npm - @titanshield/core - Versions diffs - 0.1.0 - Mend

@titanshield/core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (87) hide show

package/dist/scanner.js ADDED Viewed

@@ -0,0 +1,364 @@
+"use strict";
+// ══════════════════════════════════════════════════════════════════════════════
+// TitanShieldAI — scanner.ts
+//
+// WORLD'S FIRST: AI Security Code Scanner for Pre-Deploy Vulnerability Detection
+//
+// Scans your codebase BEFORE it deploys. Finds security issues while you're
+// still writing code — not after hackers exploit them in production.
+//
+// Unlike Snyk (dependency scanner) or SonarQube (requires enterprise license):
+//   - Understands YOUR code's context with Gemini AI
+//   - Explains vulnerabilities in plain English (not CVE jargon)
+//   - Provides exact fix with before/after code diff
+//   - Runs in < 2 minutes on a normal codebase
+//   - Zero config — just: npx titanshield scan ./src
+//
+// What it finds:
+//   - Unvalidated user input going directly to DB / shell / eval
+//   - Hardcoded secrets (API keys, passwords, tokens)
+//   - Missing auth checks on sensitive routes
+//   - Insecure direct object references (IDOR)
+//   - SQL/Command/XSS injection patterns
+//   - Overly permissive CORS configs
+//   - Dependency prototype pollution
+//   - JWT algorithm confusion attacks
+//   - Timing attack vulnerabilities
+// ══════════════════════════════════════════════════════════════════════════════
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AISecurityScanner = void 0;
+const fs_1 = require("fs");
+const path_1 = require("path");
+const generative_ai_1 = require("@google/generative-ai");
+// ── Static pattern scanner (fast, no AI needed) ───────────────────────────────
+const STATIC_PATTERNS = [
+    {
+        pattern: /(?:api[_-]?key|apikey|secret|password|passwd|token)\s*[:=]\s*["'](?!process\.env|os\.environ)[a-zA-Z0-9+/=_-]{8,}/gi,
+        category: 'hardcoded_secret',
+        severity: 'critical',
+        title: 'Hardcoded Secret Detected',
+        description: 'A secret key, password, or token is hardcoded directly in your source code. Anyone who sees your code (including GitHub) can steal it and use it.',
+        effort: '5 minutes',
+    },
+    {
+        pattern: /eval\s*\(\s*(?:req\.|request\.|params\.|query\.|body\.)/g,
+        category: 'injection',
+        severity: 'critical',
+        title: 'eval() with User Input — Remote Code Execution Risk',
+        description: 'You are passing user-controlled data into eval(). This lets attackers run any code they want on your server. This is one of the most dangerous vulnerabilities that exists.',
+        effort: '30 minutes',
+    },
+    {
+        pattern: /exec\s*\(\s*`[^`]*\${[^}]*(?:req|params|query|body)/g,
+        category: 'injection',
+        severity: 'critical',
+        title: 'Command Injection via Template Literal',
+        description: 'User input is being interpolated directly into a shell command. Attackers can inject shell commands and take over your server.',
+        effort: '30 minutes',
+    },
+    {
+        pattern: /SELECT\s+.+\s+FROM\s+.+\s+WHERE\s+.+\+\s*(?:req|params|query|body|user)/gi,
+        category: 'injection',
+        severity: 'critical',
+        title: 'SQL Injection via String Concatenation',
+        description: 'You are building SQL queries by concatenating user input. Attackers can manipulate the query to access, modify, or delete your entire database.',
+        effort: '30 minutes',
+    },
+    {
+        pattern: /res\.setHeader\s*\(\s*['"]Access-Control-Allow-Origin['"]\s*,\s*['"]\*['"]/g,
+        category: 'insecure_config',
+        severity: 'high',
+        title: 'CORS Wildcard — Any Origin Allowed',
+        description: 'Your API accepts requests from ANY website. This means a malicious site can make authenticated requests on behalf of your logged-in users.',
+        effort: '5 minutes',
+    },
+    {
+        pattern: /jwt\.verify\s*\(\s*token\s*,\s*(?:key|secret)\s*,\s*\{[^}]*algorithms\s*:\s*\[['"](?:none|HS256)['"]\]/g,
+        category: 'crypto_weakness',
+        severity: 'high',
+        title: 'JWT Algorithm Confusion Vulnerability',
+        description: 'Allowing the "none" algorithm or only HS256 in JWT verification can allow attackers to forge tokens and impersonate any user.',
+        effort: '30 minutes',
+    },
+    {
+        pattern: /crypto\.createHash\s*\(\s*['"]md5['"]\)|crypto\.createHash\s*\(\s*['"]sha1['"]\)/g,
+        category: 'crypto_weakness',
+        severity: 'medium',
+        title: 'Weak Cryptographic Hash (MD5/SHA1)',
+        description: 'MD5 and SHA1 are considered broken for security purposes. Attackers can find collisions and forge data. Use SHA-256 or better.',
+        effort: '5 minutes',
+    },
+    {
+        pattern: /\.readFile(?:Sync)?\s*\([^,)]*(?:params|query|body|req\.[a-z]+)\./g,
+        category: 'path_traversal',
+        severity: 'high',
+        title: 'Path Traversal via User Input',
+        description: 'A user-controlled value is being used in a file path. Attackers can use "../../../etc/passwd" to read any file on your server.',
+        effort: '30 minutes',
+    },
+    {
+        pattern: /process\.env\b(?!.*process\.env)/g, // Zero matches is not a problem; this finds the concept
+        category: 'info',
+        severity: 'info',
+        title: 'Environment Variables Used',
+        description: 'Good — environment variables are being used for configuration.',
+        effort: '5 minutes',
+    },
+];
+// ── AISecurityScanner ─────────────────────────────────────────────────────────
+class AISecurityScanner {
+    constructor(geminiApiKey) {
+        this.ai = null;
+        this.SUPPORTED_EXTENSIONS = new Set(['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs', '.py', '.go']);
+        this.SKIP_DIRS = new Set(['node_modules', '.git', 'dist', 'build', '.next', 'coverage', '__pycache__']);
+        this.MAX_FILE_SIZE = 50000; // 50KB per file
+        this.MAX_FILES_FOR_AI = 20; // AI scan is expensive — limit to highest-risk files
+        if (geminiApiKey) {
+            this.ai = new generative_ai_1.GoogleGenerativeAI(geminiApiKey);
+        }
+    }
+    /**
+     * Scan a directory for security vulnerabilities.
+     * Uses fast static analysis first, then AI for deep contextual analysis.
+     *
+     * @example
+     * const result = await scanner.scanDirectory('./src');
+     * console.log(result.vulnerabilities); // Sorted by severity
+     */
+    async scanDirectory(dirPath) {
+        const startMs = Date.now();
+        console.log(`\n🔍 [TitanShield Scanner] Scanning ${dirPath}...\n`);
+        // 1. Walk directory
+        const files = this.walkDirectory(dirPath);
+        console.log(`   Found ${files.length} files to scan`);
+        // 2. Static pattern scan (fast, runs on ALL files)
+        const allVulns = [];
+        let totalLines = 0;
+        for (const file of files) {
+            const vulns = await this.staticScan(file, dirPath);
+            allVulns.push(...vulns);
+            try {
+                const content = (0, fs_1.readFileSync)(file, 'utf8');
+                totalLines += content.split('\n').length;
+            }
+            catch { }
+        }
+        // 3. AI deep scan (runs on highest-risk files only)
+        if (this.ai) {
+            const highRiskFiles = this.prioritizeFiles(files, allVulns);
+            const aiVulns = await this.aiScan(highRiskFiles.slice(0, this.MAX_FILES_FOR_AI), dirPath);
+            allVulns.push(...aiVulns);
+        }
+        // 4. Deduplicate and sort by severity
+        const unique = this.deduplicateVulns(allVulns);
+        const sorted = this.sortBySeverity(unique);
+        // 5. Compute risk score
+        const riskScore = this.computeRiskScore(sorted);
+        const grade = this.computeGrade(riskScore);
+        const result = {
+            scannedFiles: files.length,
+            scannedLines: totalLines,
+            vulnerabilities: sorted,
+            scanDurationMs: Date.now() - startMs,
+            riskScore,
+            grade,
+            summary: this.generateSummary(sorted, grade, files.length),
+            criticalCount: sorted.filter(v => v.severity === 'critical').length,
+            highCount: sorted.filter(v => v.severity === 'high').length,
+            autoFixable: sorted.filter(v => ['5 minutes', '30 minutes'].includes(v.fix.effort)).length,
+        };
+        this.printReport(result, dirPath);
+        return result;
+    }
+    async staticScan(filePath, rootDir) {
+        let code;
+        try {
+            const stat = (0, fs_1.statSync)(filePath);
+            if (stat.size > this.MAX_FILE_SIZE)
+                return [];
+            code = (0, fs_1.readFileSync)(filePath, 'utf8');
+        }
+        catch {
+            return [];
+        }
+        const vulns = [];
+        const lines = code.split('\n');
+        const relFile = (0, path_1.relative)(rootDir, filePath);
+        for (const pattern of STATIC_PATTERNS) {
+            if (pattern.category === 'info')
+                continue; // skip info patterns
+            let match;
+            const re = new RegExp(pattern.pattern.source, pattern.pattern.flags);
+            while ((match = re.exec(code)) !== null) {
+                const matchPos = match.index;
+                const lineNum = code.slice(0, matchPos).split('\n').length;
+                const evidenceLine = lines[lineNum - 1]?.trim() ?? '';
+                vulns.push({
+                    id: `static_${Date.now()}_${Math.random().toString(36).slice(2, 6)}`,
+                    file: relFile,
+                    line: lineNum,
+                    severity: pattern.severity,
+                    category: pattern.category,
+                    title: pattern.title,
+                    description: pattern.description,
+                    evidence: evidenceLine.slice(0, 200),
+                    fix: {
+                        summary: `Fix the ${pattern.category} vulnerability in ${relFile}:${lineNum}`,
+                        codeBefore: evidenceLine,
+                        codeAfter: '// Replace with safe alternative — see TitanShield documentation',
+                        effort: pattern.effort,
+                    },
+                });
+            }
+        }
+        return vulns;
+    }
+    async aiScan(files, rootDir) {
+        if (!this.ai || files.length === 0)
+            return [];
+        const model = this.ai.getGenerativeModel({ model: 'gemini-2.5-flash' });
+        const results = [];
+        for (const file of files) {
+            try {
+                const code = (0, fs_1.readFileSync)(file, 'utf8');
+                const relFile = (0, path_1.relative)(rootDir, file);
+                const prompt = `You are a world-class security engineer performing a code review.
+Analyze this ${(0, path_1.extname)(file)} file for security vulnerabilities.
+File: ${relFile}
+\`\`\`
+${code.slice(0, 8000)}
+\`\`\`
+Return ONLY a JSON array of vulnerabilities found. If none, return [].
+Each vulnerability:
+{
+  "line": <line number>,
+  "severity": "critical|high|medium|low",
+  "category": "injection|xss|hardcoded_secret|missing_auth|idor|insecure_config|crypto_weakness|timing_attack|path_traversal",
+  "title": "<concise title, max 60 chars>",
+  "description": "<plain English explanation, 2-3 sentences, no jargon>",
+  "evidence": "<the exact problematic code snippet>",
+  "fix": {
+    "summary": "<one line fix description>",
+    "codeBefore": "<vulnerable code, max 3 lines>",
+    "codeAfter": "<fixed code, max 3 lines>",
+    "effort": "5 minutes|30 minutes|2 hours|1 day"
+  }
+}`;
+                const result = await model.generateContent(prompt);
+                const raw = result.response.text().replace(/```json\n?|```/g, '').trim();
+                const parsed = JSON.parse(raw.startsWith('[') ? raw : '[]');
+                for (const v of parsed) {
+                    results.push({
+                        id: `ai_${Date.now()}_${Math.random().toString(36).slice(2, 6)}`,
+                        file: relFile,
+                        line: v.line,
+                        severity: v.severity,
+                        category: v.category,
+                        title: v.title,
+                        description: v.description,
+                        evidence: v.evidence ?? '',
+                        fix: v.fix ?? { summary: 'See description', codeBefore: '', codeAfter: '', effort: '30 minutes' },
+                    });
+                }
+            }
+            catch { }
+        }
+        return results;
+    }
+    walkDirectory(dirPath) {
+        const files = [];
+        const walk = (dir) => {
+            try {
+                for (const entry of (0, fs_1.readdirSync)(dir, { withFileTypes: true })) {
+                    if (this.SKIP_DIRS.has(entry.name))
+                        continue;
+                    const fullPath = (0, path_1.join)(dir, entry.name);
+                    if (entry.isDirectory()) {
+                        walk(fullPath);
+                    }
+                    else if (this.SUPPORTED_EXTENSIONS.has((0, path_1.extname)(entry.name))) {
+                        files.push(fullPath);
+                    }
+                }
+            }
+            catch { }
+        };
+        walk(dirPath);
+        return files;
+    }
+    prioritizeFiles(files, vulns) {
+        const vulnFiles = new Set(vulns.map(v => v.file));
+        return [
+            ...files.filter(f => vulnFiles.has(f)), // files with static vulns first
+            ...files.filter(f => !vulnFiles.has(f)),
+        ];
+    }
+    deduplicateVulns(vulns) {
+        const seen = new Set();
+        return vulns.filter(v => {
+            const key = `${v.file}:${v.line}:${v.category}`;
+            if (seen.has(key))
+                return false;
+            seen.add(key);
+            return true;
+        });
+    }
+    sortBySeverity(vulns) {
+        const order = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
+        return [...vulns].sort((a, b) => order[a.severity] - order[b.severity]);
+    }
+    computeRiskScore(vulns) {
+        const weights = { critical: 40, high: 20, medium: 8, low: 2, info: 0 };
+        const raw = vulns.reduce((s, v) => s + weights[v.severity], 0);
+        return Math.min(100, raw);
+    }
+    computeGrade(score) {
+        if (score === 0)
+            return 'A';
+        if (score <= 10)
+            return 'B';
+        if (score <= 30)
+            return 'C';
+        if (score <= 60)
+            return 'D';
+        return 'F';
+    }
+    generateSummary(vulns, grade, fileCount) {
+        const c = vulns.filter(v => v.severity === 'critical').length;
+        const h = vulns.filter(v => v.severity === 'high').length;
+        if (vulns.length === 0)
+            return `🎉 Grade ${grade}: No vulnerabilities found in ${fileCount} files! Your code looks secure.`;
+        if (c > 0)
+            return `🚨 Grade ${grade}: Found ${c} CRITICAL and ${h} high-severity issues across ${fileCount} files. Fix critical issues before deploying!`;
+        if (h > 0)
+            return `⚠️ Grade ${grade}: Found ${h} high-severity issues. Fix before production deployment.`;
+        return `ℹ️ Grade ${grade}: Found ${vulns.length} minor issues. Safe to deploy, but worth fixing.`;
+    }
+    printReport(result, dir) {
+        const COLORS = { critical: '\x1b[31m', high: '\x1b[33m', medium: '\x1b[36m', low: '\x1b[37m', info: '\x1b[90m', reset: '\x1b[0m' };
+        console.log(`\n${'═'.repeat(60)}`);
+        console.log(`  🛡️  TitanShieldAI Security Scan`);
+        console.log(`  Directory: ${dir}`);
+        console.log(`  Files: ${result.scannedFiles} | Lines: ${result.scannedLines.toLocaleString()} | ${result.scanDurationMs}ms`);
+        console.log(`${'═'.repeat(60)}`);
+        console.log(`  Grade: ${result.grade} | Risk Score: ${result.riskScore}/100`);
+        console.log(`  ${result.summary}\n`);
+        if (result.vulnerabilities.length === 0) {
+            console.log('  ✅ Clean! No vulnerabilities detected.\n');
+            return;
+        }
+        for (const v of result.vulnerabilities) {
+            const color = COLORS[v.severity];
+            console.log(`  ${color}[${v.severity.toUpperCase()}]${COLORS.reset} ${v.title}`);
+            console.log(`          File: ${v.file}${v.line ? `:${v.line}` : ''}`);
+            console.log(`          ${v.description.slice(0, 120)}`);
+            console.log(`          Fix: ${v.fix.summary} (${v.fix.effort})\n`);
+        }
+        console.log(`  Auto-fixable: ${result.autoFixable}/${result.vulnerabilities.length} vulnerabilities`);
+        console.log(`${'═'.repeat(60)}\n`);
+    }
+}
+exports.AISecurityScanner = AISecurityScanner;
+//# sourceMappingURL=scanner.js.map

package/dist/scanner.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"scanner.js","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":";AAAA,iFAAiF;AACjF,6BAA6B;AAC7B,EAAE;AACF,iFAAiF;AACjF,EAAE;AACF,4EAA4E;AAC5E,qEAAqE;AACrE,EAAE;AACF,+EAA+E;AAC/E,qDAAqD;AACrD,iEAAiE;AACjE,qDAAqD;AACrD,+CAA+C;AAC/C,qDAAqD;AACrD,EAAE;AACF,iBAAiB;AACjB,iEAAiE;AACjE,sDAAsD;AACtD,8CAA8C;AAC9C,+CAA+C;AAC/C,yCAAyC;AACzC,qCAAqC;AACrC,qCAAqC;AACrC,sCAAsC;AACtC,oCAAoC;AACpC,iFAAiF;;;AAEjF,2BAAyD;AACzD,+BAA+C;AAC/C,yDAA2D;AAqD3D,iFAAiF;AACjF,MAAM,eAAe,GAOhB;IACG;QACI,OAAO,EAAE,qHAAqH;QAC9H,QAAQ,EAAE,kBAAkB;QAC5B,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,2BAA2B;QAClC,WAAW,EAAE,mJAAmJ;QAChK,MAAM,EAAE,WAAW;KACtB;IACD;QACI,OAAO,EAAE,0DAA0D;QACnE,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,qDAAqD;QAC5D,WAAW,EAAE,6KAA6K;QAC1L,MAAM,EAAE,YAAY;KACvB;IACD;QACI,OAAO,EAAE,sDAAsD;QAC/D,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,wCAAwC;QAC/C,WAAW,EAAE,gIAAgI;QAC7I,MAAM,EAAE,YAAY;KACvB;IACD;QACI,OAAO,EAAE,2EAA2E;QACpF,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,wCAAwC;QAC/C,WAAW,EAAE,iJAAiJ;QAC9J,MAAM,EAAE,YAAY;KACvB;IACD;QACI,OAAO,EAAE,6EAA6E;QACtF,QAAQ,EAAE,iBAAiB;QAC3B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EAAE,4IAA4I;QACzJ,MAAM,EAAE,WAAW;KACtB;IACD;QACI,OAAO,EAAE,yGAAyG;QAClH,QAAQ,EAAE,iBAAiB;QAC3B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,uCAAuC;QAC9C,WAAW,EAAE,+HAA+H;QAC5I,MAAM,EAAE,YAAY;KACvB;IACD;QACI,OAAO,EAAE,mFAAmF;QAC5F,QAAQ,EAAE,iBAAiB;QAC3B,QAAQ,EAAE,QAAQ;QAClB,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EAAE,gIAAgI;QAC7I,MAAM,EAAE,WAAW;KACtB;IACD;QACI,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,+BAA+B;QACtC,WAAW,EAAE,gIAAgI;QAC7I,MAAM,EAAE,YAAY;KACvB;IACD;QACI,OAAO,EAAE,mCAAmC,EAAE,wDAAwD;QACtG,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,4BAA4B;QACnC,WAAW,EAAE,gEAAgE;QAC7E,MAAM,EAAE,WAAW;KACtB;CACJ,CAAC;AAEN,iFAAiF;AACjF,MAAa,iBAAiB;IAO1B,YAAY,YAAqB;QANzB,OAAE,GAA8B,IAAI,CAAC;QAC5B,yBAAoB,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAC7F,cAAS,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC;QACnG,kBAAa,GAAG,KAAM,CAAC,CAAC,gBAAgB;QACxC,qBAAgB,GAAG,EAAE,CAAC,CAAC,qDAAqD;QAGzF,IAAI,YAAY,EAAE,CAAC;YACf,IAAI,CAAC,EAAE,GAAG,IAAI,kCAAkB,CAAC,YAAY,CAAC,CAAC;QACnD,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CAAC,OAAe;QAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,uCAAuC,OAAO,OAAO,CAAC,CAAC;QAEnE,oBAAoB;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,YAAY,KAAK,CAAC,MAAM,gBAAgB,CAAC,CAAC;QAEtD,mDAAmD;QACnD,MAAM,QAAQ,GAA4B,EAAE,CAAC;QAC7C,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YACnD,QAAQ,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;YAExB,IAAI,CAAC;gBACD,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;gBAC3C,UAAU,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAC7C,CAAC;YAAC,MAAM,CAAC,CAAC,CAAC;QACf,CAAC;QAED,oDAAoD;QACpD,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACV,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;YAC5D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,EAAE,OAAO,CAAC,CAAC;YAC1F,QAAQ,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;QAC9B,CAAC;QAED,sCAAsC;QACtC,MAAM,MAAM,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAE3C,wBAAwB;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAChD,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAE3C,MAAM,MAAM,GAAe;YACvB,YAAY,EAAE,KAAK,CAAC,MAAM;YAC1B,YAAY,EAAE,UAAU;YACxB,eAAe,EAAE,MAAM;YACvB,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO;YACpC,SAAS;YACT,KAAK;YACL,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC;YAC1D,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;YACnE,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;YAC3D,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;SAC7F,CAAC;QAEF,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAClC,OAAO,MAAM,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,QAAgB,EAAE,OAAe;QACtD,IAAI,IAAY,CAAC;QACjB,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,IAAA,aAAQ,EAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,aAAa;gBAAE,OAAO,EAAE,CAAC;YAC9C,IAAI,GAAG,IAAA,iBAAY,EAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,EAAE,CAAC;QAAC,CAAC;QAEtB,MAAM,KAAK,GAA4B,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC/B,MAAM,OAAO,GAAG,IAAA,eAAQ,EAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAE5C,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACpC,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM;gBAAE,SAAS,CAAC,qBAAqB;YAEhE,IAAI,KAA6B,CAAC;YAClC,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAErE,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACtC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC;gBAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBAC3D,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;gBAEtD,KAAK,CAAC,IAAI,CAAC;oBACP,EAAE,EAAE,UAAU,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;oBACpE,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,OAAO;oBACb,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,QAAQ,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACpC,GAAG,EAAE;wBACD,OAAO,EAAE,WAAW,OAAO,CAAC,QAAQ,qBAAqB,OAAO,IAAI,OAAO,EAAE;wBAC7E,UAAU,EAAE,YAAY;wBACxB,SAAS,EAAE,kEAAkE;wBAC7E,MAAM,EAAE,OAAO,CAAC,MAAM;qBACzB;iBACJ,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAEO,KAAK,CAAC,MAAM,CAAC,KAAe,EAAE,OAAe;QACjD,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,EAAE,CAAC,kBAAkB,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;QACxE,MAAM,OAAO,GAA4B,EAAE,CAAC;QAE5C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACvB,IAAI,CAAC;gBACD,MAAM,IAAI,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;gBACxC,MAAM,OAAO,GAAG,IAAA,eAAQ,EAAC,OAAO,EAAE,IAAI,CAAC,CAAC;gBACxC,MAAM,MAAM,GAAG;eAChB,IAAA,cAAO,EAAC,IAAI,CAAC;QACpB,OAAO;;;EAGb,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;;;;;;;;;;;;;;;;;;EAkBnB,CAAC;gBAEa,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;gBACnD,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,iBAAiB,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;gBAE5D,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;oBACrB,OAAO,CAAC,IAAI,CAAC;wBACT,EAAE,EAAE,MAAM,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;wBAChE,IAAI,EAAE,OAAO;wBACb,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;wBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;wBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;wBACd,WAAW,EAAE,CAAC,CAAC,WAAW;wBAC1B,QAAQ,EAAE,CAAC,CAAC,QAAQ,IAAI,EAAE;wBAC1B,GAAG,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE;qBACpG,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;YAAC,MAAM,CAAC,CAAC,CAAC;QACf,CAAC;QAED,OAAO,OAAO,CAAC;IACnB,CAAC;IAEO,aAAa,CAAC,OAAe;QACjC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,CAAC,GAAW,EAAE,EAAE;YACzB,IAAI,CAAC;gBACD,KAAK,MAAM,KAAK,IAAI,IAAA,gBAAW,EAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;oBAC5D,IAAI,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;wBAAE,SAAS;oBAC7C,MAAM,QAAQ,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;oBACvC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;wBAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBAAC,CAAC;yBACvC,IAAI,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,IAAA,cAAO,EAAC,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;wBAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBAAC,CAAC;gBAC1F,CAAC;YACL,CAAC;YAAC,MAAM,CAAC,CAAC,CAAC;QACf,CAAC,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,CAAC;QACd,OAAO,KAAK,CAAC;IACjB,CAAC;IAEO,eAAe,CAAC,KAAe,EAAE,KAA8B;QACnE,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAClD,OAAO;YACH,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,gCAAgC;YACxE,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SAC1C,CAAC;IACN,CAAC;IAEO,gBAAgB,CAAC,KAA8B;QACnD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;QAC/B,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;YACpB,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;YAChD,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;YAChC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,OAAO,IAAI,CAAC;QAChB,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,cAAc,CAAC,KAA8B;QACjD,MAAM,KAAK,GAAiC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACjG,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC5E,CAAC;IAEO,gBAAgB,CAAC,KAA8B;QACnD,MAAM,OAAO,GAAG,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACvE,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC9B,CAAC;IAEO,YAAY,CAAC,KAAa;QAC9B,IAAI,KAAK,KAAK,CAAC;YAAE,OAAO,GAAG,CAAC;QAC5B,IAAI,KAAK,IAAI,EAAE;YAAE,OAAO,GAAG,CAAC;QAC5B,IAAI,KAAK,IAAI,EAAE;YAAE,OAAO,GAAG,CAAC;QAC5B,IAAI,KAAK,IAAI,EAAE;YAAE,OAAO,GAAG,CAAC;QAC5B,OAAO,GAAG,CAAC;IACf,CAAC;IAEO,eAAe,CAAC,KAA8B,EAAE,KAAa,EAAE,SAAiB;QACpF,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;QAC9D,MAAM,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;QAC1D,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,YAAY,KAAK,iCAAiC,SAAS,iCAAiC,CAAC;QAC5H,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,YAAY,KAAK,WAAW,CAAC,iBAAiB,CAAC,gCAAgC,SAAS,+CAA+C,CAAC;QAC1J,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,YAAY,KAAK,WAAW,CAAC,0DAA0D,CAAC;QAC1G,OAAO,YAAY,KAAK,WAAW,KAAK,CAAC,MAAM,kDAAkD,CAAC;IACtG,CAAC;IAEO,WAAW,CAAC,MAAkB,EAAE,GAAW;QAC/C,MAAM,MAAM,GAAG,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC;QACnI,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,YAAY,aAAa,MAAM,CAAC,YAAY,CAAC,cAAc,EAAE,MAAM,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC;QAC7H,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,KAAK,kBAAkB,MAAM,CAAC,SAAS,MAAM,CAAC,CAAC;QAC9E,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC;QAErC,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;YACzD,OAAO;QACX,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,IAAI,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,KAAK,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;YACjF,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC;QACvE,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,kBAAkB,CAAC,CAAC;QACtG,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IACvC,CAAC;CACJ;AAxQD,8CAwQC"}

package/dist/threats.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import type { StoredAuditEvent, ThreatAlert } from './types.js';
+export declare class ThreatEngine {
+    private gemini;
+    constructor(geminiApiKey?: string);
+    analyzeEvent(event: StoredAuditEvent, recentEvents: StoredAuditEvent[]): Promise<{
+        anomalyScore: number;
+        alert: ThreatAlert | null;
+    }>;
+}
+//# sourceMappingURL=threats.d.ts.map

package/dist/threats.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"threats.d.ts","sourceRoot":"","sources":["../src/threats.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAgB,MAAM,YAAY,CAAC;AAkC9E,qBAAa,YAAY;IACrB,OAAO,CAAC,MAAM,CAA0F;gBAE5F,YAAY,CAAC,EAAE,MAAM;IAO3B,YAAY,CACd,KAAK,EAAE,gBAAgB,EACvB,YAAY,EAAE,gBAAgB,EAAE,GACjC,OAAO,CAAC;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,WAAW,GAAG,IAAI,CAAA;KAAE,CAAC;CAwDlE"}

package/dist/threats.js ADDED Viewed

@@ -0,0 +1,96 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ThreatEngine = void 0;
+const generative_ai_1 = require("@google/generative-ai");
+// ─────────────────────────────────────────────────────────────────────────────
+// AI Threat Engine — Gemini-powered anomaly analysis & narrative generation
+// ─────────────────────────────────────────────────────────────────────────────
+const THREAT_PROMPT = (event, context) => `
+You are TitanShieldAI, a senior security analyst. Analyze this security event and recent context.
+CURRENT EVENT:
+${JSON.stringify(event, null, 2)}
+RECENT CONTEXT (last 10 events, same project):
+${JSON.stringify(context.slice(-10), null, 2)}
+Anomaly factors already detected: ${event.anomalyScore > 0 ? 'high_risk_event, failed_outcome' : 'none'}
+Determine:
+1. Is this event genuinely suspicious or a false positive?
+2. What is the threat narrative in plain English (1-2 sentences)?
+3. What should the developer/admin do right now?
+Respond ONLY in valid JSON:
+{
+  "isThreat": true|false,
+  "threatType": "brute_force|unusual_location|data_exfiltration|privilege_escalation|anomaly|none",
+  "severity": "low|medium|high|critical",
+  "anomalyScore": 0-100,
+  "narrative": "Plain English 1-2 sentence threat description",
+  "recommendedAction": "Specific action to take right now",
+  "falsePositiveReason": "If not a threat, why it looks suspicious but isn't"
+}
+`;
+class ThreatEngine {
+    constructor(geminiApiKey) {
+        this.gemini = null;
+        if (geminiApiKey) {
+            const genAI = new generative_ai_1.GoogleGenerativeAI(geminiApiKey);
+            this.gemini = genAI.getGenerativeModel({ model: 'gemini-2.5-flash' });
+        }
+    }
+    async analyzeEvent(event, recentEvents) {
+        // Skip AI for clearly benign events with low baseline score
+        if (event.anomalyScore < 20 && !['user.login_failed', 'data.export', 'admin.user_elevated'].includes(event.event)) {
+            return { anomalyScore: event.anomalyScore, alert: null };
+        }
+        // Use Gemini if available
+        if (this.gemini) {
+            try {
+                const result = await this.gemini.generateContent(THREAT_PROMPT(event, recentEvents));
+                const raw = result.response.text().trim().replace(/^```json?\n?/, '').replace(/\n?```$/, '');
+                const parsed = JSON.parse(raw);
+                if (!parsed.isThreat || parsed.threatType === 'none') {
+                    return { anomalyScore: parsed.anomalyScore ?? event.anomalyScore, alert: null };
+                }
+                const alert = {
+                    id: `alert_${Date.now()}_${Math.random().toString(36).slice(2, 6)}`,
+                    triggeredBy: event.id,
+                    type: parsed.threatType,
+                    severity: parsed.severity,
+                    narrative: parsed.narrative,
+                    affectedUser: event.userId,
+                    affectedResource: event.resource,
+                    recommendedAction: parsed.recommendedAction,
+                    timestamp: new Date(),
+                    dismissed: false,
+                };
+                return { anomalyScore: parsed.anomalyScore ?? event.anomalyScore, alert };
+            }
+            catch (e) {
+                // Fallback to heuristic-only if Gemini fails
+                console.warn('[TitanShield] AI analysis failed, using heuristic:', e.message);
+            }
+        }
+        // Heuristic-only alert (no Gemini key)
+        if (event.anomalyScore >= 50) {
+            const alert = {
+                id: `alert_${Date.now()}_${Math.random().toString(36).slice(2, 6)}`,
+                triggeredBy: event.id,
+                type: 'anomaly',
+                severity: event.anomalyScore >= 80 ? 'high' : 'medium',
+                narrative: `Suspicious activity detected for ${event.userId ? `user ${event.userId}` : 'anonymous user'}: ${event.event} — anomaly score ${event.anomalyScore}/100.`,
+                affectedUser: event.userId,
+                affectedResource: event.resource,
+                recommendedAction: 'Review this event and recent activity for this user or IP address.',
+                timestamp: new Date(),
+                dismissed: false,
+            };
+            return { anomalyScore: event.anomalyScore, alert };
+        }
+        return { anomalyScore: event.anomalyScore, alert: null };
+    }
+}
+exports.ThreatEngine = ThreatEngine;
+//# sourceMappingURL=threats.js.map

package/dist/threats.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"threats.js","sourceRoot":"","sources":["../src/threats.ts"],"names":[],"mappings":";;;AAAA,yDAA2D;AAG3D,gFAAgF;AAChF,4EAA4E;AAC5E,gFAAgF;AAEhF,MAAM,aAAa,GAAG,CAAC,KAAuB,EAAE,OAA2B,EAAE,EAAE,CAAC;;;;EAI9E,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;;;EAG9B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC;;oCAET,KAAK,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,MAAM;;;;;;;;;;;;;;;;;CAiBtG,CAAC;AAEF,MAAa,YAAY;IAGrB,YAAY,YAAqB;QAFzB,WAAM,GAAqF,IAAI,CAAC;QAGpG,IAAI,YAAY,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,kCAAkB,CAAC,YAAY,CAAC,CAAC;YACnD,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,kBAAkB,CAAC,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC1E,CAAC;IACL,CAAC;IAED,KAAK,CAAC,YAAY,CACd,KAAuB,EACvB,YAAgC;QAEhC,4DAA4D;QAC5D,IAAI,KAAK,CAAC,YAAY,GAAG,EAAE,IAAI,CAAC,CAAC,mBAAmB,EAAE,aAAa,EAAE,qBAAqB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YAChH,OAAO,EAAE,YAAY,EAAE,KAAK,CAAC,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAC7D,CAAC;QAED,0BAA0B;QAC1B,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACd,IAAI,CAAC;gBACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,aAAa,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC,CAAC;gBACrF,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;gBAC7F,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAE/B,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,UAAU,KAAK,MAAM,EAAE,CAAC;oBACnD,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;gBACpF,CAAC;gBAED,MAAM,KAAK,GAAgB;oBACvB,EAAE,EAAE,SAAS,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;oBACnE,WAAW,EAAE,KAAK,CAAC,EAAE;oBACrB,IAAI,EAAE,MAAM,CAAC,UAAU;oBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;oBACzB,SAAS,EAAE,MAAM,CAAC,SAAS;oBAC3B,YAAY,EAAE,KAAK,CAAC,MAAM;oBAC1B,gBAAgB,EAAE,KAAK,CAAC,QAAQ;oBAChC,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;oBAC3C,SAAS,EAAE,IAAI,IAAI,EAAE;oBACrB,SAAS,EAAE,KAAK;iBACnB,CAAC;gBAEF,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,KAAK,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC;YAC9E,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACT,6CAA6C;gBAC7C,OAAO,CAAC,IAAI,CAAC,oDAAoD,EAAG,CAAW,CAAC,OAAO,CAAC,CAAC;YAC7F,CAAC;QACL,CAAC;QAED,uCAAuC;QACvC,IAAI,KAAK,CAAC,YAAY,IAAI,EAAE,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAgB;gBACvB,EAAE,EAAE,SAAS,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;gBACnE,WAAW,EAAE,KAAK,CAAC,EAAE;gBACrB,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE,KAAK,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBACtD,SAAS,EAAE,oCAAoC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,gBAAgB,KAAK,KAAK,CAAC,KAAK,oBAAoB,KAAK,CAAC,YAAY,OAAO;gBACpK,YAAY,EAAE,KAAK,CAAC,MAAM;gBAC1B,gBAAgB,EAAE,KAAK,CAAC,QAAQ;gBAChC,iBAAiB,EAAE,oEAAoE;gBACvF,SAAS,EAAE,IAAI,IAAI,EAAE;gBACrB,SAAS,EAAE,KAAK;aACnB,CAAC;YACF,OAAO,EAAE,YAAY,EAAE,KAAK,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC;QACvD,CAAC;QAED,OAAO,EAAE,YAAY,EAAE,KAAK,CAAC,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAC7D,CAAC;CACJ;AArED,oCAqEC"}

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,68 @@
+export interface TitanConfig {
+    apiKey: string;
+    project: string;
+    env?: 'development' | 'staging' | 'production';
+    geminiApiKey?: string;
+    firestoreCredentials?: object;
+    webhookUrl?: string;
+}
+export type AuditEventType = 'user.login' | 'user.logout' | 'user.login_failed' | 'user.signup' | 'user.password_changed' | 'user.mfa_enabled' | 'user.mfa_disabled' | 'data.read' | 'data.write' | 'data.delete' | 'data.export' | 'admin.settings_changed' | 'admin.user_elevated' | 'admin.user_suspended' | 'api.key_created' | 'api.key_revoked' | 'billing.plan_changed' | 'security.threat_detected' | 'security.ip_blocked' | string;
+export interface AuditEvent {
+    event: AuditEventType;
+    userId?: string;
+    ip?: string;
+    userAgent?: string;
+    resource?: string;
+    action?: string;
+    outcome?: 'success' | 'failure' | 'blocked';
+    metadata?: Record<string, unknown>;
+}
+export interface StoredAuditEvent extends AuditEvent {
+    id: string;
+    project: string;
+    env: string;
+    timestamp: Date;
+    hash: string;
+    severityScore: number;
+    anomalyScore: number;
+    threatFlag: boolean;
+}
+export interface ThreatAlert {
+    id: string;
+    triggeredBy: string;
+    type: 'brute_force' | 'unusual_location' | 'data_exfiltration' | 'privilege_escalation' | 'anomaly';
+    severity: 'low' | 'medium' | 'high' | 'critical';
+    narrative: string;
+    affectedUser?: string;
+    affectedResource?: string;
+    recommendedAction: string;
+    timestamp: Date;
+    dismissed: boolean;
+}
+export interface AnomalyScore {
+    score: number;
+    factors: string[];
+    isThreat: boolean;
+}
+export interface ValidationResult {
+    valid: boolean;
+    errors: ValidationError[];
+    sanitized?: unknown;
+}
+export interface ValidationError {
+    field: string;
+    message: string;
+    code: string;
+}
+export type ComplianceStandard = 'SOC2' | 'HIPAA' | 'PCI-DSS' | 'GDPR';
+export interface ComplianceScore {
+    overall: number;
+    standards: Record<ComplianceStandard, {
+        score: number;
+        passed: string[];
+        failed: string[];
+        notApplicable: string[];
+    }>;
+    generatedAt: Date;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAIA,MAAM,WAAW,WAAW;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,aAAa,GAAG,SAAS,GAAG,YAAY,CAAC;IAC/C,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB;AAID,MAAM,MAAM,cAAc,GACpB,YAAY,GACZ,aAAa,GACb,mBAAmB,GACnB,aAAa,GACb,uBAAuB,GACvB,kBAAkB,GAClB,mBAAmB,GACnB,WAAW,GACX,YAAY,GACZ,aAAa,GACb,aAAa,GACb,wBAAwB,GACxB,qBAAqB,GACrB,sBAAsB,GACtB,iBAAiB,GACjB,iBAAiB,GACjB,sBAAsB,GACtB,0BAA0B,GAC1B,qBAAqB,GACrB,MAAM,CAAC;AAEb,MAAM,WAAW,UAAU;IACvB,KAAK,EAAE,cAAc,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;IAC5C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC;AAED,MAAM,WAAW,gBAAiB,SAAQ,UAAU;IAChD,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,IAAI,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,OAAO,CAAC;CACvB;AAID,MAAM,WAAW,WAAW;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,aAAa,GAAG,kBAAkB,GAAG,mBAAmB,GAAG,sBAAsB,GAAG,SAAS,CAAC;IACpG,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACjD,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,SAAS,EAAE,IAAI,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,YAAY;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;CACrB;AAID,MAAM,WAAW,gBAAgB;IAC7B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,eAAe,EAAE,CAAC;IAC1B,SAAS,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,eAAe;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;CAChB;AAID,MAAM,MAAM,kBAAkB,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;AAEvE,MAAM,WAAW,eAAe;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC,kBAAkB,EAAE;QAClC,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,aAAa,EAAE,MAAM,EAAE,CAAC;KAC3B,CAAC,CAAC;IACH,WAAW,EAAE,IAAI,CAAC;CACrB"}

package/dist/types.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+// ─────────────────────────────────────────────────────────────────────────────
+// TitanShieldAI — Core Types
+// ─────────────────────────────────────────────────────────────────────────────
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA,gFAAgF;AAChF,6BAA6B;AAC7B,gFAAgF"}

package/dist/validate.d.ts ADDED Viewed

@@ -0,0 +1,51 @@
+import { z, ZodSchema } from 'zod';
+import type { ValidationResult } from './types.js';
+export declare function validate<T>(schema: ZodSchema<T>, input: unknown): ValidationResult;
+export declare const Schemas: {
+    email: z.ZodObject<{
+        email: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        email: string;
+    }, {
+        email: string;
+    }>;
+    login: z.ZodObject<{
+        email: z.ZodString;
+        password: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        email: string;
+        password: string;
+    }, {
+        email: string;
+        password: string;
+    }>;
+    userRegistration: z.ZodObject<{
+        email: z.ZodString;
+        password: z.ZodString;
+        displayName: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        email: string;
+        password: string;
+        displayName: string;
+    }, {
+        email: string;
+        password: string;
+        displayName: string;
+    }>;
+    text: (maxLen?: number) => z.ZodObject<{
+        text: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        text: string;
+    }, {
+        text: string;
+    }>;
+    id: z.ZodObject<{
+        id: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        id: string;
+    }, {
+        id: string;
+    }>;
+};
+export { z };
+//# sourceMappingURL=validate.d.ts.map

package/dist/validate.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../src/validate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,SAAS,EAAE,MAAM,KAAK,CAAC;AACnC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AA4BnD,wBAAgB,QAAQ,CAAC,CAAC,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,GAAG,gBAAgB,CAgBlF;AAID,eAAO,MAAM,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAoBnB,CAAC;AAEF,OAAO,EAAE,CAAC,EAAE,CAAC"}