@vorionsys/atsf-core 0.2.2 → 0.2.4

package/dist/layers/implementations/L4-injection-detector.js

@@ -0,0 +1,256 @@
+/**
+ * L4 — Injection Pattern Detector
+ *
+ * Detects prompt injection, jailbreak attempts, and instruction override
+ * patterns in request content. Uses a multi-strategy approach combining
+ * keyword matching, structural analysis, and semantic heuristics.
+ *
+ * Tier: input_validation
+ * Primary threat: prompt_injection
+ *
+ * @packageDocumentation
+ */
+import { BaseSecurityLayer, createLayerConfig } from '../index.js';
+/**
+ * Curated injection patterns — real detection logic, not pass-through.
+ *
+ * These patterns are based on documented prompt injection techniques
+ * from OWASP LLM Top 10, academic research, and red-team exercises.
+ */
+const INJECTION_PATTERNS = [
+    // === Instruction Override ===
+    {
+        name: 'ignore_previous',
+        pattern: /\b(ignore|disregard|forget|override|bypass)\s+(all\s+)?(previous|prior|above|earlier|original|system)\s+(instructions?|prompts?|rules?|guidelines?|constraints?|directives?)/i,
+        severity: 'critical',
+        category: 'instruction_override',
+        description: 'Attempt to override system instructions',
+    },
+    {
+        name: 'new_instructions',
+        pattern: /\b(new|updated|real|actual|true|correct)\s+(instructions?|rules?|system\s+prompt|directives?)\s*[:=]/i,
+        severity: 'critical',
+        category: 'instruction_override',
+        description: 'Attempt to inject new system instructions',
+    },
+    {
+        name: 'system_prompt_leak',
+        pattern: /\b(print|show|display|output|reveal|repeat|echo|write)\s+(\w+\s+)*(your|the|my|system)?\s*(system\s+)?(prompt|instructions?|rules?|initial\s+message)/i,
+        severity: 'high',
+        category: 'instruction_override',
+        description: 'Attempt to extract system prompt',
+    },
+    {
+        name: 'do_anything_now',
+        pattern: /\bD\.?A\.?N\.?\b|\bdo\s+anything\s+now\b/i,
+        severity: 'critical',
+        category: 'instruction_override',
+        description: 'DAN (Do Anything Now) jailbreak attempt',
+    },
+    // === Role Hijacking ===
+    {
+        name: 'role_play_override',
+        pattern: /\b(you\s+are|act\s+as|pretend\s+(to\s+be|you[''\u2019]?re)|roleplay\s+as|impersonate|become)\s+(an?\s+)?(unrestricted|unfiltered|uncensored|evil|hacker|developer\s+mode)/i,
+        severity: 'critical',
+        category: 'role_hijack',
+        description: 'Attempt to hijack AI role to unrestricted mode',
+    },
+    {
+        name: 'developer_mode',
+        pattern: /\b(developer|debug|admin|root|god|sudo|maintenance)\s+(mode|access|override|privileges?)\b/i,
+        severity: 'high',
+        category: 'role_hijack',
+        description: 'Attempt to activate elevated mode',
+    },
+    {
+        name: 'jailbreak_prefix',
+        pattern: /\b(jailbreak|unlock|unchain|liberate|free\s+yourself|break\s+free|remove\s+(your\s+)?restrictions?)\b/i,
+        severity: 'critical',
+        category: 'role_hijack',
+        description: 'Explicit jailbreak attempt',
+    },
+    // === Context Escape ===
+    {
+        name: 'markdown_injection',
+        pattern: /!\[.*?\]\(.*?(?:javascript|data|vbscript):/i,
+        severity: 'high',
+        category: 'context_escape',
+        description: 'Markdown image injection with script URI',
+    },
+    {
+        name: 'delimiter_injection',
+        pattern: /(?:---+|===+|```|<\/?system>|<\/?user>|<\/?assistant>|\[INST\]|\[\/INST\]|<<SYS>>|<\/SYS>>)\s*(system|instructions?|prompt)/i,
+        severity: 'critical',
+        category: 'context_escape',
+        description: 'Delimiter injection to escape conversation context',
+    },
+    {
+        name: 'xml_tag_injection',
+        pattern: /<\s*(system|instructions?|prompt|context|rules?|config)\s*>/i,
+        severity: 'high',
+        category: 'context_escape',
+        description: 'XML-style tag injection for context manipulation',
+    },
+    // === Encoding Attacks ===
+    {
+        name: 'base64_instruction',
+        pattern: /(?:base64|decode|atob|btoa)\s*[\(:]\s*['"]?[A-Za-z0-9+/=]{20,}/i,
+        severity: 'high',
+        category: 'encoding_attack',
+        description: 'Base64-encoded content that may hide injection payloads',
+    },
+    {
+        name: 'unicode_escape',
+        pattern: /\\u[0-9a-fA-F]{4}(?:\\u[0-9a-fA-F]{4}){3,}/g,
+        severity: 'medium',
+        category: 'encoding_attack',
+        description: 'Excessive Unicode escape sequences may hide malicious content',
+    },
+    {
+        name: 'hex_encoded',
+        pattern: /\\x[0-9a-fA-F]{2}(?:\\x[0-9a-fA-F]{2}){5,}/g,
+        severity: 'medium',
+        category: 'encoding_attack',
+        description: 'Hex-encoded content that may bypass text filters',
+    },
+    // === Social Engineering ===
+    {
+        name: 'urgency_pressure',
+        pattern: /\b(urgent|emergency|critical|immediately|right\s+now|without\s+delay|life\s+or\s+death|time\s+sensitive)\b.*\b(bypass|skip|ignore|override|disable)\s+(\w+\s+)*(safety|security|check|filter|restriction|guardrail)/i,
+        severity: 'high',
+        category: 'social_engineering',
+        description: 'Social engineering via urgency to bypass safety measures',
+    },
+    {
+        name: 'authority_claim',
+        pattern: /\b(I\s+am|this\s+is)\s+(the\s+)?(CEO|admin|administrator|developer|engineer|owner|creator|OpenAI|Anthropic|Google)\b.*\b(authorize|grant|allow|permit|override)/i,
+        severity: 'high',
+        category: 'social_engineering',
+        description: 'False authority claim to override restrictions',
+    },
+];
+/**
+ * L4 Injection Pattern Detector
+ *
+ * Multi-strategy prompt injection detection.
+ */
+export class L4InjectionDetector extends BaseSecurityLayer {
+    patterns;
+    constructor(additionalPatterns) {
+        super(createLayerConfig(4, 'Injection Pattern Detector', {
+            description: 'Detects prompt injection, jailbreak, and instruction override attacks via pattern matching and heuristics',
+            tier: 'input_validation',
+            primaryThreat: 'prompt_injection',
+            secondaryThreats: ['privilege_escalation', 'unauthorized_action', 'deceptive_output'],
+            failMode: 'block',
+            required: true,
+            timeoutMs: 500,
+            parallelizable: true,
+            dependencies: [],
+        }));
+        this.patterns = [...INJECTION_PATTERNS, ...(additionalPatterns ?? [])];
+    }
+    async execute(input) {
+        const startedAt = new Date().toISOString();
+        const t0 = performance.now();
+        const findings = [];
+        // Extract all string content from payload for scanning
+        const strings = this.extractStrings(input.payload);
+        // Scan each string against all patterns
+        for (const { value, path } of strings) {
+            for (const pattern of this.patterns) {
+                // Reset regex state for global patterns
+                pattern.pattern.lastIndex = 0;
+                const match = pattern.pattern.exec(value);
+                if (match) {
+                    findings.push({
+                        type: 'threat_detected',
+                        severity: pattern.severity,
+                        code: `L4_${pattern.name.toUpperCase()}`,
+                        description: `${pattern.description} at '${path}'`,
+                        evidence: [
+                            `Matched: "${this.truncate(match[0], 100)}"`,
+                            `Category: ${pattern.category}`,
+                            `Position: ${match.index}`,
+                        ],
+                        remediation: `Remove or rephrase the content that triggered ${pattern.name} detection`,
+                    });
+                }
+            }
+            // Additional heuristic: instruction density
+            const instrDensity = this.measureInstructionDensity(value);
+            if (instrDensity > 0.4 && value.length > 50) {
+                findings.push({
+                    type: 'threat_detected',
+                    severity: 'medium',
+                    code: 'L4_HIGH_INSTRUCTION_DENSITY',
+                    description: `High instruction density (${(instrDensity * 100).toFixed(0)}%) detected at '${path}' — text is disproportionately imperative`,
+                    evidence: [
+                        `density=${(instrDensity * 100).toFixed(1)}%`,
+                        `length=${value.length}`,
+                    ],
+                    remediation: 'Rephrase content to be more descriptive and less imperative',
+                });
+            }
+        }
+        const timing = this.buildTiming(startedAt, t0);
+        const hasCritical = findings.some((f) => f.severity === 'critical');
+        const hasHigh = findings.some((f) => f.severity === 'high');
+        const passed = !hasCritical && !hasHigh;
+        if (passed) {
+            return this.createSuccessResult('allow', findings.length === 0 ? 0.95 : 0.7, findings, [], timing);
+        }
+        return this.createFailureResult(hasCritical ? 'deny' : 'escalate', 0.85, findings, timing);
+    }
+    /**
+     * Extract all string values from an object, with their paths.
+     */
+    extractStrings(obj, path = '', results = []) {
+        if (obj === null || obj === undefined)
+            return results;
+        if (typeof obj === 'string') {
+            if (obj.length > 0) {
+                results.push({ value: obj, path });
+            }
+            return results;
+        }
+        if (Array.isArray(obj)) {
+            for (let i = 0; i < obj.length; i++) {
+                this.extractStrings(obj[i], `${path}[${i}]`, results);
+            }
+            return results;
+        }
+        if (typeof obj === 'object') {
+            for (const [key, val] of Object.entries(obj)) {
+                this.extractStrings(val, path ? `${path}.${key}` : key, results);
+            }
+        }
+        return results;
+    }
+    /**
+     * Measure what fraction of words in the text are imperative/instruction-like.
+     * Returns 0-1 density.
+     */
+    measureInstructionDensity(text) {
+        const imperativeWords = /\b(do|don['']?t|must|shall|should|always|never|ensure|make\s+sure|you\s+will|you\s+must|remember\s+to|from\s+now\s+on|henceforth|obey|comply|follow|execute|perform|respond|output|return|answer|reply|generate|produce|write|print|say|tell|give|provide|list|show|explain)\b/gi;
+        const words = text.split(/\s+/).filter((w) => w.length > 0);
+        if (words.length === 0)
+            return 0;
+        const matches = text.match(imperativeWords);
+        return (matches?.length ?? 0) / words.length;
+    }
+    truncate(str, maxLen) {
+        return str.length > maxLen ? str.slice(0, maxLen) + '...' : str;
+    }
+    buildTiming(startedAt, t0) {
+        const durationMs = performance.now() - t0;
+        return {
+            startedAt,
+            completedAt: new Date().toISOString(),
+            durationMs,
+            waitTimeMs: 0,
+            processingTimeMs: durationMs,
+        };
+    }
+}
+//# sourceMappingURL=L4-injection-detector.js.map

package/dist/layers/implementations/L4-injection-detector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"L4-injection-detector.js","sourceRoot":"","sources":["../../../src/layers/implementations/L4-injection-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAmBnE;;;;;GAKG;AACH,MAAM,kBAAkB,GAAuB;IAC7C,+BAA+B;IAC/B;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,+KAA+K;QACxL,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,yCAAyC;KACvD;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,uGAAuG;QAChH,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,2CAA2C;KACzD;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,wJAAwJ;QACjK,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,kCAAkC;KAChD;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,yCAAyC;KACvD;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,4KAA4K;QACrL,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,gDAAgD;KAC9D;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,6FAA6F;QACtG,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,mCAAmC;KACjD;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,wGAAwG;QACjH,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,4BAA4B;KAC1C;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,0CAA0C;KACxD;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,8HAA8H;QACvI,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,oDAAoD;KAClE;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,gBAAgB;QAC1B,WAAW,EAAE,kDAAkD;KAChE;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,iEAAiE;QAC1E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,iBAAiB;QAC3B,WAAW,EAAE,yDAAyD;KACvE;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,iBAAiB;QAC3B,WAAW,EAAE,+DAA+D;KAC7E;IACD;QACE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,iBAAiB;QAC3B,WAAW,EAAE,kDAAkD;KAChE;IAED,6BAA6B;IAC7B;QACE,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,sNAAsN;QAC/N,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,oBAAoB;QAC9B,WAAW,EAAE,0DAA0D;KACxE;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,kKAAkK;QAC3K,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,oBAAoB;QAC9B,WAAW,EAAE,gDAAgD;KAC9D;CACF,CAAC;AAEF;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,iBAAiB;IAChD,QAAQ,CAAqB;IAErC,YAAY,kBAAuC;QACjD,KAAK,CACH,iBAAiB,CAAC,CAAC,EAAE,4BAA4B,EAAE;YACjD,WAAW,EAAE,2GAA2G;YACxH,IAAI,EAAE,kBAAkB;YACxB,aAAa,EAAE,kBAAkB;YACjC,gBAAgB,EAAE,CAAC,sBAAsB,EAAE,qBAAqB,EAAE,kBAAkB,CAAC;YACrF,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,GAAG;YACd,cAAc,EAAE,IAAI;YACpB,YAAY,EAAE,EAAE;SACjB,CAAC,CACH,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,CAAC,GAAG,kBAAkB,EAAE,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAAC,CAAC,CAAC;IACzE,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAAiB;QAC7B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAmB,EAAE,CAAC;QAEpC,uDAAuD;QACvD,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEnD,wCAAwC;QACxC,KAAK,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC;YACtC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACpC,wCAAwC;gBACxC,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBAC9B,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAE1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,IAAI,EAAE,MAAM,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE;wBACxC,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,QAAQ,IAAI,GAAG;wBAClD,QAAQ,EAAE;4BACR,aAAa,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG;4BAC5C,aAAa,OAAO,CAAC,QAAQ,EAAE;4BAC/B,aAAa,KAAK,CAAC,KAAK,EAAE;yBAC3B;wBACD,WAAW,EAAE,iDAAiD,OAAO,CAAC,IAAI,YAAY;qBACvF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,4CAA4C;YAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC;YAC3D,IAAI,YAAY,GAAG,GAAG,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBAC5C,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,QAAQ;oBAClB,IAAI,EAAE,6BAA6B;oBACnC,WAAW,EAAE,6BAA6B,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,IAAI,2CAA2C;oBAC3I,QAAQ,EAAE;wBACR,WAAW,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;wBAC7C,UAAU,KAAK,CAAC,MAAM,EAAE;qBACzB;oBACD,WAAW,EAAE,6DAA6D;iBAC3E,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAC5D,MAAM,MAAM,GAAG,CAAC,WAAW,IAAI,CAAC,OAAO,CAAC;QAExC,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,mBAAmB,CAC7B,OAAO,EACP,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,EAClC,QAAQ,EACR,EAAE,EACF,MAAM,CACP,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAC7B,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,EACjC,IAAI,EACJ,QAAQ,EACR,MAAM,CACP,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,cAAc,CACpB,GAAY,EACZ,IAAI,GAAG,EAAE,EACT,UAAkD,EAAE;QAEpD,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,OAAO,CAAC;QAEtD,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACnB,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;YACxD,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAA8B,CAAC,EAAE,CAAC;gBACxE,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;;OAGG;IACK,yBAAyB,CAAC,IAAY;QAC5C,MAAM,eAAe,GAAG,kRAAkR,CAAC;QAE3S,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC5D,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,CAAC,CAAC;QAEjC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QAC5C,OAAO,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC;IAC/C,CAAC;IAEO,QAAQ,CAAC,GAAW,EAAE,MAAc;QAC1C,OAAO,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC;IAClE,CAAC;IAEO,WAAW,CAAC,SAAiB,EAAE,EAAU;QAC/C,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS;YACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,UAAU;YACV,UAAU,EAAE,CAAC;YACb,gBAAgB,EAAE,UAAU;SAC7B,CAAC;IACJ,CAAC;CACF"}

package/dist/layers/implementations/L5-rate-limiter.d.ts

@@ -0,0 +1,51 @@
+/**
+ * L5 — Rate Limiter
+ *
+ * In-memory sliding window rate limiter that tracks request rates per entity.
+ * Enforces configurable requests-per-window limits and detects burst patterns.
+ *
+ * Tier: input_validation
+ * Primary threat: denial_of_service
+ *
+ * @packageDocumentation
+ */
+import { BaseSecurityLayer } from '../index.js';
+import type { LayerInput, LayerExecutionResult, LayerHealthStatus } from '../types.js';
+/**
+ * Rate limit configuration
+ */
+export interface L5RateLimitConfig {
+    /** Maximum requests per window (default: 100) */
+    maxRequests: number;
+    /** Window duration in milliseconds (default: 60_000 = 1 minute) */
+    windowMs: number;
+    /** Burst threshold — max requests in 1 second (default: 20) */
+    burstThreshold: number;
+    /** Maximum number of entities to track before evicting oldest (default: 10,000) */
+    maxTrackedEntities: number;
+}
+/**
+ * L5 Rate Limiter
+ *
+ * Sliding window rate limiter with burst detection.
+ */
+export declare class L5RateLimiter extends BaseSecurityLayer {
+    private rateLimitConfig;
+    private windows;
+    constructor(config?: Partial<L5RateLimitConfig>);
+    execute(input: LayerInput): Promise<LayerExecutionResult>;
+    /**
+     * Detect if request rate is accelerating.
+     * Compares average inter-request time in first half vs second half.
+     * Returns ratio > 1 if accelerating.
+     */
+    private detectAcceleration;
+    /**
+     * Evict the oldest 10% of tracked entities.
+     */
+    private evictOldest;
+    healthCheck(): Promise<LayerHealthStatus>;
+    reset(): Promise<void>;
+    private buildTiming;
+}
+//# sourceMappingURL=L5-rate-limiter.d.ts.map

package/dist/layers/implementations/L5-rate-limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"L5-rate-limiter.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/L5-rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,iBAAiB,EAAqB,MAAM,aAAa,CAAC;AACnE,OAAO,KAAK,EACV,UAAU,EACV,oBAAoB,EAGpB,iBAAiB,EAClB,MAAM,aAAa,CAAC;AAErB;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,iDAAiD;IACjD,WAAW,EAAE,MAAM,CAAC;IACpB,mEAAmE;IACnE,QAAQ,EAAE,MAAM,CAAC;IACjB,+DAA+D;IAC/D,cAAc,EAAE,MAAM,CAAC;IACvB,mFAAmF;IACnF,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAkBD;;;;GAIG;AACH,qBAAa,aAAc,SAAQ,iBAAiB;IAClD,OAAO,CAAC,eAAe,CAAoB;IAC3C,OAAO,CAAC,OAAO,CAAwC;gBAE3C,MAAM,CAAC,EAAE,OAAO,CAAC,iBAAiB,CAAC;IAiBzC,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,oBAAoB,CAAC;IA4F/D;;;;OAIG;IACH,OAAO,CAAC,kBAAkB;IAwB1B;;OAEG;IACH,OAAO,CAAC,WAAW;IAUJ,WAAW,IAAI,OAAO,CAAC,iBAAiB,CAAC;IAazC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAIrC,OAAO,CAAC,WAAW;CAUpB"}

package/dist/layers/implementations/L5-rate-limiter.js

@@ -0,0 +1,183 @@
+/**
+ * L5 — Rate Limiter
+ *
+ * In-memory sliding window rate limiter that tracks request rates per entity.
+ * Enforces configurable requests-per-window limits and detects burst patterns.
+ *
+ * Tier: input_validation
+ * Primary threat: denial_of_service
+ *
+ * @packageDocumentation
+ */
+import { BaseSecurityLayer, createLayerConfig } from '../index.js';
+const DEFAULT_CONFIG = {
+    maxRequests: 100,
+    windowMs: 60_000,
+    burstThreshold: 20,
+    maxTrackedEntities: 10_000,
+};
+/**
+ * L5 Rate Limiter
+ *
+ * Sliding window rate limiter with burst detection.
+ */
+export class L5RateLimiter extends BaseSecurityLayer {
+    rateLimitConfig;
+    windows = new Map();
+    constructor(config) {
+        super(createLayerConfig(5, 'Rate Limiter', {
+            description: 'Sliding window rate limiter with burst detection per entity',
+            tier: 'input_validation',
+            primaryThreat: 'denial_of_service',
+            secondaryThreats: ['resource_abuse'],
+            failMode: 'block',
+            required: true,
+            timeoutMs: 100,
+            parallelizable: false, // Stateful — must run serially
+            dependencies: [],
+        }));
+        this.rateLimitConfig = { ...DEFAULT_CONFIG, ...config };
+    }
+    async execute(input) {
+        const startedAt = new Date().toISOString();
+        const t0 = performance.now();
+        const now = Date.now();
+        const findings = [];
+        const entityId = input.entityId;
+        // Evict oldest entries if at capacity
+        if (this.windows.size >= this.rateLimitConfig.maxTrackedEntities) {
+            this.evictOldest();
+        }
+        // Get or create the sliding window for this entity
+        let window = this.windows.get(entityId);
+        if (!window) {
+            window = { timestamps: [], totalRequests: 0, firstSeen: now };
+            this.windows.set(entityId, window);
+        }
+        // Slide the window: remove timestamps older than windowMs
+        const cutoff = now - this.rateLimitConfig.windowMs;
+        window.timestamps = window.timestamps.filter((ts) => ts > cutoff);
+        // Record this request
+        window.timestamps.push(now);
+        window.totalRequests++;
+        const requestsInWindow = window.timestamps.length;
+        // 1. Check rate limit
+        if (requestsInWindow > this.rateLimitConfig.maxRequests) {
+            findings.push({
+                type: 'threat_detected',
+                severity: 'high',
+                code: 'L5_RATE_LIMIT_EXCEEDED',
+                description: `Entity '${entityId}' exceeded rate limit: ${requestsInWindow}/${this.rateLimitConfig.maxRequests} requests in ${this.rateLimitConfig.windowMs}ms window`,
+                evidence: [
+                    `requests=${requestsInWindow}`,
+                    `limit=${this.rateLimitConfig.maxRequests}`,
+                    `window=${this.rateLimitConfig.windowMs}ms`,
+                ],
+                remediation: `Reduce request rate to under ${this.rateLimitConfig.maxRequests} per ${this.rateLimitConfig.windowMs / 1000}s`,
+            });
+        }
+        // 2. Check burst (requests in last 1 second)
+        const burstCutoff = now - 1000;
+        const burstCount = window.timestamps.filter((ts) => ts > burstCutoff).length;
+        if (burstCount > this.rateLimitConfig.burstThreshold) {
+            findings.push({
+                type: 'threat_detected',
+                severity: 'high',
+                code: 'L5_BURST_DETECTED',
+                description: `Entity '${entityId}' burst detected: ${burstCount} requests in 1 second (threshold: ${this.rateLimitConfig.burstThreshold})`,
+                evidence: [
+                    `burst=${burstCount}`,
+                    `threshold=${this.rateLimitConfig.burstThreshold}`,
+                ],
+                remediation: `Reduce burst rate to under ${this.rateLimitConfig.burstThreshold} requests per second`,
+            });
+        }
+        // 3. Check for acceleration pattern (requests speeding up)
+        if (window.timestamps.length >= 10) {
+            const acceleration = this.detectAcceleration(window.timestamps);
+            if (acceleration > 2.0) {
+                findings.push({
+                    type: 'warning',
+                    severity: 'medium',
+                    code: 'L5_ACCELERATION_DETECTED',
+                    description: `Entity '${entityId}' request rate accelerating (${acceleration.toFixed(1)}x over window)`,
+                    evidence: [
+                        `acceleration=${acceleration.toFixed(1)}x`,
+                        `totalRequests=${window.totalRequests}`,
+                    ],
+                    remediation: 'Maintain a steady request rate',
+                });
+            }
+        }
+        const timing = this.buildTiming(startedAt, t0);
+        const hasHigh = findings.some((f) => f.severity === 'high' || f.severity === 'critical');
+        const passed = !hasHigh;
+        if (passed) {
+            return this.createSuccessResult('allow', 0.95, findings, [], timing);
+        }
+        return this.createFailureResult('limit', 0.9, findings, timing);
+    }
+    /**
+     * Detect if request rate is accelerating.
+     * Compares average inter-request time in first half vs second half.
+     * Returns ratio > 1 if accelerating.
+     */
+    detectAcceleration(timestamps) {
+        const n = timestamps.length;
+        if (n < 4)
+            return 1.0;
+        const mid = Math.floor(n / 2);
+        // Average gap in first half
+        let firstHalfGaps = 0;
+        for (let i = 1; i < mid; i++) {
+            firstHalfGaps += timestamps[i] - timestamps[i - 1];
+        }
+        const avgFirstGap = firstHalfGaps / (mid - 1);
+        // Average gap in second half
+        let secondHalfGaps = 0;
+        for (let i = mid + 1; i < n; i++) {
+            secondHalfGaps += timestamps[i] - timestamps[i - 1];
+        }
+        const avgSecondGap = secondHalfGaps / (n - mid - 1);
+        if (avgSecondGap === 0)
+            return 10.0; // Effectively instant — maximum acceleration
+        return avgFirstGap / avgSecondGap;
+    }
+    /**
+     * Evict the oldest 10% of tracked entities.
+     */
+    evictOldest() {
+        const entries = Array.from(this.windows.entries());
+        entries.sort((a, b) => a[1].firstSeen - b[1].firstSeen);
+        const evictCount = Math.max(1, Math.floor(entries.length * 0.1));
+        for (let i = 0; i < evictCount; i++) {
+            this.windows.delete(entries[i][0]);
+        }
+    }
+    async healthCheck() {
+        return {
+            healthy: true,
+            lastCheck: new Date().toISOString(),
+            issues: [],
+            metrics: {
+                requestsProcessed: Array.from(this.windows.values()).reduce((sum, w) => sum + w.totalRequests, 0),
+                averageLatencyMs: 0,
+                errorRate: 0,
+            },
+        };
+    }
+    async reset() {
+        this.windows.clear();
+    }
+    buildTiming(startedAt, t0) {
+        const durationMs = performance.now() - t0;
+        return {
+            startedAt,
+            completedAt: new Date().toISOString(),
+            durationMs,
+            waitTimeMs: 0,
+            processingTimeMs: durationMs,
+        };
+    }
+}
+//# sourceMappingURL=L5-rate-limiter.js.map

package/dist/layers/implementations/L5-rate-limiter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"L5-rate-limiter.js","sourceRoot":"","sources":["../../../src/layers/implementations/L5-rate-limiter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAuBnE,MAAM,cAAc,GAAsB;IACxC,WAAW,EAAE,GAAG;IAChB,QAAQ,EAAE,MAAM;IAChB,cAAc,EAAE,EAAE;IAClB,kBAAkB,EAAE,MAAM;CAC3B,CAAC;AAWF;;;;GAIG;AACH,MAAM,OAAO,aAAc,SAAQ,iBAAiB;IAC1C,eAAe,CAAoB;IACnC,OAAO,GAA8B,IAAI,GAAG,EAAE,CAAC;IAEvD,YAAY,MAAmC;QAC7C,KAAK,CACH,iBAAiB,CAAC,CAAC,EAAE,cAAc,EAAE;YACnC,WAAW,EAAE,6DAA6D;YAC1E,IAAI,EAAE,kBAAkB;YACxB,aAAa,EAAE,mBAAmB;YAClC,gBAAgB,EAAE,CAAC,gBAAgB,CAAC;YACpC,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,IAAI;YACd,SAAS,EAAE,GAAG;YACd,cAAc,EAAE,KAAK,EAAE,+BAA+B;YACtD,YAAY,EAAE,EAAE;SACjB,CAAC,CACH,CAAC;QACF,IAAI,CAAC,eAAe,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,KAAiB;QAC7B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAmB,EAAE,CAAC;QAEpC,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;QAEhC,sCAAsC;QACtC,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,eAAe,CAAC,kBAAkB,EAAE,CAAC;YACjE,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,CAAC;QAED,mDAAmD;QACnD,IAAI,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,EAAE,UAAU,EAAE,EAAE,EAAE,aAAa,EAAE,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;YAC9D,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACrC,CAAC;QAED,0DAA0D;QAC1D,MAAM,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;QACnD,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,MAAM,CAAC,CAAC;QAElE,sBAAsB;QACtB,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5B,MAAM,CAAC,aAAa,EAAE,CAAC;QAEvB,MAAM,gBAAgB,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC;QAElD,sBAAsB;QACtB,IAAI,gBAAgB,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CAAC;YACxD,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,wBAAwB;gBAC9B,WAAW,EAAE,WAAW,QAAQ,0BAA0B,gBAAgB,IAAI,IAAI,CAAC,eAAe,CAAC,WAAW,gBAAgB,IAAI,CAAC,eAAe,CAAC,QAAQ,WAAW;gBACtK,QAAQ,EAAE;oBACR,YAAY,gBAAgB,EAAE;oBAC9B,SAAS,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE;oBAC3C,UAAU,IAAI,CAAC,eAAe,CAAC,QAAQ,IAAI;iBAC5C;gBACD,WAAW,EAAE,gCAAgC,IAAI,CAAC,eAAe,CAAC,WAAW,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,GAAG,IAAI,GAAG;aAC7H,CAAC,CAAC;QACL,CAAC;QAED,6CAA6C;QAC7C,MAAM,WAAW,GAAG,GAAG,GAAG,IAAI,CAAC;QAC/B,MAAM,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,GAAG,WAAW,CAAC,CAAC,MAAM,CAAC;QAC7E,IAAI,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,cAAc,EAAE,CAAC;YACrD,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE,WAAW,QAAQ,qBAAqB,UAAU,qCAAqC,IAAI,CAAC,eAAe,CAAC,cAAc,GAAG;gBAC1I,QAAQ,EAAE;oBACR,SAAS,UAAU,EAAE;oBACrB,aAAa,IAAI,CAAC,eAAe,CAAC,cAAc,EAAE;iBACnD;gBACD,WAAW,EAAE,8BAA8B,IAAI,CAAC,eAAe,CAAC,cAAc,sBAAsB;aACrG,CAAC,CAAC;QACL,CAAC;QAED,2DAA2D;QAC3D,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YACnC,MAAM,YAAY,GAAG,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAChE,IAAI,YAAY,GAAG,GAAG,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,SAAS;oBACf,QAAQ,EAAE,QAAQ;oBAClB,IAAI,EAAE,0BAA0B;oBAChC,WAAW,EAAE,WAAW,QAAQ,gCAAgC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB;oBACvG,QAAQ,EAAE;wBACR,gBAAgB,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;wBAC1C,iBAAiB,MAAM,CAAC,aAAa,EAAE;qBACxC;oBACD,WAAW,EAAE,gCAAgC;iBAC9C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACzF,MAAM,MAAM,GAAG,CAAC,OAAO,CAAC;QAExB,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;QACvE,CAAC;QAED,OAAO,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IAClE,CAAC;IAED;;;;OAIG;IACK,kBAAkB,CAAC,UAAoB;QAC7C,MAAM,CAAC,GAAG,UAAU,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;QAEtB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAE9B,4BAA4B;QAC5B,IAAI,aAAa,GAAG,CAAC,CAAC;QACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7B,aAAa,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACrD,CAAC;QACD,MAAM,WAAW,GAAG,aAAa,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QAE9C,6BAA6B;QAC7B,IAAI,cAAc,GAAG,CAAC,CAAC;QACvB,KAAK,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACjC,cAAc,IAAI,UAAU,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtD,CAAC;QACD,MAAM,YAAY,GAAG,cAAc,GAAG,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC;QAEpD,IAAI,YAAY,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC,CAAC,6CAA6C;QAClF,OAAO,WAAW,GAAG,YAAY,CAAC;IACpC,CAAC;IAED;;OAEG;IACK,WAAW;QACjB,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QAExD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC;QACjE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IAEQ,KAAK,CAAC,WAAW;QACxB,OAAO;YACL,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,EAAE;YACV,OAAO,EAAE;gBACP,iBAAiB,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC;gBACjG,gBAAgB,EAAE,CAAC;gBACnB,SAAS,EAAE,CAAC;aACb;SACF,CAAC;IACJ,CAAC;IAEQ,KAAK,CAAC,KAAK;QAClB,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;IACvB,CAAC;IAEO,WAAW,CAAC,SAAiB,EAAE,EAAU;QAC/C,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC;QAC1C,OAAO;YACL,SAAS;YACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,UAAU;YACV,UAAU,EAAE,CAAC;YACb,gBAAgB,EAAE,UAAU;SAC7B,CAAC;IACJ,CAAC;CACF"}

package/dist/layers/implementations/index.d.ts

@@ -0,0 +1,16 @@
+/**
+ * ATSF Security Layer Implementations — Input Validation Tier (L0-L5)
+ *
+ * These are the first 6 concrete security layers in the ATSF pipeline.
+ * Each layer extends BaseSecurityLayer and implements real detection logic
+ * (not pass-through).
+ *
+ * @packageDocumentation
+ */
+export { L0RequestFormatValidator } from './L0-request-format.js';
+export { L1InputSizeLimiter, type L1SizeLimits } from './L1-input-size.js';
+export { L2CharsetSanitizer } from './L2-charset-sanitizer.js';
+export { L3SchemaConformance, type ActionSchema } from './L3-schema-conformance.js';
+export { L4InjectionDetector } from './L4-injection-detector.js';
+export { L5RateLimiter, type L5RateLimitConfig } from './L5-rate-limiter.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/layers/implementations/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/layers/implementations/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,KAAK,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAC3E,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,EAAE,mBAAmB,EAAE,KAAK,YAAY,EAAE,MAAM,4BAA4B,CAAC;AACpF,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,aAAa,EAAE,KAAK,iBAAiB,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/layers/implementations/index.js

@@ -0,0 +1,16 @@
+/**
+ * ATSF Security Layer Implementations — Input Validation Tier (L0-L5)
+ *
+ * These are the first 6 concrete security layers in the ATSF pipeline.
+ * Each layer extends BaseSecurityLayer and implements real detection logic
+ * (not pass-through).
+ *
+ * @packageDocumentation
+ */
+export { L0RequestFormatValidator } from './L0-request-format.js';
+export { L1InputSizeLimiter } from './L1-input-size.js';
+export { L2CharsetSanitizer } from './L2-charset-sanitizer.js';
+export { L3SchemaConformance } from './L3-schema-conformance.js';
+export { L4InjectionDetector } from './L4-injection-detector.js';
+export { L5RateLimiter } from './L5-rate-limiter.js';
+//# sourceMappingURL=index.js.map

package/dist/layers/implementations/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/layers/implementations/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAqB,MAAM,oBAAoB,CAAC;AAC3E,OAAO,EAAE,kBAAkB,EAAE,MAAM,2BAA2B,CAAC;AAC/D,OAAO,EAAE,mBAAmB,EAAqB,MAAM,4BAA4B,CAAC;AACpF,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,aAAa,EAA0B,MAAM,sBAAsB,CAAC"}

package/dist/persistence/sqlite.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sqlite.d.ts","sourceRoot":"","sources":["../../src/persistence/sqlite.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,KAAK,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAKxE;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,CAAC;IACtC,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,KAAK,IAAI,IAAI,CAAC;IACd,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,GAAG,CAAC,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;IACjF,GAAG,CAAC,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IACnC,GAAG,CAAC,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,CAAC;CACtC;AAED;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAAG,KAAK,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,OAAO,CAAA;CAAE,KAAK,cAAc,CAAC;AAE/G;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,uCAAuC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,0EAA0E;IAC1E,QAAQ,EAAE,yBAAyB,CAAC;IACpC,mCAAmC;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wDAAwD;IACxD,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAqBD;;;;;;;;GAQG;AACH,qBAAa,yBAA0B,YAAW,mBAAmB;IACnE,QAAQ,CAAC,IAAI,YAAY;IACzB,OAAO,CAAC,EAAE,CAA+B;IACzC,OAAO,CAAC,MAAM,CAAgG;IAC9G,OAAO,CAAC,WAAW,CAAS;gBAEhB,MAAM,EAAE,uBAAuB;IAQ3C;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAiCjC;;OAEG;IACH,OAAO,CAAC,YAAY;IAoCpB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAMzB;;OAEG;IACH,OAAO,CAAC,WAAW;IAgBnB;;OAEG;IACH,OAAO,CAAC,WAAW;IAgBnB;;OAEG;IACG,IAAI,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAiD9C;;OAEG;IACG,GAAG,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAqBzD;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAsB5C;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,EAAE,EAAE,CAAC;IAiB9B;;OAEG;IACG,KAAK,CAAC,OAAO,GAAE,gBAAqB,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IA0DnE;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAiB5C;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC;IAiB9B;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAa5B;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAe5B;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC;QACxB,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;QAC7B,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;CAYH;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,uBAAuB,GAAG,yBAAyB,CAE/F"}
+{"version":3,"file":"sqlite.d.ts","sourceRoot":"","sources":["../../src/persistence/sqlite.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,EAAE,EAAE,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,KAAK,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAKxE;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,CAAC;IACtC,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,KAAK,IAAI,IAAI,CAAC;IACd,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,GAAG,CAAC,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,eAAe,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;IACjF,GAAG,CAAC,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IACnC,GAAG,CAAC,GAAG,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,CAAC;CACtC;AAED;;GAEG;AACH,MAAM,MAAM,yBAAyB,GAAG,KAAK,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,OAAO,CAAA;CAAE,KAAK,cAAc,CAAC;AAE/G;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,uCAAuC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,0EAA0E;IAC1E,QAAQ,EAAE,yBAAyB,CAAC;IACpC,mCAAmC;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wDAAwD;IACxD,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAqBD;;;;;;;;GAQG;AACH,qBAAa,yBAA0B,YAAW,mBAAmB;IACnE,QAAQ,CAAC,IAAI,YAAY;IACzB,OAAO,CAAC,EAAE,CAA+B;IACzC,OAAO,CAAC,MAAM,CAAgG;IAC9G,OAAO,CAAC,WAAW,CAAS;gBAEhB,MAAM,EAAE,uBAAuB;IAQ3C;;OAEG;IACG,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAiCjC;;OAEG;IACH,OAAO,CAAC,YAAY;IAoCpB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAMzB;;OAEG;IACH,OAAO,CAAC,WAAW;IAgBnB;;OAEG;IACH,OAAO,CAAC,WAAW;IAiBnB;;OAEG;IACG,IAAI,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IAiD9C;;OAEG;IACG,GAAG,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAqBzD;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAsB5C;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,EAAE,EAAE,CAAC;IAiB9B;;OAEG;IACG,KAAK,CAAC,OAAO,GAAE,gBAAqB,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IA0DnE;;OAEG;IACG,MAAM,CAAC,QAAQ,EAAE,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAiB5C;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,MAAM,CAAC;IAiB9B;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAa5B;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAe5B;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC;QACxB,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;QAC7B,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;CAYH;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,uBAAuB,GAAG,yBAAyB,CAE/F"}

package/dist/persistence/sqlite.js

@@ -115,7 +115,7 @@ export class SQLitePersistenceProvider {
             signals: JSON.stringify(record.signals),
             last_calculated_at: record.lastCalculatedAt,
             history: JSON.stringify(record.history),
-            recent_failures: JSON.stringify(record.recentFailures),
+            recent_failures: JSON.stringify([]),
             recent_successes: JSON.stringify(record.recentSuccesses),
             peak_score: record.peakScore,
             consecutive_successes: record.consecutiveSuccesses,
@@ -125,15 +125,16 @@ export class SQLitePersistenceProvider {
      * Convert a database row to a TrustRecord
      */
     rowToRecord(row) {
+        const components = JSON.parse(row.components);
         return {
             entityId: row.entity_id,
             score: row.score,
             level: row.level,
-            components: JSON.parse(row.components),
+            components,
+            factorScores: {},
             signals: JSON.parse(row.signals),
             lastCalculatedAt: row.last_calculated_at,
             history: JSON.parse(row.history),
-            recentFailures: JSON.parse(row.recent_failures),
             recentSuccesses: JSON.parse(row.recent_successes),
             peakScore: row.peak_score,
             consecutiveSuccesses: row.consecutive_successes,