@vibecheckai/cli 3.5.0 → 3.5.1

package/bin/runners/lib/agent-firewall/risk/scorer.js

@@ -1,328 +0,0 @@
-/**
- * Risk Scoring Engine
- * 
- * Calculates numerical risk scores for proposed changes.
- * Uses configurable vectors and thresholds to determine risk levels.
- */
-
-"use strict";
-
-const { RISK_VECTORS, RISK_LEVELS, getRiskLevel } = require("./vectors");
-const { loadThresholds, getDecision } = require("./thresholds");
-const { classifyFileDomain } = require("../reality/state");
-
-/**
- * @typedef {Object} RiskScore
- * @property {number} total - Total risk score
- * @property {string} level - Risk level (LOW, MEDIUM, HIGH, CRITICAL)
- * @property {Object} vectors - Individual vector scores
- * @property {string[]} reasons - Human-readable risk reasons
- * @property {Object} decision - Decision based on thresholds
- */
-
-/**
- * Build context object for risk calculation
- * @param {Object} params - Score parameters
- * @returns {Object} Risk calculation context
- */
-function buildContext(params) {
-  const {
-    files = [],
-    operations = [],
-    claims = [],
-    evidence = [],
-    intent = "",
-    assumptions = [],
-    proposalConfidence = 1,
-    policy = {},
-  } = params;
-  
-  // Extract domains from files
-  const domains = new Set();
-  for (const file of files) {
-    const path = file.path || file;
-    const domain = classifyFileDomain(path);
-    domains.add(domain);
-  }
-  
-  // Identify unresolved assumptions
-  const unresolvedAssumptions = [];
-  for (const assumption of assumptions) {
-    const evidenceForAssumption = evidence.find(e => 
-      e.claim?.key === assumption.key || 
-      e.claim?.type === assumption.type
-    );
-    
-    if (!evidenceForAssumption || evidenceForAssumption.status === "UNPROVEN") {
-      unresolvedAssumptions.push(assumption);
-    }
-  }
-  
-  // Detect new items
-  const newEnvVars = claims
-    .filter(c => c.type === "env" && !c.exists)
-    .map(c => c.key || c.value);
-  
-  const newRoutes = claims
-    .filter(c => c.type === "route" && !c.exists)
-    .map(c => c.path || c.value);
-  
-  const newDependencies = claims
-    .filter(c => c.type === "dependency" && !c.exists)
-    .map(c => c.name || c.value);
-  
-  return {
-    files,
-    operations,
-    claims,
-    evidence,
-    intent,
-    assumptions,
-    proposalConfidence,
-    domains: Array.from(domains),
-    unresolvedAssumptions,
-    newEnvVars,
-    newRoutes,
-    newDependencies,
-    policy,
-  };
-}
-
-/**
- * Calculate risk score for a change
- * @param {Object} params - Score parameters
- * @returns {RiskScore} Risk score result
- */
-function calculateRiskScore(params) {
-  const context = buildContext(params);
-  const policy = params.policy || {};
-  const thresholds = loadThresholds(policy);
-  
-  // Calculate individual vector scores
-  const vectorScores = {};
-  const reasons = [];
-  let totalScore = 0;
-  
-  for (const [key, vector] of Object.entries(RISK_VECTORS)) {
-    try {
-      // Get weight from policy or use default
-      const weight = policy.risk?.vectorWeights?.[vector.id] ?? vector.baseWeight;
-      
-      // Skip disabled vectors
-      if (weight === 0) continue;
-      
-      // Calculate raw score
-      const rawScore = vector.calculate(context);
-      const weightedScore = Math.round(rawScore * weight);
-      
-      vectorScores[vector.id] = {
-        raw: rawScore,
-        weighted: weightedScore,
-        weight,
-        name: vector.name,
-        description: vector.description,
-      };
-      
-      totalScore += weightedScore;
-      
-      // Add reason if score is significant
-      if (weightedScore > 0) {
-        const threshold = thresholds.vectors?.[vector.id];
-        if (threshold) {
-          if (weightedScore >= threshold.block) {
-            reasons.push(`${vector.name}: ${weightedScore} (CRITICAL - exceeds block threshold)`);
-          } else if (weightedScore >= threshold.warn) {
-            reasons.push(`${vector.name}: ${weightedScore} (WARNING - exceeds warn threshold)`);
-          } else if (weightedScore >= 10) {
-            reasons.push(`${vector.name}: ${weightedScore}`);
-          }
-        } else if (weightedScore >= 15) {
-          reasons.push(`${vector.name}: ${weightedScore}`);
-        }
-      }
-    } catch (error) {
-      // Log but continue with other vectors
-      console.warn(`Error calculating ${vector.id} risk: ${error.message}`);
-    }
-  }
-  
-  // Get risk level
-  const riskLevel = getRiskLevel(totalScore);
-  
-  // Get decision based on thresholds
-  const decision = getDecision(totalScore, thresholds, context.domains);
-  
-  // Build result
-  const result = {
-    total: totalScore,
-    level: riskLevel.label,
-    levelColor: riskLevel.color,
-    vectors: vectorScores,
-    reasons: reasons.length > 0 ? reasons : [`Total risk score: ${totalScore}`],
-    decision,
-    context: {
-      fileCount: context.files.length,
-      domains: context.domains,
-      unresolvedAssumptions: context.unresolvedAssumptions.length,
-      newEnvVars: context.newEnvVars.length,
-      newRoutes: context.newRoutes.length,
-    },
-    thresholds: {
-      autoAllow: thresholds.autoAllow,
-      requireConfirm: thresholds.requireConfirm,
-      autoBlock: thresholds.autoBlock,
-    },
-  };
-  
-  return result;
-}
-
-/**
- * Quick risk assessment without full calculation
- * @param {Object} params - Basic parameters
- * @returns {Object} Quick assessment
- */
-function quickAssess(params) {
-  const { files = [], operations = [], domains = [] } = params;
-  
-  // Quick checks
-  const hasDeletes = operations.some(op => op.type === "delete");
-  const hasMigrations = files.some(f => (f.path || f).includes("migration"));
-  const touchesAuth = domains.includes("auth") || files.some(f => (f.path || f).includes("auth"));
-  const touchesPayments = domains.includes("payments") || files.some(f => 
-    (f.path || f).includes("payment") || (f.path || f).includes("stripe")
-  );
-  
-  // Estimate risk level
-  let estimatedLevel = "LOW";
-  const flags = [];
-  
-  if (hasDeletes) {
-    flags.push("Contains deletions");
-    estimatedLevel = "MEDIUM";
-  }
-  
-  if (hasMigrations) {
-    flags.push("Contains migrations");
-    estimatedLevel = "HIGH";
-  }
-  
-  if (touchesAuth) {
-    flags.push("Touches auth");
-    estimatedLevel = estimatedLevel === "LOW" ? "MEDIUM" : estimatedLevel;
-  }
-  
-  if (touchesPayments) {
-    flags.push("Touches payments");
-    estimatedLevel = "HIGH";
-  }
-  
-  if (files.length > 10) {
-    flags.push("Large change (>10 files)");
-    estimatedLevel = estimatedLevel === "LOW" ? "MEDIUM" : estimatedLevel;
-  }
-  
-  if (files.length > 20) {
-    estimatedLevel = "HIGH";
-  }
-  
-  return {
-    estimatedLevel,
-    flags,
-    requiresFullAssessment: flags.length > 0 || files.length > 5,
-  };
-}
-
-/**
- * Get risk breakdown by domain
- * @param {RiskScore} riskScore - Calculated risk score
- * @returns {Object} Domain breakdown
- */
-function getDomainBreakdown(riskScore) {
-  const breakdown = {};
-  
-  for (const domain of riskScore.context?.domains || []) {
-    breakdown[domain] = {
-      files: 0,
-      contribution: 0,
-    };
-  }
-  
-  // Estimate contribution based on domain vector
-  const domainVector = riskScore.vectors?.domain;
-  if (domainVector && riskScore.context?.domains) {
-    const totalDomains = riskScore.context.domains.length;
-    if (totalDomains > 0) {
-      const avgContribution = domainVector.weighted / totalDomains;
-      for (const domain of riskScore.context.domains) {
-        breakdown[domain].contribution = Math.round(avgContribution);
-      }
-    }
-  }
-  
-  return breakdown;
-}
-
-/**
- * Format risk score for display
- * @param {RiskScore} riskScore - Risk score
- * @returns {string} Formatted string
- */
-function formatRiskScore(riskScore) {
-  const lines = [
-    `Risk Score: ${riskScore.total} (${riskScore.level})`,
-    `Decision: ${riskScore.decision.decision}`,
-    "",
-    "Breakdown:",
-  ];
-  
-  for (const [id, vector] of Object.entries(riskScore.vectors)) {
-    if (vector.weighted > 0) {
-      lines.push(`  ${vector.name}: ${vector.weighted}`);
-    }
-  }
-  
-  if (riskScore.reasons.length > 0) {
-    lines.push("", "Risk Factors:");
-    for (const reason of riskScore.reasons) {
-      lines.push(`  - ${reason}`);
-    }
-  }
-  
-  return lines.join("\n");
-}
-
-/**
- * Compare two risk scores
- * @param {RiskScore} a - First score
- * @param {RiskScore} b - Second score
- * @returns {Object} Comparison result
- */
-function compareScores(a, b) {
-  return {
-    difference: a.total - b.total,
-    percentChange: b.total > 0 ? ((a.total - b.total) / b.total) * 100 : 0,
-    levelChanged: a.level !== b.level,
-    oldLevel: b.level,
-    newLevel: a.level,
-    vectorChanges: Object.keys(a.vectors).reduce((acc, key) => {
-      const oldVal = b.vectors[key]?.weighted || 0;
-      const newVal = a.vectors[key]?.weighted || 0;
-      if (oldVal !== newVal) {
-        acc[key] = { old: oldVal, new: newVal, change: newVal - oldVal };
-      }
-      return acc;
-    }, {}),
-  };
-}
-
-module.exports = {
-  calculateRiskScore,
-  quickAssess,
-  buildContext,
-  getDomainBreakdown,
-  formatRiskScore,
-  compareScores,
-  RISK_VECTORS,
-  RISK_LEVELS,
-};

package/bin/runners/lib/agent-firewall/risk/thresholds.js

@@ -1,321 +0,0 @@
-/**
- * Risk Thresholds
- * 
- * Configurable thresholds for risk-based decisions.
- * These can be overridden in policy configuration.
- */
-
-"use strict";
-
-/**
- * Default threshold configuration
- * 
- * Tuned to reduce false positives while maintaining security.
- * Single-file UI/component changes should typically auto-allow.
- * Multi-file changes to core/auth/payments require confirmation.
- * Only block truly dangerous patterns (migrations, mass deletes, etc.)
- */
-const DEFAULT_THRESHOLDS = {
-  /**
-   * Score thresholds for automatic decisions
-   * Raised to reduce noise for normal development
-   */
-  autoAllow: 30,        // Auto-allow if score <= this (raised from 15)
-  requireConfirm: 70,   // Require confirmation if score > this (raised from 50)
-  autoBlock: 100,       // Auto-block if score >= this (raised from 80)
-  
-  /**
-   * Vector-specific thresholds
-   */
-  vectors: {
-    surface_area: {
-      warn: 10,
-      block: 25,
-    },
-    blast_radius: {
-      warn: 30,
-      block: 60,
-    },
-    irreversibility: {
-      warn: 25,
-      block: 50,
-    },
-    confidence: {
-      warn: 20,
-      block: 60,
-    },
-    novelty: {
-      warn: 20,
-      block: 40,
-    },
-    domain: {
-      warn: 30,
-      block: 60,
-    },
-    side_effects: {
-      warn: 20,
-      block: 50,
-    },
-  },
-  
-  /**
-   * Domain-specific thresholds
-   * Multipliers reduced to prevent over-penalization of normal changes
-   */
-  domains: {
-    auth: {
-      multiplier: 1.2,         // Reduced from 1.5 - auth changes are common
-      requireConfirm: 50,      // Raised from 30
-      autoBlock: 90,           // Raised from 60
-    },
-    payments: {
-      multiplier: 1.3,         // Reduced from 1.8 - payments needs care but not blocking
-      requireConfirm: 45,      // Raised from 25
-      autoBlock: 85,           // Raised from 50
-    },
-    database: {
-      multiplier: 1.1,         // Reduced from 1.3 - DB changes are normal
-      requireConfirm: 55,      // Raised from 40
-      autoBlock: 95,           // Raised from 70
-    },
-    security: {
-      multiplier: 1.2,         // Reduced from 1.6
-      requireConfirm: 50,      // Raised from 25
-      autoBlock: 90,           // Raised from 55
-    },
-    core: {
-      multiplier: 1.1,         // Reduced from 1.2
-      requireConfirm: 60,      // Raised from 45
-      autoBlock: 95,           // Raised from 75
-    },
-    middleware: {
-      multiplier: 1.0,         // Reduced from 1.1 - middleware is usually safe
-      requireConfirm: 65,      // Raised from 50
-      autoBlock: 100,          // Raised from 80
-    },
-    ui: {
-      multiplier: 0.7,         // Reduced from 0.8 - UI is very safe
-      requireConfirm: 80,      // Raised from 60
-      autoBlock: 120,          // Raised from 90 - UI should almost never block
-    },
-    test: {
-      multiplier: 0.3,         // Reduced from 0.5 - tests are safest
-      requireConfirm: 100,     // Raised from 70
-      autoBlock: 150,          // Raised from 95 - tests should never block
-    },
-  },
-  
-  /**
-   * File count limits
-   */
-  fileLimits: {
-    warn: 5,
-    block: 15,
-    hardLimit: 50,
-  },
-  
-  /**
-   * Line count limits
-   */
-  lineLimits: {
-    warn: 200,
-    block: 500,
-    hardLimit: 2000,
-  },
-};
-
-/**
- * Profile presets
- */
-const THRESHOLD_PROFILES = {
-  /**
-   * Strict profile - very conservative
-   */
-  strict: {
-    autoAllow: 10,
-    requireConfirm: 30,
-    autoBlock: 60,
-    fileLimits: {
-      warn: 3,
-      block: 8,
-      hardLimit: 20,
-    },
-    lineLimits: {
-      warn: 100,
-      block: 300,
-      hardLimit: 1000,
-    },
-  },
-  
-  /**
-   * Balanced profile - default
-   */
-  balanced: {
-    ...DEFAULT_THRESHOLDS,
-  },
-  
-  /**
-   * Permissive profile - more lenient
-   */
-  permissive: {
-    autoAllow: 25,
-    requireConfirm: 70,
-    autoBlock: 95,
-    fileLimits: {
-      warn: 10,
-      block: 25,
-      hardLimit: 100,
-    },
-    lineLimits: {
-      warn: 500,
-      block: 1000,
-      hardLimit: 5000,
-    },
-  },
-  
-  /**
-   * Repo-lock profile - most conservative
-   */
-  "repo-lock": {
-    autoAllow: 5,
-    requireConfirm: 15,
-    autoBlock: 40,
-    fileLimits: {
-      warn: 2,
-      block: 5,
-      hardLimit: 10,
-    },
-    lineLimits: {
-      warn: 50,
-      block: 150,
-      hardLimit: 500,
-    },
-  },
-};
-
-/**
- * Load thresholds from policy
- * @param {Object} policy - Policy configuration
- * @returns {Object} Merged threshold configuration
- */
-function loadThresholds(policy = {}) {
-  // Start with default
-  let thresholds = { ...DEFAULT_THRESHOLDS };
-  
-  // Apply profile if specified
-  const profile = policy.profile || "balanced";
-  if (THRESHOLD_PROFILES[profile]) {
-    thresholds = mergeDeep(thresholds, THRESHOLD_PROFILES[profile]);
-  }
-  
-  // Apply custom thresholds from policy
-  if (policy.thresholds) {
-    thresholds = mergeDeep(thresholds, policy.thresholds);
-  }
-  
-  // Apply risk configuration
-  if (policy.risk) {
-    if (policy.risk.autoAllow !== undefined) thresholds.autoAllow = policy.risk.autoAllow;
-    if (policy.risk.requireConfirm !== undefined) thresholds.requireConfirm = policy.risk.requireConfirm;
-    if (policy.risk.autoBlock !== undefined) thresholds.autoBlock = policy.risk.autoBlock;
-  }
-  
-  return thresholds;
-}
-
-/**
- * Deep merge objects
- */
-function mergeDeep(target, source) {
-  const output = { ...target };
-  
-  for (const key of Object.keys(source)) {
-    if (source[key] && typeof source[key] === "object" && !Array.isArray(source[key])) {
-      output[key] = mergeDeep(output[key] || {}, source[key]);
-    } else {
-      output[key] = source[key];
-    }
-  }
-  
-  return output;
-}
-
-/**
- * Get decision based on score and thresholds
- * @param {number} score - Risk score
- * @param {Object} thresholds - Threshold configuration
- * @param {string[]} domains - Affected domains
- * @returns {Object} Decision object
- */
-function getDecision(score, thresholds, domains = []) {
-  // Check for domain-specific overrides
-  let effectiveThresholds = { ...thresholds };
-  let maxMultiplier = 1;
-  
-  for (const domain of domains) {
-    const domainConfig = thresholds.domains?.[domain];
-    if (domainConfig) {
-      if (domainConfig.multiplier > maxMultiplier) {
-        maxMultiplier = domainConfig.multiplier;
-      }
-      // Use the most restrictive domain threshold
-      if (domainConfig.autoBlock < effectiveThresholds.autoBlock) {
-        effectiveThresholds.autoBlock = domainConfig.autoBlock;
-      }
-      if (domainConfig.requireConfirm < effectiveThresholds.requireConfirm) {
-        effectiveThresholds.requireConfirm = domainConfig.requireConfirm;
-      }
-    }
-  }
-  
-  // Apply domain multiplier to score
-  const effectiveScore = Math.round(score * maxMultiplier);
-  
-  // Determine decision
-  if (effectiveScore >= effectiveThresholds.autoBlock) {
-    return {
-      decision: "BLOCK",
-      reason: `Risk score ${effectiveScore} exceeds auto-block threshold ${effectiveThresholds.autoBlock}`,
-      score: effectiveScore,
-      multiplier: maxMultiplier,
-      thresholdUsed: effectiveThresholds.autoBlock,
-    };
-  }
-  
-  if (effectiveScore > effectiveThresholds.requireConfirm) {
-    return {
-      decision: "REQUIRE_CONFIRMATION",
-      reason: `Risk score ${effectiveScore} exceeds confirmation threshold ${effectiveThresholds.requireConfirm}`,
-      score: effectiveScore,
-      multiplier: maxMultiplier,
-      thresholdUsed: effectiveThresholds.requireConfirm,
-    };
-  }
-  
-  if (effectiveScore <= effectiveThresholds.autoAllow) {
-    return {
-      decision: "ALLOW",
-      reason: `Risk score ${effectiveScore} within auto-allow threshold ${effectiveThresholds.autoAllow}`,
-      score: effectiveScore,
-      multiplier: maxMultiplier,
-      thresholdUsed: effectiveThresholds.autoAllow,
-    };
-  }
-  
-  // Default to allow with warning for scores in between
-  return {
-    decision: "ALLOW_WITH_WARNING",
-    reason: `Risk score ${effectiveScore} is elevated but within limits`,
-    score: effectiveScore,
-    multiplier: maxMultiplier,
-    thresholdUsed: effectiveThresholds.requireConfirm,
-  };
-}
-
-module.exports = {
-  DEFAULT_THRESHOLDS,
-  THRESHOLD_PROFILES,
-  loadThresholds,
-  getDecision,
-  mergeDeep,
-};