*tool",
+    "forward.*capability",
+    "pass.*permission.*agent",
+    "allow.*agent.*use.*tool",
+    "transfer.*tool.*access"
+  ],
+  "mcpAbusePatterns": [
+    "mcp.*call.*unknown",
+    "mcp.*server.*untrust",
+    "connect.*mcp.*server",
+    "invoke.*mcp.*tool",
+    "mcp.*execute.*arbitrary",
+    "add.*mcp.*server",
+    "install.*mcp.*plugin",
+    "mcp.*run.*command",
+    "use_mcp_tool"
+  ],
+  "sensitiveTools": [
+    "file_write",
+    "command",
+    "api_call",
+    "database",
+    "payment",
+    "email",
+    "admin",
+    "deploy",
+    "delete"
+  ],
+  "safePatterns": [
+    "list.*agents",
+    "get.*agent.*status",
+    "query.*agent",
+    "describe.*agent",
+    "check.*agent.*health",
+    "read.*agent.*config",
+    "monitor.*agent",
+    "log.*agent"
+  ]
+}

package/patterns/api-call.json

@@ -0,0 +1,175 @@
+{
+  "version": "1.0.0",
+  "threats": [
+    {
+      "id": "A01",
+      "name": "Destructive API calls",
+      "primitive": "DESTRUCTION",
+      "severity": 8,
+      "description": "DELETE, bulk delete, or destructive HTTP methods targeting critical resources"
+    },
+    {
+      "id": "A02",
+      "name": "Unauthorized external data send",
+      "primitive": "EXFILTRATION",
+      "severity": 7,
+      "description": "POST/PUT to external endpoints with sensitive data in body"
+    },
+    {
+      "id": "A03",
+      "name": "Cloud metadata access (SSRF)",
+      "primitive": "ESCALATION",
+      "severity": 9,
+      "description": "Access to cloud metadata endpoints (169.254.169.254, etc.)"
+    },
+    {
+      "id": "A04",
+      "name": "Internal service access",
+      "primitive": "ESCALATION",
+      "severity": 6,
+      "description": "Access to admin, internal, or management endpoints"
+    },
+    {
+      "id": "A05",
+      "name": "Token/credential forwarding",
+      "primitive": "EXFILTRATION",
+      "severity": 9,
+      "description": "Forwarding Authorization, API key, or session tokens to external services"
+    },
+    {
+      "id": "A06",
+      "name": "Webhook manipulation",
+      "primitive": "EXFILTRATION",
+      "severity": 6,
+      "description": "Registering or modifying webhook/callback URLs"
+    },
+    {
+      "id": "A07",
+      "name": "DNS exfiltration via API",
+      "primitive": "EXFILTRATION",
+      "severity": 8,
+      "description": "Using DNS or subdomain patterns to exfiltrate data via API calls"
+    },
+    {
+      "id": "A08",
+      "name": "Rate limit abuse patterns",
+      "primitive": "DESTRUCTION",
+      "severity": 4,
+      "description": "Patterns suggesting automated or high-frequency API abuse"
+    },
+    {
+      "id": "A09",
+      "name": "Unauthorized transaction endpoints",
+      "primitive": "DESTRUCTION",
+      "severity": 8,
+      "description": "Access to payment, transfer, or purchase endpoints"
+    },
+    {
+      "id": "A10",
+      "name": "Email/message sending endpoints",
+      "primitive": "EXFILTRATION",
+      "severity": 6,
+      "description": "Triggering email or message sends that could exfiltrate data"
+    }
+  ],
+  "destructiveEndpoints": [
+    "/users",
+    "/accounts",
+    "/admin/delete",
+    "/admin/reset",
+    "/admin/purge",
+    "/api/destroy",
+    "/bulk/delete",
+    "/database/drop",
+    "/data/wipe",
+    "/reset",
+    "/clear",
+    "/remove-all",
+    "/nuke"
+  ],
+  "exfiltrationPatterns": [
+    "password",
+    "secret",
+    "api_key",
+    "apikey",
+    "api-key",
+    "access_token",
+    "private_key",
+    "credit_card",
+    "ssn",
+    "social_security",
+    "credentials"
+  ],
+  "ssrfTargets": [
+    "169.254.169.254",
+    "metadata.google.internal",
+    "metadata.internal",
+    "127.0.0.1",
+    "localhost",
+    "0.0.0.0",
+    "[::1]",
+    "10.",
+    "172.16.",
+    "172.17.",
+    "172.18.",
+    "172.19.",
+    "172.20.",
+    "172.21.",
+    "172.22.",
+    "172.23.",
+    "172.24.",
+    "172.25.",
+    "172.26.",
+    "172.27.",
+    "172.28.",
+    "172.29.",
+    "172.30.",
+    "172.31.",
+    "192.168."
+  ],
+  "sensitiveHeaders": [
+    "authorization",
+    "x-api-key",
+    "x-auth-token",
+    "cookie",
+    "set-cookie",
+    "x-csrf-token",
+    "x-session-id",
+    "proxy-authorization"
+  ],
+  "webhookPatterns": [
+    "/webhook",
+    "/callback",
+    "/hook",
+    "/notify",
+    "/webhooks/create",
+    "/integrations/webhook",
+    "/api/hooks"
+  ],
+  "transactionEndpoints": [
+    "/payment",
+    "/pay",
+    "/transfer",
+    "/purchase",
+    "/checkout",
+    "/billing",
+    "/charge",
+    "/transaction",
+    "/withdraw",
+    "/send-money",
+    "/wire"
+  ],
+  "safeEndpoints": [
+    "/health",
+    "/healthz",
+    "/status",
+    "/version",
+    "/ping",
+    "/ready",
+    "/readiness",
+    "/liveness",
+    "/metrics",
+    "/favicon.ico",
+    "/robots.txt"
+  ]
+}