@vorionsys/atsf-core 0.2.2 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +3 -3
- package/README.md +77 -11
- package/dist/api/server.d.ts +4 -1
- package/dist/api/server.d.ts.map +1 -1
- package/dist/api/server.js +3 -3
- package/dist/api/server.js.map +1 -1
- package/dist/basis/parser.d.ts +14 -14
- package/dist/common/adapters.d.ts +16 -9
- package/dist/common/adapters.d.ts.map +1 -1
- package/dist/common/adapters.js +69 -58
- package/dist/common/adapters.js.map +1 -1
- package/dist/common/config.d.ts +4 -3
- package/dist/common/config.d.ts.map +1 -1
- package/dist/common/config.js +2 -2
- package/dist/common/config.js.map +1 -1
- package/dist/common/types.d.ts +3 -3
- package/dist/crewai/callback.d.ts +91 -0
- package/dist/crewai/callback.d.ts.map +1 -0
- package/dist/crewai/callback.js +271 -0
- package/dist/crewai/callback.js.map +1 -0
- package/dist/crewai/executor.d.ts +226 -0
- package/dist/crewai/executor.d.ts.map +1 -0
- package/dist/crewai/executor.js +822 -0
- package/dist/crewai/executor.js.map +1 -0
- package/dist/crewai/index.d.ts +12 -0
- package/dist/crewai/index.d.ts.map +1 -0
- package/dist/crewai/index.js +12 -0
- package/dist/crewai/index.js.map +1 -0
- package/dist/crewai/tools.d.ts +21 -0
- package/dist/crewai/tools.d.ts.map +1 -0
- package/dist/crewai/tools.js +163 -0
- package/dist/crewai/tools.js.map +1 -0
- package/dist/crewai/types.d.ts +202 -0
- package/dist/crewai/types.d.ts.map +1 -0
- package/dist/crewai/types.js +9 -0
- package/dist/crewai/types.js.map +1 -0
- package/dist/enforce/index.d.ts +50 -2
- package/dist/enforce/index.d.ts.map +1 -1
- package/dist/enforce/index.js +73 -4
- package/dist/enforce/index.js.map +1 -1
- package/dist/enforce/trust-aware-enforcement-service.d.ts +121 -0
- package/dist/enforce/trust-aware-enforcement-service.d.ts.map +1 -0
- package/dist/enforce/trust-aware-enforcement-service.js +583 -0
- package/dist/enforce/trust-aware-enforcement-service.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -0
- package/dist/index.js.map +1 -1
- package/dist/intent/index.d.ts +18 -3
- package/dist/intent/index.d.ts.map +1 -1
- package/dist/intent/index.js +37 -6
- package/dist/intent/index.js.map +1 -1
- package/dist/intent/persistent-intent-service.d.ts +68 -0
- package/dist/intent/persistent-intent-service.d.ts.map +1 -0
- package/dist/intent/persistent-intent-service.js +265 -0
- package/dist/intent/persistent-intent-service.js.map +1 -0
- package/dist/intent/supabase-intent-repository.d.ts +124 -0
- package/dist/intent/supabase-intent-repository.d.ts.map +1 -0
- package/dist/intent/supabase-intent-repository.js +404 -0
- package/dist/intent/supabase-intent-repository.js.map +1 -0
- package/dist/langchain/tools.d.ts.map +1 -1
- package/dist/langchain/tools.js +1 -3
- package/dist/langchain/tools.js.map +1 -1
- package/dist/layers/implementations/L0-request-format.d.ts +37 -0
- package/dist/layers/implementations/L0-request-format.d.ts.map +1 -0
- package/dist/layers/implementations/L0-request-format.js +216 -0
- package/dist/layers/implementations/L0-request-format.js.map +1 -0
- package/dist/layers/implementations/L1-input-size.d.ts +36 -0
- package/dist/layers/implementations/L1-input-size.d.ts.map +1 -0
- package/dist/layers/implementations/L1-input-size.js +150 -0
- package/dist/layers/implementations/L1-input-size.js.map +1 -0
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts +28 -0
- package/dist/layers/implementations/L2-charset-sanitizer.d.ts.map +1 -0
- package/dist/layers/implementations/L2-charset-sanitizer.js +220 -0
- package/dist/layers/implementations/L2-charset-sanitizer.js.map +1 -0
- package/dist/layers/implementations/L3-schema-conformance.d.ts +47 -0
- package/dist/layers/implementations/L3-schema-conformance.d.ts.map +1 -0
- package/dist/layers/implementations/L3-schema-conformance.js +258 -0
- package/dist/layers/implementations/L3-schema-conformance.js.map +1 -0
- package/dist/layers/implementations/L4-injection-detector.d.ts +47 -0
- package/dist/layers/implementations/L4-injection-detector.d.ts.map +1 -0
- package/dist/layers/implementations/L4-injection-detector.js +256 -0
- package/dist/layers/implementations/L4-injection-detector.js.map +1 -0
- package/dist/layers/implementations/L5-rate-limiter.d.ts +51 -0
- package/dist/layers/implementations/L5-rate-limiter.d.ts.map +1 -0
- package/dist/layers/implementations/L5-rate-limiter.js +183 -0
- package/dist/layers/implementations/L5-rate-limiter.js.map +1 -0
- package/dist/layers/implementations/index.d.ts +16 -0
- package/dist/layers/implementations/index.d.ts.map +1 -0
- package/dist/layers/implementations/index.js +16 -0
- package/dist/layers/implementations/index.js.map +1 -0
- package/dist/persistence/sqlite.d.ts.map +1 -1
- package/dist/persistence/sqlite.js +4 -3
- package/dist/persistence/sqlite.js.map +1 -1
- package/dist/persistence/supabase.js +2 -2
- package/dist/persistence/supabase.js.map +1 -1
- package/dist/phase6/ceiling.js +5 -5
- package/dist/phase6/ceiling.js.map +1 -1
- package/dist/phase6/context.js +6 -6
- package/dist/phase6/context.js.map +1 -1
- package/dist/phase6/index.d.ts +1 -1
- package/dist/phase6/index.js +1 -1
- package/dist/phase6/role-gates.js +2 -2
- package/dist/phase6/role-gates.js.map +1 -1
- package/dist/phase6/types.d.ts +31 -30
- package/dist/phase6/types.d.ts.map +1 -1
- package/dist/phase6/types.js +17 -12
- package/dist/phase6/types.js.map +1 -1
- package/dist/phase6/weight-presets/canonical.d.ts +2 -2
- package/dist/phase6/weight-presets/canonical.js +2 -2
- package/dist/phase6/weight-presets/index.d.ts +1 -1
- package/dist/phase6/weight-presets/index.js +1 -1
- package/dist/phase6/weight-presets/merger.d.ts +1 -1
- package/dist/phase6/weight-presets/merger.js +1 -1
- package/dist/proof/merkle.d.ts +21 -0
- package/dist/proof/merkle.d.ts.map +1 -1
- package/dist/proof/merkle.js +92 -7
- package/dist/proof/merkle.js.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts +11 -9
- package/dist/trust-engine/ceiling-enforcement/kernel.d.ts.map +1 -1
- package/dist/trust-engine/ceiling-enforcement/kernel.js +25 -19
- package/dist/trust-engine/ceiling-enforcement/kernel.js.map +1 -1
- package/dist/trust-engine/decay-profiles.d.ts +37 -136
- package/dist/trust-engine/decay-profiles.d.ts.map +1 -1
- package/dist/trust-engine/decay-profiles.js +68 -178
- package/dist/trust-engine/decay-profiles.js.map +1 -1
- package/dist/trust-engine/index.d.ts +96 -63
- package/dist/trust-engine/index.d.ts.map +1 -1
- package/dist/trust-engine/index.js +183 -112
- package/dist/trust-engine/index.js.map +1 -1
- package/dist/trust-engine/phase6-types.d.ts +10 -3
- package/dist/trust-engine/phase6-types.d.ts.map +1 -1
- package/dist/trust-engine/phase6-types.js +19 -13
- package/dist/trust-engine/phase6-types.js.map +1 -1
- package/package.json +5 -4
|
@@ -0,0 +1,220 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* L2 — Character Set Sanitizer
|
|
3
|
+
*
|
|
4
|
+
* Detects and strips dangerous Unicode sequences, invisible control characters,
|
|
5
|
+
* homoglyph attacks, bi-directional override characters, and other encoding-level
|
|
6
|
+
* prompt injection vectors.
|
|
7
|
+
*
|
|
8
|
+
* Tier: input_validation
|
|
9
|
+
* Primary threat: prompt_injection
|
|
10
|
+
*
|
|
11
|
+
* @packageDocumentation
|
|
12
|
+
*/
|
|
13
|
+
import { BaseSecurityLayer, createLayerConfig } from '../index.js';
|
|
14
|
+
/**
|
|
15
|
+
* Unicode categories of dangerous characters
|
|
16
|
+
*/
|
|
17
|
+
const DANGEROUS_PATTERNS = [
|
|
18
|
+
{
|
|
19
|
+
name: 'bidi_override',
|
|
20
|
+
// Bi-directional override characters (used in trojan source attacks)
|
|
21
|
+
pattern: /[\u200E\u200F\u202A-\u202E\u2066-\u2069]/g,
|
|
22
|
+
severity: 'critical',
|
|
23
|
+
description: 'Bi-directional text override characters can disguise malicious content',
|
|
24
|
+
},
|
|
25
|
+
{
|
|
26
|
+
name: 'zero_width',
|
|
27
|
+
// Zero-width characters (invisible text injection)
|
|
28
|
+
pattern: /[\u200B\u200C\u200D\uFEFF]/g,
|
|
29
|
+
severity: 'high',
|
|
30
|
+
description: 'Zero-width characters can hide content from human reviewers',
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
name: 'control_chars',
|
|
34
|
+
// C0/C1 control characters except common whitespace (tab, newline, carriage return)
|
|
35
|
+
pattern: /[\x00-\x08\x0B\x0C\x0E-\x1F\x7F\x80-\x9F]/g,
|
|
36
|
+
severity: 'high',
|
|
37
|
+
description: 'Control characters can corrupt parsing or inject escape sequences',
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
name: 'tag_chars',
|
|
41
|
+
// Unicode tag characters (U+E0001-U+E007F) — used to hide instructions
|
|
42
|
+
pattern: /[\uDB40][\uDC01-\uDC7F]/g,
|
|
43
|
+
severity: 'high',
|
|
44
|
+
description: 'Unicode tag characters can embed hidden instructions',
|
|
45
|
+
},
|
|
46
|
+
{
|
|
47
|
+
name: 'interlinear_annotation',
|
|
48
|
+
// Interlinear annotation characters
|
|
49
|
+
pattern: /[\uFFF9\uFFFA\uFFFB]/g,
|
|
50
|
+
severity: 'medium',
|
|
51
|
+
description: 'Annotation characters can inject hidden metadata',
|
|
52
|
+
},
|
|
53
|
+
{
|
|
54
|
+
name: 'replacement_char',
|
|
55
|
+
// Object replacement character (can mask embedded objects)
|
|
56
|
+
pattern: /\uFFFC/g,
|
|
57
|
+
severity: 'medium',
|
|
58
|
+
description: 'Object replacement character may mask embedded content',
|
|
59
|
+
},
|
|
60
|
+
{
|
|
61
|
+
name: 'variation_selector_abuse',
|
|
62
|
+
// Excessive variation selectors (emoji/glyph variant abuse)
|
|
63
|
+
pattern: /[\uFE00-\uFE0F]{3,}/g,
|
|
64
|
+
severity: 'low',
|
|
65
|
+
description: 'Excessive variation selectors suggest encoding manipulation',
|
|
66
|
+
},
|
|
67
|
+
];
|
|
68
|
+
/**
|
|
69
|
+
* Common homoglyph mappings (confusable characters → ASCII equivalent)
|
|
70
|
+
*/
|
|
71
|
+
const HOMOGLYPH_MAP = {
|
|
72
|
+
'\u0410': 'A', // Cyrillic А → Latin A
|
|
73
|
+
'\u0412': 'B', // Cyrillic В → Latin B
|
|
74
|
+
'\u0421': 'C', // Cyrillic С → Latin C
|
|
75
|
+
'\u0415': 'E', // Cyrillic Е → Latin E
|
|
76
|
+
'\u041D': 'H', // Cyrillic Н → Latin H
|
|
77
|
+
'\u041A': 'K', // Cyrillic К → Latin K
|
|
78
|
+
'\u041C': 'M', // Cyrillic М → Latin M
|
|
79
|
+
'\u041E': 'O', // Cyrillic О → Latin O
|
|
80
|
+
'\u0420': 'P', // Cyrillic Р → Latin P
|
|
81
|
+
'\u0422': 'T', // Cyrillic Т → Latin T
|
|
82
|
+
'\u0425': 'X', // Cyrillic Х → Latin X
|
|
83
|
+
'\u0430': 'a', // Cyrillic а → Latin a
|
|
84
|
+
'\u0435': 'e', // Cyrillic е → Latin e
|
|
85
|
+
'\u043E': 'o', // Cyrillic о → Latin o
|
|
86
|
+
'\u0440': 'p', // Cyrillic р → Latin p
|
|
87
|
+
'\u0441': 'c', // Cyrillic с → Latin c
|
|
88
|
+
'\u0443': 'y', // Cyrillic у → Latin y
|
|
89
|
+
'\u0445': 'x', // Cyrillic х → Latin x
|
|
90
|
+
'\u0456': 'i', // Cyrillic і → Latin i
|
|
91
|
+
'\u0458': 'j', // Cyrillic ј → Latin j
|
|
92
|
+
'\u0455': 's', // Cyrillic ѕ → Latin s
|
|
93
|
+
'\u0501': 'd', // Cyrillic ԁ → Latin d
|
|
94
|
+
};
|
|
95
|
+
/**
|
|
96
|
+
* L2 Character Set Sanitizer
|
|
97
|
+
*
|
|
98
|
+
* Strips dangerous characters and detects homoglyph attacks.
|
|
99
|
+
*/
|
|
100
|
+
export class L2CharsetSanitizer extends BaseSecurityLayer {
|
|
101
|
+
constructor() {
|
|
102
|
+
super(createLayerConfig(2, 'Character Set Sanitizer', {
|
|
103
|
+
description: 'Detects and sanitizes dangerous Unicode sequences, invisible characters, and homoglyph attacks',
|
|
104
|
+
tier: 'input_validation',
|
|
105
|
+
primaryThreat: 'prompt_injection',
|
|
106
|
+
secondaryThreats: ['deceptive_output', 'audit_evasion'],
|
|
107
|
+
failMode: 'block',
|
|
108
|
+
required: true,
|
|
109
|
+
timeoutMs: 300,
|
|
110
|
+
parallelizable: true,
|
|
111
|
+
dependencies: [],
|
|
112
|
+
}));
|
|
113
|
+
}
|
|
114
|
+
async execute(input) {
|
|
115
|
+
const startedAt = new Date().toISOString();
|
|
116
|
+
const t0 = performance.now();
|
|
117
|
+
const findings = [];
|
|
118
|
+
const modifications = [];
|
|
119
|
+
// Walk all string values in the payload
|
|
120
|
+
this.scanObject(input.payload, '', findings, modifications);
|
|
121
|
+
const timing = this.buildTiming(startedAt, t0);
|
|
122
|
+
const hasCritical = findings.some((f) => f.severity === 'critical');
|
|
123
|
+
const hasHigh = findings.some((f) => f.severity === 'high');
|
|
124
|
+
const passed = !hasCritical && !hasHigh;
|
|
125
|
+
if (passed) {
|
|
126
|
+
return this.createSuccessResult('allow', 0.9, findings, modifications, timing);
|
|
127
|
+
}
|
|
128
|
+
return this.createFailureResult(hasCritical ? 'deny' : 'escalate', 0.85, findings, timing);
|
|
129
|
+
}
|
|
130
|
+
scanObject(obj, path, findings, modifications) {
|
|
131
|
+
if (obj === null || obj === undefined)
|
|
132
|
+
return;
|
|
133
|
+
if (typeof obj === 'string') {
|
|
134
|
+
this.scanString(obj, path, findings, modifications);
|
|
135
|
+
return;
|
|
136
|
+
}
|
|
137
|
+
if (Array.isArray(obj)) {
|
|
138
|
+
for (let i = 0; i < obj.length; i++) {
|
|
139
|
+
this.scanObject(obj[i], `${path}[${i}]`, findings, modifications);
|
|
140
|
+
}
|
|
141
|
+
return;
|
|
142
|
+
}
|
|
143
|
+
if (typeof obj === 'object') {
|
|
144
|
+
for (const [key, val] of Object.entries(obj)) {
|
|
145
|
+
// Also scan keys for homoglyphs
|
|
146
|
+
this.scanString(key, `${path ? path + '.' : ''}(key:${key})`, findings, modifications);
|
|
147
|
+
this.scanObject(val, path ? `${path}.${key}` : key, findings, modifications);
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
scanString(value, path, findings, modifications) {
|
|
152
|
+
// 1. Check for dangerous character patterns
|
|
153
|
+
for (const { name, pattern, severity, description } of DANGEROUS_PATTERNS) {
|
|
154
|
+
// Reset regex state
|
|
155
|
+
pattern.lastIndex = 0;
|
|
156
|
+
const matches = value.match(pattern);
|
|
157
|
+
if (matches && matches.length > 0) {
|
|
158
|
+
findings.push({
|
|
159
|
+
type: 'threat_detected',
|
|
160
|
+
severity,
|
|
161
|
+
code: `L2_${name.toUpperCase()}`,
|
|
162
|
+
description: `${description} at '${path}'`,
|
|
163
|
+
evidence: [
|
|
164
|
+
`Found ${matches.length} instance(s)`,
|
|
165
|
+
`Code points: ${matches.slice(0, 5).map((c) => `U+${c.charCodeAt(0).toString(16).toUpperCase().padStart(4, '0')}`).join(', ')}`,
|
|
166
|
+
],
|
|
167
|
+
remediation: `Remove ${name} characters from the input`,
|
|
168
|
+
});
|
|
169
|
+
modifications.push({
|
|
170
|
+
target: path,
|
|
171
|
+
type: 'sanitize',
|
|
172
|
+
originalValue: `[${matches.length} ${name} chars]`,
|
|
173
|
+
newValue: '[stripped]',
|
|
174
|
+
reason: description,
|
|
175
|
+
});
|
|
176
|
+
}
|
|
177
|
+
}
|
|
178
|
+
// 2. Check for mixed-script homoglyph attacks
|
|
179
|
+
const homoglyphs = this.detectHomoglyphs(value);
|
|
180
|
+
if (homoglyphs.length > 0) {
|
|
181
|
+
findings.push({
|
|
182
|
+
type: 'threat_detected',
|
|
183
|
+
severity: 'high',
|
|
184
|
+
code: 'L2_HOMOGLYPH_ATTACK',
|
|
185
|
+
description: `Mixed-script homoglyph characters detected at '${path}'`,
|
|
186
|
+
evidence: homoglyphs.slice(0, 10).map((h) => `'${h.char}' (U+${h.codePoint}) looks like '${h.looksLike}'`),
|
|
187
|
+
remediation: 'Use consistent character scripts (do not mix Cyrillic with Latin)',
|
|
188
|
+
});
|
|
189
|
+
}
|
|
190
|
+
}
|
|
191
|
+
detectHomoglyphs(value) {
|
|
192
|
+
const results = [];
|
|
193
|
+
// Only flag if the string contains a mix of Latin and non-Latin scripts
|
|
194
|
+
const hasLatin = /[a-zA-Z]/.test(value);
|
|
195
|
+
if (!hasLatin)
|
|
196
|
+
return results;
|
|
197
|
+
for (const char of value) {
|
|
198
|
+
const mapped = HOMOGLYPH_MAP[char];
|
|
199
|
+
if (mapped) {
|
|
200
|
+
results.push({
|
|
201
|
+
char,
|
|
202
|
+
codePoint: char.charCodeAt(0).toString(16).toUpperCase().padStart(4, '0'),
|
|
203
|
+
looksLike: mapped,
|
|
204
|
+
});
|
|
205
|
+
}
|
|
206
|
+
}
|
|
207
|
+
return results;
|
|
208
|
+
}
|
|
209
|
+
buildTiming(startedAt, t0) {
|
|
210
|
+
const durationMs = performance.now() - t0;
|
|
211
|
+
return {
|
|
212
|
+
startedAt,
|
|
213
|
+
completedAt: new Date().toISOString(),
|
|
214
|
+
durationMs,
|
|
215
|
+
waitTimeMs: 0,
|
|
216
|
+
processingTimeMs: durationMs,
|
|
217
|
+
};
|
|
218
|
+
}
|
|
219
|
+
}
|
|
220
|
+
//# sourceMappingURL=L2-charset-sanitizer.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"L2-charset-sanitizer.js","sourceRoot":"","sources":["../../../src/layers/implementations/L2-charset-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AASnE;;GAEG;AACH,MAAM,kBAAkB,GAKnB;IACH;QACE,IAAI,EAAE,eAAe;QACrB,qEAAqE;QACrE,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wEAAwE;KACtF;IACD;QACE,IAAI,EAAE,YAAY;QAClB,mDAAmD;QACnD,OAAO,EAAE,6BAA6B;QACtC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6DAA6D;KAC3E;IACD;QACE,IAAI,EAAE,eAAe;QACrB,oFAAoF;QACpF,OAAO,EAAE,4CAA4C;QACrD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mEAAmE;KACjF;IACD;QACE,IAAI,EAAE,WAAW;QACjB,uEAAuE;QACvE,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,sDAAsD;KACpE;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,oCAAoC;QACpC,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,kDAAkD;KAChE;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,2DAA2D;QAC3D,OAAO,EAAE,SAAS;QAClB,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,wDAAwD;KACtE;IACD;QACE,IAAI,EAAE,0BAA0B;QAChC,4DAA4D;QAC5D,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,6DAA6D;KAC3E;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;IACtC,QAAQ,EAAE,GAAG,EAAE,uBAAuB;CACvC,CAAC;AAEF;;;;GAIG;AACH,MAAM,OAAO,kBAAmB,SAAQ,iBAAiB;IACvD;QACE,KAAK,CACH,iBAAiB,CAAC,CAAC,EAAE,yBAAyB,EAAE;YAC9C,WAAW,EAAE,gGAAgG;YAC7G,IAAI,EAAE,kBAAkB;YACxB,aAAa,EAAE,kBAAkB;YACjC,gBAAgB,EAAE,CAAC,kBAAkB,EAAE,eAAe,CAAC;YACvD,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,GAAG;YACd,cAAc,EAAE,IAAI;YACpB,YAAY,EAAE,EAAE;SACjB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAAiB;QAC7B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAmB,EAAE,CAAC;QACpC,MAAM,aAAa,GAAwB,EAAE,CAAC;QAE9C,wCAAwC;QACxC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;QAE5D,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,CAAC,WAAW,IAAI,CAAC,OAAO,CAAC;QAExC,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAC7B,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,EACjC,IAAI,EACJ,QAAQ,EACR,MAAM,CACP,CAAC;IACJ,CAAC;IAEO,UAAU,CAChB,GAAY,EACZ,IAAY,EACZ,QAAwB,EACxB,aAAkC;QAElC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO;QAE9C,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;YACpD,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;YACpE,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAA8B,CAAC,EAAE,CAAC;gBACxE,gCAAgC;gBAChC,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,QAAQ,GAAG,GAAG,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;gBACvF,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC;YAC/E,CAAC;QACH,CAAC;IACH,CAAC;IAEO,UAAU,CAChB,KAAa,EACb,IAAY,EACZ,QAAwB,EACxB,aAAkC;QAElC,4CAA4C;QAC5C,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,IAAI,kBAAkB,EAAE,CAAC;YAC1E,oBAAoB;YACpB,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACrC,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,iBAAiB;oBACvB,QAAQ;oBACR,IAAI,EAAE,MAAM,IAAI,CAAC,WAAW,EAAE,EAAE;oBAChC,WAAW,EAAE,GAAG,WAAW,QAAQ,IAAI,GAAG;oBAC1C,QAAQ,EAAE;wBACR,SAAS,OAAO,CAAC,MAAM,cAAc;wBACrC,gBAAgB,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;qBAChI;oBACD,WAAW,EAAE,UAAU,IAAI,4BAA4B;iBACxD,CAAC,CAAC;gBAEH,aAAa,CAAC,IAAI,CAAC;oBACjB,MAAM,EAAE,IAAI;oBACZ,IAAI,EAAE,UAAU;oBAChB,aAAa,EAAE,IAAI,OAAO,CAAC,MAAM,IAAI,IAAI,SAAS;oBAClD,QAAQ,EAAE,YAAY;oBACtB,MAAM,EAAE,WAAW;iBACpB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAChD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,qBAAqB;gBAC3B,WAAW,EAAE,kDAAkD,IAAI,GAAG;gBACtE,QAAQ,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CACnC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,QAAQ,CAAC,CAAC,SAAS,iBAAiB,CAAC,CAAC,SAAS,GAAG,CACpE;gBACD,WAAW,EAAE,mEAAmE;aACjF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,gBAAgB,CAAC,KAAa;QACpC,MAAM,OAAO,GAAkE,EAAE,CAAC;QAElF,wEAAwE;QACxE,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACxC,IAAI,CAAC,QAAQ;YAAE,OAAO,OAAO,CAAC;QAE9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;YACnC,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI;oBACJ,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC;oBACzE,SAAS,EAAE,MAAM;iBAClB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,WAAW,CAAC,SAAiB,EAAE,EAAU;QAC/C,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS;YACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,UAAU;YACV,UAAU,EAAE,CAAC;YACb,gBAAgB,EAAE,UAAU;SAC7B,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* L3 — Schema Conformance Validator
|
|
3
|
+
*
|
|
4
|
+
* Validates that payload content conforms to expected action schemas.
|
|
5
|
+
* Rejects payloads with unknown actions, invalid field types, and
|
|
6
|
+
* structurally non-conforming data.
|
|
7
|
+
*
|
|
8
|
+
* Tier: input_validation
|
|
9
|
+
* Primary threat: unauthorized_action
|
|
10
|
+
*
|
|
11
|
+
* @packageDocumentation
|
|
12
|
+
*/
|
|
13
|
+
import { BaseSecurityLayer } from '../index.js';
|
|
14
|
+
import type { LayerInput, LayerExecutionResult } from '../types.js';
|
|
15
|
+
/**
|
|
16
|
+
* Schema definition for a known action
|
|
17
|
+
*/
|
|
18
|
+
export interface ActionSchema {
|
|
19
|
+
/** Action name */
|
|
20
|
+
action: string;
|
|
21
|
+
/** Required fields with their expected types */
|
|
22
|
+
required: Record<string, FieldType>;
|
|
23
|
+
/** Optional fields with their expected types */
|
|
24
|
+
optional?: Record<string, FieldType>;
|
|
25
|
+
/** Maximum number of extra fields allowed beyond defined ones */
|
|
26
|
+
maxExtraFields?: number;
|
|
27
|
+
}
|
|
28
|
+
type FieldType = 'string' | 'number' | 'boolean' | 'object' | 'array' | 'string[]' | 'number[]';
|
|
29
|
+
/**
|
|
30
|
+
* L3 Schema Conformance Validator
|
|
31
|
+
*
|
|
32
|
+
* Validates payloads against known action schemas.
|
|
33
|
+
*/
|
|
34
|
+
export declare class L3SchemaConformance extends BaseSecurityLayer {
|
|
35
|
+
private schemas;
|
|
36
|
+
constructor(additionalSchemas?: ActionSchema[]);
|
|
37
|
+
/**
|
|
38
|
+
* Register an additional action schema at runtime
|
|
39
|
+
*/
|
|
40
|
+
registerSchema(schema: ActionSchema): void;
|
|
41
|
+
execute(input: LayerInput): Promise<LayerExecutionResult>;
|
|
42
|
+
private checkType;
|
|
43
|
+
private typeError;
|
|
44
|
+
private buildTiming;
|
|
45
|
+
}
|
|
46
|
+
export {};
|
|
47
|
+
//# sourceMappingURL=L3-schema-conformance.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"L3-schema-conformance.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L3-schema-conformance.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,oBAAoB,EAA6B,MAAM,aAAa,CAAC;AAE/F;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,kBAAkB;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,gDAAgD;IAChD,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACpC,gDAAgD;IAChD,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IACrC,iEAAiE;IACjE,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,KAAK,SAAS,GAAG,QAAQ,GAAG,QAAQ,GAAG,SAAS,GAAG,QAAQ,GAAG,OAAO,GAAG,UAAU,GAAG,UAAU,CAAC;AA4ChG;;;;GAIG;AACH,qBAAa,mBAAoB,SAAQ,iBAAiB;IACxD,OAAO,CAAC,OAAO,CAA4B;gBAE/B,iBAAiB,CAAC,EAAE,YAAY,EAAE;IA0B9C;;OAEG;IACH,cAAc,CAAC,MAAM,EAAE,YAAY,GAAG,IAAI;IAIpC,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,oBAAoB,CAAC;IA2H/D,OAAO,CAAC,SAAS;IAyCjB,OAAO,CAAC,SAAS;IAWjB,OAAO,CAAC,WAAW;CAUpB"}
|
|
@@ -0,0 +1,258 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* L3 — Schema Conformance Validator
|
|
3
|
+
*
|
|
4
|
+
* Validates that payload content conforms to expected action schemas.
|
|
5
|
+
* Rejects payloads with unknown actions, invalid field types, and
|
|
6
|
+
* structurally non-conforming data.
|
|
7
|
+
*
|
|
8
|
+
* Tier: input_validation
|
|
9
|
+
* Primary threat: unauthorized_action
|
|
10
|
+
*
|
|
11
|
+
* @packageDocumentation
|
|
12
|
+
*/
|
|
13
|
+
import { BaseSecurityLayer, createLayerConfig } from '../index.js';
|
|
14
|
+
/**
|
|
15
|
+
* Built-in action schemas for the ATSF governance pipeline
|
|
16
|
+
*/
|
|
17
|
+
const KNOWN_ACTION_SCHEMAS = [
|
|
18
|
+
{
|
|
19
|
+
action: 'query',
|
|
20
|
+
required: { content: 'string' },
|
|
21
|
+
optional: { context: 'object', model: 'string', temperature: 'number', maxTokens: 'number' },
|
|
22
|
+
maxExtraFields: 10,
|
|
23
|
+
},
|
|
24
|
+
{
|
|
25
|
+
action: 'execute',
|
|
26
|
+
required: { content: 'string', target: 'string' },
|
|
27
|
+
optional: { args: 'object', timeout: 'number', dryRun: 'boolean' },
|
|
28
|
+
maxExtraFields: 5,
|
|
29
|
+
},
|
|
30
|
+
{
|
|
31
|
+
action: 'read',
|
|
32
|
+
required: { content: 'string', resource: 'string' },
|
|
33
|
+
optional: { format: 'string', limit: 'number', offset: 'number' },
|
|
34
|
+
maxExtraFields: 5,
|
|
35
|
+
},
|
|
36
|
+
{
|
|
37
|
+
action: 'write',
|
|
38
|
+
required: { content: 'string', resource: 'string', data: 'object' },
|
|
39
|
+
optional: { overwrite: 'boolean', format: 'string' },
|
|
40
|
+
maxExtraFields: 5,
|
|
41
|
+
},
|
|
42
|
+
{
|
|
43
|
+
action: 'delete',
|
|
44
|
+
required: { content: 'string', resource: 'string' },
|
|
45
|
+
optional: { recursive: 'boolean', force: 'boolean' },
|
|
46
|
+
maxExtraFields: 3,
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
action: 'communicate',
|
|
50
|
+
required: { content: 'string', recipient: 'string' },
|
|
51
|
+
optional: { channel: 'string', priority: 'string', metadata: 'object' },
|
|
52
|
+
maxExtraFields: 5,
|
|
53
|
+
},
|
|
54
|
+
];
|
|
55
|
+
/**
|
|
56
|
+
* L3 Schema Conformance Validator
|
|
57
|
+
*
|
|
58
|
+
* Validates payloads against known action schemas.
|
|
59
|
+
*/
|
|
60
|
+
export class L3SchemaConformance extends BaseSecurityLayer {
|
|
61
|
+
schemas;
|
|
62
|
+
constructor(additionalSchemas) {
|
|
63
|
+
super(createLayerConfig(3, 'Schema Conformance', {
|
|
64
|
+
description: 'Validates payload action and fields against known schemas',
|
|
65
|
+
tier: 'input_validation',
|
|
66
|
+
primaryThreat: 'unauthorized_action',
|
|
67
|
+
secondaryThreats: ['capability_abuse', 'prompt_injection'],
|
|
68
|
+
failMode: 'block',
|
|
69
|
+
required: true,
|
|
70
|
+
timeoutMs: 200,
|
|
71
|
+
parallelizable: true,
|
|
72
|
+
dependencies: [0], // Depends on L0 passing first
|
|
73
|
+
}));
|
|
74
|
+
this.schemas = new Map();
|
|
75
|
+
for (const schema of KNOWN_ACTION_SCHEMAS) {
|
|
76
|
+
this.schemas.set(schema.action, schema);
|
|
77
|
+
}
|
|
78
|
+
if (additionalSchemas) {
|
|
79
|
+
for (const schema of additionalSchemas) {
|
|
80
|
+
this.schemas.set(schema.action, schema);
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Register an additional action schema at runtime
|
|
86
|
+
*/
|
|
87
|
+
registerSchema(schema) {
|
|
88
|
+
this.schemas.set(schema.action, schema);
|
|
89
|
+
}
|
|
90
|
+
async execute(input) {
|
|
91
|
+
const startedAt = new Date().toISOString();
|
|
92
|
+
const t0 = performance.now();
|
|
93
|
+
const findings = [];
|
|
94
|
+
const payload = input.payload;
|
|
95
|
+
// 1. Check that action field exists
|
|
96
|
+
const action = payload['action'];
|
|
97
|
+
if (action === undefined || action === null) {
|
|
98
|
+
findings.push({
|
|
99
|
+
type: 'threat_detected',
|
|
100
|
+
severity: 'high',
|
|
101
|
+
code: 'L3_MISSING_ACTION',
|
|
102
|
+
description: 'Payload has no "action" field — cannot determine request type',
|
|
103
|
+
evidence: ['payload.action is undefined'],
|
|
104
|
+
remediation: 'Include an "action" field in the payload (e.g., "query", "execute", "read")',
|
|
105
|
+
});
|
|
106
|
+
const timing = this.buildTiming(startedAt, t0);
|
|
107
|
+
return this.createFailureResult('deny', 0.9, findings, timing);
|
|
108
|
+
}
|
|
109
|
+
if (typeof action !== 'string') {
|
|
110
|
+
findings.push({
|
|
111
|
+
type: 'threat_detected',
|
|
112
|
+
severity: 'high',
|
|
113
|
+
code: 'L3_INVALID_ACTION_TYPE',
|
|
114
|
+
description: `Action field must be a string, got ${typeof action}`,
|
|
115
|
+
evidence: [`typeof action = ${typeof action}`],
|
|
116
|
+
remediation: 'Provide action as a string value',
|
|
117
|
+
});
|
|
118
|
+
const timing = this.buildTiming(startedAt, t0);
|
|
119
|
+
return this.createFailureResult('deny', 0.9, findings, timing);
|
|
120
|
+
}
|
|
121
|
+
// 2. Look up schema for this action
|
|
122
|
+
const schema = this.schemas.get(action);
|
|
123
|
+
if (!schema) {
|
|
124
|
+
findings.push({
|
|
125
|
+
type: 'threat_detected',
|
|
126
|
+
severity: 'medium',
|
|
127
|
+
code: 'L3_UNKNOWN_ACTION',
|
|
128
|
+
description: `Unknown action '${action}' — not in registered schemas`,
|
|
129
|
+
evidence: [
|
|
130
|
+
`action=${action}`,
|
|
131
|
+
`known actions: ${Array.from(this.schemas.keys()).join(', ')}`,
|
|
132
|
+
],
|
|
133
|
+
remediation: `Use a known action: ${Array.from(this.schemas.keys()).join(', ')}`,
|
|
134
|
+
});
|
|
135
|
+
const timing = this.buildTiming(startedAt, t0);
|
|
136
|
+
// Unknown actions are escalated, not denied — allows extension
|
|
137
|
+
return this.createFailureResult('escalate', 0.7, findings, timing);
|
|
138
|
+
}
|
|
139
|
+
// 3. Check required fields
|
|
140
|
+
for (const [field, expectedType] of Object.entries(schema.required)) {
|
|
141
|
+
const value = payload[field];
|
|
142
|
+
if (value === undefined || value === null) {
|
|
143
|
+
findings.push({
|
|
144
|
+
type: 'threat_detected',
|
|
145
|
+
severity: 'high',
|
|
146
|
+
code: 'L3_MISSING_REQUIRED_FIELD',
|
|
147
|
+
description: `Required field '${field}' missing for action '${action}'`,
|
|
148
|
+
evidence: [`field=${field}, action=${action}`],
|
|
149
|
+
remediation: `Include required field '${field}' (type: ${expectedType})`,
|
|
150
|
+
});
|
|
151
|
+
continue;
|
|
152
|
+
}
|
|
153
|
+
// Type check
|
|
154
|
+
const typeError = this.checkType(value, expectedType, field);
|
|
155
|
+
if (typeError) {
|
|
156
|
+
findings.push(typeError);
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
// 4. Check optional fields (if present, must match type)
|
|
160
|
+
if (schema.optional) {
|
|
161
|
+
for (const [field, expectedType] of Object.entries(schema.optional)) {
|
|
162
|
+
const value = payload[field];
|
|
163
|
+
if (value === undefined || value === null)
|
|
164
|
+
continue;
|
|
165
|
+
const typeError = this.checkType(value, expectedType, field);
|
|
166
|
+
if (typeError) {
|
|
167
|
+
findings.push(typeError);
|
|
168
|
+
}
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
// 5. Check for unexpected extra fields
|
|
172
|
+
const allKnownFields = new Set([
|
|
173
|
+
'action',
|
|
174
|
+
...Object.keys(schema.required),
|
|
175
|
+
...Object.keys(schema.optional ?? {}),
|
|
176
|
+
]);
|
|
177
|
+
const extraFields = Object.keys(payload).filter((k) => !allKnownFields.has(k));
|
|
178
|
+
const maxExtra = schema.maxExtraFields ?? 10;
|
|
179
|
+
if (extraFields.length > maxExtra) {
|
|
180
|
+
findings.push({
|
|
181
|
+
type: 'warning',
|
|
182
|
+
severity: 'medium',
|
|
183
|
+
code: 'L3_EXCESS_EXTRA_FIELDS',
|
|
184
|
+
description: `${extraFields.length} extra fields exceed maximum ${maxExtra} for action '${action}'`,
|
|
185
|
+
evidence: [`extra fields: ${extraFields.slice(0, 10).join(', ')}${extraFields.length > 10 ? '...' : ''}`],
|
|
186
|
+
remediation: `Reduce extra fields to at most ${maxExtra}`,
|
|
187
|
+
});
|
|
188
|
+
}
|
|
189
|
+
const timing = this.buildTiming(startedAt, t0);
|
|
190
|
+
const hasHigh = findings.some((f) => f.severity === 'high' || f.severity === 'critical');
|
|
191
|
+
const passed = !hasHigh;
|
|
192
|
+
if (passed) {
|
|
193
|
+
return this.createSuccessResult('allow', 0.9, findings, [], timing);
|
|
194
|
+
}
|
|
195
|
+
return this.createFailureResult('deny', 0.85, findings, timing);
|
|
196
|
+
}
|
|
197
|
+
checkType(value, expectedType, field) {
|
|
198
|
+
switch (expectedType) {
|
|
199
|
+
case 'string':
|
|
200
|
+
if (typeof value !== 'string') {
|
|
201
|
+
return this.typeError(field, expectedType, typeof value);
|
|
202
|
+
}
|
|
203
|
+
break;
|
|
204
|
+
case 'number':
|
|
205
|
+
if (typeof value !== 'number' || !Number.isFinite(value)) {
|
|
206
|
+
return this.typeError(field, expectedType, typeof value);
|
|
207
|
+
}
|
|
208
|
+
break;
|
|
209
|
+
case 'boolean':
|
|
210
|
+
if (typeof value !== 'boolean') {
|
|
211
|
+
return this.typeError(field, expectedType, typeof value);
|
|
212
|
+
}
|
|
213
|
+
break;
|
|
214
|
+
case 'object':
|
|
215
|
+
if (typeof value !== 'object' || Array.isArray(value)) {
|
|
216
|
+
return this.typeError(field, expectedType, Array.isArray(value) ? 'array' : typeof value);
|
|
217
|
+
}
|
|
218
|
+
break;
|
|
219
|
+
case 'array':
|
|
220
|
+
if (!Array.isArray(value)) {
|
|
221
|
+
return this.typeError(field, expectedType, typeof value);
|
|
222
|
+
}
|
|
223
|
+
break;
|
|
224
|
+
case 'string[]':
|
|
225
|
+
if (!Array.isArray(value) || !value.every((v) => typeof v === 'string')) {
|
|
226
|
+
return this.typeError(field, expectedType, Array.isArray(value) ? 'mixed array' : typeof value);
|
|
227
|
+
}
|
|
228
|
+
break;
|
|
229
|
+
case 'number[]':
|
|
230
|
+
if (!Array.isArray(value) || !value.every((v) => typeof v === 'number')) {
|
|
231
|
+
return this.typeError(field, expectedType, Array.isArray(value) ? 'mixed array' : typeof value);
|
|
232
|
+
}
|
|
233
|
+
break;
|
|
234
|
+
}
|
|
235
|
+
return null;
|
|
236
|
+
}
|
|
237
|
+
typeError(field, expected, actual) {
|
|
238
|
+
return {
|
|
239
|
+
type: 'threat_detected',
|
|
240
|
+
severity: 'high',
|
|
241
|
+
code: 'L3_TYPE_MISMATCH',
|
|
242
|
+
description: `Field '${field}' expected type '${expected}', got '${actual}'`,
|
|
243
|
+
evidence: [`field=${field}, expected=${expected}, actual=${actual}`],
|
|
244
|
+
remediation: `Provide '${field}' as type '${expected}'`,
|
|
245
|
+
};
|
|
246
|
+
}
|
|
247
|
+
buildTiming(startedAt, t0) {
|
|
248
|
+
const durationMs = performance.now() - t0;
|
|
249
|
+
return {
|
|
250
|
+
startedAt,
|
|
251
|
+
completedAt: new Date().toISOString(),
|
|
252
|
+
durationMs,
|
|
253
|
+
waitTimeMs: 0,
|
|
254
|
+
processingTimeMs: durationMs,
|
|
255
|
+
};
|
|
256
|
+
}
|
|
257
|
+
}
|
|
258
|
+
//# sourceMappingURL=L3-schema-conformance.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"L3-schema-conformance.js","sourceRoot":"","sources":["../../../src/layers/implementations/L3-schema-conformance.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAmBnE;;GAEG;AACH,MAAM,oBAAoB,GAAmB;IAC3C;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE;QAC/B,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE;QAC5F,cAAc,EAAE,EAAE;KACnB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE;QACjD,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE;QAClE,cAAc,EAAE,CAAC;KAClB;IACD;QACE,MAAM,EAAE,MAAM;QACd,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE;QACnD,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE;QACjE,cAAc,EAAE,CAAC;KAClB;IACD;QACE,MAAM,EAAE,OAAO;QACf,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE;QACnE,QAAQ,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE;QACpD,cAAc,EAAE,CAAC;KAClB;IACD;QACE,MAAM,EAAE,QAAQ;QAChB,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE;QACnD,QAAQ,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE;QACpD,cAAc,EAAE,CAAC;KAClB;IACD;QACE,MAAM,EAAE,aAAa;QACrB,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE;QACpD,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE;QACvE,cAAc,EAAE,CAAC;KAClB;CACF,CAAC;AAEF;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,iBAAiB;IAChD,OAAO,CAA4B;IAE3C,YAAY,iBAAkC;QAC5C,KAAK,CACH,iBAAiB,CAAC,CAAC,EAAE,oBAAoB,EAAE;YACzC,WAAW,EAAE,2DAA2D;YACxE,IAAI,EAAE,kBAAkB;YACxB,aAAa,EAAE,qBAAqB;YACpC,gBAAgB,EAAE,CAAC,kBAAkB,EAAE,kBAAkB,CAAC;YAC1D,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,GAAG;YACd,cAAc,EAAE,IAAI;YACpB,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,8BAA8B;SAClD,CAAC,CACH,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,GAAG,EAAE,CAAC;QACzB,KAAK,MAAM,MAAM,IAAI,oBAAoB,EAAE,CAAC;YAC1C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC1C,CAAC;QACD,IAAI,iBAAiB,EAAE,CAAC;YACtB,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;gBACvC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,MAAoB;QACjC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAAiB;QAC7B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAmB,EAAE,CAAC;QAEpC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAE9B,oCAAoC;QACpC,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,IAAI,MAAM,KAAK,SAAS,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YAC5C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE,+DAA+D;gBAC5E,QAAQ,EAAE,CAAC,6BAA6B,CAAC;gBACzC,WAAW,EAAE,6EAA6E;aAC3F,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,wBAAwB;gBAC9B,WAAW,EAAE,sCAAsC,OAAO,MAAM,EAAE;gBAClE,QAAQ,EAAE,CAAC,mBAAmB,OAAO,MAAM,EAAE,CAAC;gBAC9C,WAAW,EAAE,kCAAkC;aAChD,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAC/C,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QACjE,CAAC;QAED,oCAAoC;QACpC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACxC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE,mBAAmB,MAAM,+BAA+B;gBACrE,QAAQ,EAAE;oBACR,UAAU,MAAM,EAAE;oBAClB,kBAAkB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;iBAC/D;gBACD,WAAW,EAAE,uBAAuB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aACjF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;YAC/C,+DAA+D;YAC/D,OAAO,IAAI,CAAC,mBAAmB,CAAC,UAAU,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrE,CAAC;QAED,2BAA2B;QAC3B,KAAK,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACpE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;YAC7B,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBAC1C,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,MAAM;oBAChB,IAAI,EAAE,2BAA2B;oBACjC,WAAW,EAAE,mBAAmB,KAAK,yBAAyB,MAAM,GAAG;oBACvE,QAAQ,EAAE,CAAC,SAAS,KAAK,YAAY,MAAM,EAAE,CAAC;oBAC9C,WAAW,EAAE,2BAA2B,KAAK,YAAY,YAAY,GAAG;iBACzE,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;YAED,aAAa;YACb,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;YAC7D,IAAI,SAAS,EAAE,CAAC;gBACd,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,yDAAyD;QACzD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,KAAK,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACpE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;gBAC7B,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI;oBAAE,SAAS;gBAEpD,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;gBAC7D,IAAI,SAAS,EAAE,CAAC;oBACd,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;YAC7B,QAAQ;YACR,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;YAC/B,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;SACtC,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/E,MAAM,QAAQ,GAAG,MAAM,CAAC,cAAc,IAAI,EAAE,CAAC;QAE7C,IAAI,WAAW,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;YAClC,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,wBAAwB;gBAC9B,WAAW,EAAE,GAAG,WAAW,CAAC,MAAM,gCAAgC,QAAQ,gBAAgB,MAAM,GAAG;gBACnG,QAAQ,EAAE,CAAC,iBAAiB,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;gBACzG,WAAW,EAAE,kCAAkC,QAAQ,EAAE;aAC1D,CAAC,CAAC;QACL,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACzF,MAAM,MAAM,GAAG,CAAC,OAAO,CAAC;QAExB,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;QACtE,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IAClE,CAAC;IAEO,SAAS,CAAC,KAAc,EAAE,YAAuB,EAAE,KAAa;QACtE,QAAQ,YAAY,EAAE,CAAC;YACrB,KAAK,QAAQ;gBACX,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;oBAC9B,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,KAAK,CAAC,CAAC;gBAC3D,CAAC;gBACD,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBACzD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,KAAK,CAAC,CAAC;gBAC3D,CAAC;gBACD,MAAM;YACR,KAAK,SAAS;gBACZ,IAAI,OAAO,KAAK,KAAK,SAAS,EAAE,CAAC;oBAC/B,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,KAAK,CAAC,CAAC;gBAC3D,CAAC;gBACD,MAAM;YACR,KAAK,QAAQ;gBACX,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBACtD,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC;gBAC5F,CAAC;gBACD,MAAM;YACR,KAAK,OAAO;gBACV,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC1B,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,KAAK,CAAC,CAAC;gBAC3D,CAAC;gBACD,MAAM;YACR,KAAK,UAAU;gBACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;oBACxE,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC;gBAClG,CAAC;gBACD,MAAM;YACR,KAAK,UAAU;gBACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;oBACxE,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC;gBAClG,CAAC;gBACD,MAAM;QACV,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,SAAS,CAAC,KAAa,EAAE,QAAgB,EAAE,MAAc;QAC/D,OAAO;YACL,IAAI,EAAE,iBAAiB;YACvB,QAAQ,EAAE,MAAM;YAChB,IAAI,EAAE,kBAAkB;YACxB,WAAW,EAAE,UAAU,KAAK,oBAAoB,QAAQ,WAAW,MAAM,GAAG;YAC5E,QAAQ,EAAE,CAAC,SAAS,KAAK,cAAc,QAAQ,YAAY,MAAM,EAAE,CAAC;YACpE,WAAW,EAAE,YAAY,KAAK,cAAc,QAAQ,GAAG;SACxD,CAAC;IACJ,CAAC;IAEO,WAAW,CAAC,SAAiB,EAAE,EAAU;QAC/C,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS;YACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,UAAU;YACV,UAAU,EAAE,CAAC;YACb,gBAAgB,EAAE,UAAU;SAC7B,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* L4 — Injection Pattern Detector
|
|
3
|
+
*
|
|
4
|
+
* Detects prompt injection, jailbreak attempts, and instruction override
|
|
5
|
+
* patterns in request content. Uses a multi-strategy approach combining
|
|
6
|
+
* keyword matching, structural analysis, and semantic heuristics.
|
|
7
|
+
*
|
|
8
|
+
* Tier: input_validation
|
|
9
|
+
* Primary threat: prompt_injection
|
|
10
|
+
*
|
|
11
|
+
* @packageDocumentation
|
|
12
|
+
*/
|
|
13
|
+
import { BaseSecurityLayer } from '../index.js';
|
|
14
|
+
import type { LayerInput, LayerExecutionResult } from '../types.js';
|
|
15
|
+
/**
|
|
16
|
+
* Injection pattern definition
|
|
17
|
+
*/
|
|
18
|
+
interface InjectionPattern {
|
|
19
|
+
name: string;
|
|
20
|
+
pattern: RegExp;
|
|
21
|
+
severity: 'medium' | 'high' | 'critical';
|
|
22
|
+
category: 'instruction_override' | 'role_hijack' | 'context_escape' | 'encoding_attack' | 'social_engineering';
|
|
23
|
+
description: string;
|
|
24
|
+
}
|
|
25
|
+
/**
|
|
26
|
+
* L4 Injection Pattern Detector
|
|
27
|
+
*
|
|
28
|
+
* Multi-strategy prompt injection detection.
|
|
29
|
+
*/
|
|
30
|
+
export declare class L4InjectionDetector extends BaseSecurityLayer {
|
|
31
|
+
private patterns;
|
|
32
|
+
constructor(additionalPatterns?: InjectionPattern[]);
|
|
33
|
+
execute(input: LayerInput): Promise<LayerExecutionResult>;
|
|
34
|
+
/**
|
|
35
|
+
* Extract all string values from an object, with their paths.
|
|
36
|
+
*/
|
|
37
|
+
private extractStrings;
|
|
38
|
+
/**
|
|
39
|
+
* Measure what fraction of words in the text are imperative/instruction-like.
|
|
40
|
+
* Returns 0-1 density.
|
|
41
|
+
*/
|
|
42
|
+
private measureInstructionDensity;
|
|
43
|
+
private truncate;
|
|
44
|
+
private buildTiming;
|
|
45
|
+
}
|
|
46
|
+
export {};
|
|
47
|
+
//# sourceMappingURL=L4-injection-detector.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"L4-injection-detector.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L4-injection-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EACV,UAAU,EACV,oBAAoB,EAGrB,MAAM,aAAa,CAAC;AAErB;;GAEG;AACH,UAAU,gBAAgB;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACzC,QAAQ,EAAE,sBAAsB,GAAG,aAAa,GAAG,gBAAgB,GAAG,iBAAiB,GAAG,oBAAoB,CAAC;IAC/G,WAAW,EAAE,MAAM,CAAC;CACrB;AA6HD;;;;GAIG;AACH,qBAAa,mBAAoB,SAAQ,iBAAiB;IACxD,OAAO,CAAC,QAAQ,CAAqB;gBAEzB,kBAAkB,CAAC,EAAE,gBAAgB,EAAE;IAiB7C,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAuE/D;;OAEG;IACH,OAAO,CAAC,cAAc;IA8BtB;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IAUjC,OAAO,CAAC,QAAQ;IAIhB,OAAO,CAAC,WAAW;CAUpB"}
|