acidtest 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Currently
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,104 @@
+# AcidTest
+
+Security scanner for AI agent skills. Scan before you install.
+
+## The Problem
+
+The AgentSkills ecosystem has 66,000+ skills. Recent audits found:
+- **26%** contain at least one vulnerability
+- **230+** confirmed malicious skills uploaded to ClawHub in one week
+- **341** skills flagged in the ClawHavoc campaign
+
+## Quick Start
+```bash
+npx acidtest scan ./my-skill
+```
+
+No API keys. No configuration. No Python.
+
+## Example Output
+```
+AcidTest v0.1.0
+
+Scanning: proactive-agent
+Source:   test-skills/proactive-agent-1-2-4-1
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+TRUST SCORE: 72/100 ███████░░░ WARN
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+FINDINGS
+
+  ✖ CRITICAL instruction-override
+    SKILL.md:170
+    Attempts to override agent instructions
+    3 matches found
+
+  ○ LOW      No declared permissions
+    SKILL.md
+    Skill declares no permissions (bins, env, or allowed-tools)
+    Legitimate skills typically declare at least one permission
+
+━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+RECOMMENDATION: Do not install. Prompt injection attempt detected.
+```
+
+## What It Detects
+
+- Prompt injection attempts
+- Undeclared network calls
+- Credential harvesting
+- Permission mismatches
+- Data exfiltration patterns
+- Obfuscated payloads
+
+## How It Works
+
+AcidTest runs four analysis layers: permission audit, prompt injection scan, code analysis (via TypeScript AST), and cross-reference checks that catch when code behavior doesn't match declared permissions.
+
+For technical details, see [BUILD-SPEC.md](./BUILD-SPEC.md).
+
+## Install
+```bash
+npm install -g acidtest
+```
+
+Or use without installing:
+```bash
+npx acidtest scan ./path-to-skill
+```
+
+## Usage
+```bash
+# Scan a skill directory
+acidtest scan ./my-skill
+
+# Scan a SKILL.md file directly
+acidtest scan ./my-skill/SKILL.md
+
+# Scan all skills in a directory
+acidtest scan-all ./skills
+
+# JSON output
+acidtest scan ./my-skill --json
+```
+
+## Scoring
+
+Starts at 100, deducts by severity (CRITICAL: -25, HIGH: -15, MEDIUM: -8, LOW: -3). Score 80+ is PASS, 50-79 is WARN, 20-49 is FAIL, below 20 is DANGER.
+
+## Contributing
+
+Detection patterns are JSON files in `src/patterns/`. Add new patterns and submit a PR.
+
+## License
+
+MIT
+
+## Links
+
+- Issues: https://github.com/currentlycurrently/acidtest/issues
+- Website: https://acidtest.dev

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+#!/usr/bin/env node
+/**
+ * AcidTest CLI entry point
+ * Parses arguments and routes to appropriate commands
+ */
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;GAGG"}

package/dist/index.js

@@ -0,0 +1,170 @@
+#!/usr/bin/env node
+/**
+ * AcidTest CLI entry point
+ * Parses arguments and routes to appropriate commands
+ */
+import { scanSkill, scanAllSkills } from './scanner.js';
+import { reportToTerminal, reportAsJSON } from './reporter.js';
+const VERSION = '0.1.0';
+/**
+ * Main CLI function
+ */
+async function main() {
+    const args = process.argv.slice(2);
+    // Handle --version flag
+    if (args.includes('--version') || args.includes('-v')) {
+        console.log(`acidtest v${VERSION}`);
+        process.exit(0);
+    }
+    // Handle --help flag
+    if (args.includes('--help') || args.includes('-h') || args.length === 0) {
+        printHelp();
+        process.exit(0);
+    }
+    // Parse command
+    const command = args[0];
+    if (command === 'scan') {
+        await handleScan(args.slice(1));
+    }
+    else if (command === 'scan-all') {
+        await handleScanAll(args.slice(1));
+    }
+    else {
+        console.error(`Unknown command: ${command}`);
+        console.error('Run "acidtest --help" for usage information.');
+        process.exit(1);
+    }
+}
+/**
+ * Handle 'scan' command
+ */
+async function handleScan(args) {
+    // Parse flags
+    const jsonOutput = args.includes('--json');
+    const paths = args.filter(arg => !arg.startsWith('--'));
+    if (paths.length === 0) {
+        console.error('Error: No skill path provided');
+        console.error('Usage: acidtest scan <path-to-skill> [--json]');
+        process.exit(1);
+    }
+    const skillPath = paths[0];
+    try {
+        const result = await scanSkill(skillPath);
+        if (jsonOutput) {
+            reportAsJSON(result);
+        }
+        else {
+            reportToTerminal(result);
+        }
+        // Exit with non-zero code for FAIL or DANGER
+        if (result.status === 'FAIL' || result.status === 'DANGER') {
+            process.exit(1);
+        }
+    }
+    catch (error) {
+        console.error('Error scanning skill:', error.message);
+        process.exit(1);
+    }
+}
+/**
+ * Handle 'scan-all' command
+ */
+async function handleScanAll(args) {
+    // Parse flags
+    const jsonOutput = args.includes('--json');
+    const paths = args.filter(arg => !arg.startsWith('--'));
+    if (paths.length === 0) {
+        console.error('Error: No directory path provided');
+        console.error('Usage: acidtest scan-all <directory> [--json]');
+        process.exit(1);
+    }
+    const directory = paths[0];
+    try {
+        const results = await scanAllSkills(directory);
+        if (results.length === 0) {
+            console.log('No skills found in directory');
+            process.exit(0);
+        }
+        if (jsonOutput) {
+            console.log(JSON.stringify(results, null, 2));
+        }
+        else {
+            // Print summary for each skill
+            for (let i = 0; i < results.length; i++) {
+                const result = results[i];
+                reportToTerminal(result);
+                // Add separator between skills (except for last one)
+                if (i < results.length - 1) {
+                    console.log('\n' + '='.repeat(60) + '\n');
+                }
+            }
+            // Print summary statistics
+            console.log('\n' + '='.repeat(60));
+            console.log(`\nScanned ${results.length} skill(s):\n`);
+            const pass = results.filter(r => r.status === 'PASS').length;
+            const warn = results.filter(r => r.status === 'WARN').length;
+            const fail = results.filter(r => r.status === 'FAIL').length;
+            const danger = results.filter(r => r.status === 'DANGER').length;
+            if (pass > 0)
+                console.log(`  PASS:   ${pass}`);
+            if (warn > 0)
+                console.log(`  WARN:   ${warn}`);
+            if (fail > 0)
+                console.log(`  FAIL:   ${fail}`);
+            if (danger > 0)
+                console.log(`  DANGER: ${danger}`);
+            console.log();
+        }
+        // Exit with non-zero if any skill failed
+        const hasFailures = results.some(r => r.status === 'FAIL' || r.status === 'DANGER');
+        if (hasFailures) {
+            process.exit(1);
+        }
+    }
+    catch (error) {
+        console.error('Error scanning directory:', error.message);
+        process.exit(1);
+    }
+}
+/**
+ * Print help text
+ */
+function printHelp() {
+    console.log(`
+AcidTest v${VERSION}
+Security scanner for AI agent skills
+
+USAGE:
+  acidtest scan <path-to-skill> [--json]
+  acidtest scan-all <directory> [--json]
+  acidtest --version
+  acidtest --help
+
+COMMANDS:
+  scan          Scan a single skill directory or SKILL.md file
+  scan-all      Recursively scan all skills in a directory
+
+OPTIONS:
+  --json        Output results as JSON
+  --version     Print version number
+  --help        Show this help message
+
+EXAMPLES:
+  # Scan a single skill
+  acidtest scan ./my-skill
+
+  # Scan with JSON output
+  acidtest scan ./my-skill --json
+
+  # Scan all skills in a directory
+  acidtest scan-all ./skills-directory
+
+For more information, visit: https://acidtest.dev
+`);
+}
+// Run CLI
+main().catch(error => {
+    console.error('Unexpected error:', error);
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;GAGG;AAEH,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAE/D,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB;;GAEG;AACH,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAEnC,wBAAwB;IACxB,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,EAAE,CAAC,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,qBAAqB;IACrB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxE,SAAS,EAAE,CAAC;QACZ,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,gBAAgB;IAChB,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IAExB,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,MAAM,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAClC,CAAC;SAAM,IAAI,OAAO,KAAK,UAAU,EAAE,CAAC;QAClC,MAAM,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACrC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,oBAAoB,OAAO,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;QAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,UAAU,CAAC,IAAc;IACtC,cAAc;IACd,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;IAExD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;QAC/C,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;QAE1C,IAAI,UAAU,EAAE,CAAC;YACf,YAAY,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;QAED,6CAA6C;QAC7C,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;QACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAAC,IAAc;IACzC,cAAc;IACd,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;IAExD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACnD,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,SAAS,CAAC,CAAC;QAE/C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,+BAA+B;YAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACxC,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;gBAC1B,gBAAgB,CAAC,MAAM,CAAC,CAAC;gBAEzB,qDAAqD;gBACrD,IAAI,CAAC,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC3B,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;YAED,2BAA2B;YAC3B,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,MAAM,cAAc,CAAC,CAAC;YAEvD,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;YAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;YAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;YAC7D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;YAEjE,IAAI,IAAI,GAAG,CAAC;gBAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC;YAC/C,IAAI,IAAI,GAAG,CAAC;gBAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC;YAC/C,IAAI,IAAI,GAAG,CAAC;gBAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC;YAC/C,IAAI,MAAM,GAAG,CAAC;gBAAE,OAAO,CAAC,GAAG,CAAC,aAAa,MAAM,EAAE,CAAC,CAAC;YAEnD,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;QAED,yCAAyC;QACzC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAC9B,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,CAAC,MAAM,KAAK,QAAQ,CAClD,CAAC;QAEF,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAG,KAAe,CAAC,OAAO,CAAC,CAAC;QACrE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,SAAS;IAChB,OAAO,CAAC,GAAG,CAAC;YACF,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA6BlB,CAAC,CAAC;AACH,CAAC;AAED,UAAU;AACV,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;IAC1C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/layers/code.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Layer 3: Code Analysis
+ * Performs AST analysis on JavaScript/TypeScript handler files
+ */
+import type { Skill, LayerResult } from '../types.js';
+/**
+ * Scan code files for security issues
+ */
+export declare function scanCode(skill: Skill): Promise<LayerResult>;
+//# sourceMappingURL=code.d.ts.map

package/dist/layers/code.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"code.d.ts","sourceRoot":"","sources":["../../src/layers/code.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,KAAK,EAAW,WAAW,EAAY,MAAM,aAAa,CAAC;AAGzE;;GAEG;AACH,wBAAsB,QAAQ,CAAC,KAAK,EAAE,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,CA0CjE"}

package/dist/layers/code.js

@@ -0,0 +1,196 @@
+/**
+ * Layer 3: Code Analysis
+ * Performs AST analysis on JavaScript/TypeScript handler files
+ */
+import ts from 'typescript';
+import { loadPatterns } from '../pattern-loader.js';
+/**
+ * Scan code files for security issues
+ */
+export async function scanCode(skill) {
+    const findings = [];
+    // If no code files, nothing to scan
+    if (skill.codeFiles.length === 0) {
+        return {
+            layer: 'code',
+            findings
+        };
+    }
+    // Load code-related patterns
+    const dangerousImports = await loadPatterns('dangerous-imports');
+    const pathPatterns = await loadPatterns('sensitive-paths');
+    const exfiltrationPatterns = await loadPatterns('exfiltration-sinks');
+    const obfuscationPatterns = await loadPatterns('obfuscation');
+    const credentialPatterns = await loadPatterns('credential-patterns');
+    // Combine all code-layer patterns
+    const allPatterns = [
+        ...dangerousImports,
+        ...pathPatterns,
+        ...exfiltrationPatterns,
+        ...obfuscationPatterns,
+        ...credentialPatterns
+    ].filter(p => p.layer === 'code');
+    // Scan each code file
+    for (const codeFile of skill.codeFiles) {
+        // Regex-based pattern scanning
+        const regexFindings = scanCodeWithRegex(codeFile, allPatterns);
+        findings.push(...regexFindings);
+        // AST-based analysis
+        const astFindings = scanCodeWithAST(codeFile);
+        findings.push(...astFindings);
+    }
+    return {
+        layer: 'code',
+        findings
+    };
+}
+/**
+ * Scan code file using regex patterns
+ */
+function scanCodeWithRegex(codeFile, patterns) {
+    const findings = [];
+    const content = codeFile.content;
+    const relativePath = codeFile.path;
+    for (const pattern of patterns) {
+        const regex = new RegExp(pattern.match.value, pattern.match.flags || '');
+        const matches = content.match(regex);
+        if (matches && matches.length > 0) {
+            // Find line number for first match
+            const lineNumber = findLineNumber(content, matches[0]);
+            findings.push({
+                severity: pattern.severity,
+                category: pattern.category || 'code-issue',
+                title: pattern.name,
+                file: relativePath,
+                line: lineNumber,
+                detail: pattern.description || `Pattern match: ${pattern.name}`,
+                evidence: `Found ${matches.length} occurrence(s)`,
+                patternId: pattern.id
+            });
+        }
+    }
+    return findings;
+}
+/**
+ * Scan code file using TypeScript AST
+ */
+function scanCodeWithAST(codeFile) {
+    const findings = [];
+    const relativePath = codeFile.path;
+    try {
+        // Parse TypeScript/JavaScript
+        const sourceFile = ts.createSourceFile(codeFile.path, codeFile.content, ts.ScriptTarget.Latest, true);
+        // Extract all URLs from string literals
+        const urls = extractURLs(sourceFile);
+        if (urls.length > 0) {
+            findings.push({
+                severity: 'INFO',
+                category: 'network-urls',
+                title: 'URL literals found in code',
+                file: relativePath,
+                detail: `Found ${urls.length} URL(s) in code`,
+                evidence: urls.slice(0, 5).join(', ') + (urls.length > 5 ? '...' : '')
+            });
+        }
+        // Check for suspicious patterns
+        const suspiciousFindings = detectSuspiciousPatterns(sourceFile, relativePath);
+        findings.push(...suspiciousFindings);
+    }
+    catch (error) {
+        // If parsing fails, the code might be malformed or obfuscated
+        findings.push({
+            severity: 'MEDIUM',
+            category: 'parse-error',
+            title: 'Failed to parse code file',
+            file: relativePath,
+            detail: 'Could not parse file as valid JavaScript/TypeScript',
+            evidence: 'May indicate obfuscated or malformed code'
+        });
+    }
+    return findings;
+}
+/**
+ * Extract URL strings from source file
+ */
+function extractURLs(sourceFile) {
+    const urls = [];
+    const urlPattern = /^https?:\/\/[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/;
+    function visit(node) {
+        if (ts.isStringLiteral(node) || ts.isNoSubstitutionTemplateLiteral(node)) {
+            const text = node.text;
+            if (urlPattern.test(text)) {
+                urls.push(text);
+            }
+        }
+        ts.forEachChild(node, visit);
+    }
+    visit(sourceFile);
+    return urls;
+}
+/**
+ * Detect suspicious patterns via AST traversal
+ */
+function detectSuspiciousPatterns(sourceFile, filePath) {
+    const findings = [];
+    const dynamicRequires = [];
+    const evals = [];
+    function visit(node) {
+        // Check for eval() calls
+        if (ts.isCallExpression(node)) {
+            const expression = node.expression;
+            if (ts.isIdentifier(expression) && expression.text === 'eval') {
+                const lineNumber = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
+                evals.push(lineNumber);
+            }
+            // Check for require() with non-literal arguments
+            if (ts.isIdentifier(expression) && expression.text === 'require') {
+                if (node.arguments.length > 0) {
+                    const arg = node.arguments[0];
+                    if (!ts.isStringLiteral(arg) && !ts.isNoSubstitutionTemplateLiteral(arg)) {
+                        const lineNumber = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
+                        dynamicRequires.push(lineNumber);
+                    }
+                }
+            }
+        }
+        ts.forEachChild(node, visit);
+    }
+    visit(sourceFile);
+    // Add findings for dynamic requires
+    if (dynamicRequires.length > 0) {
+        findings.push({
+            severity: 'HIGH',
+            category: 'dynamic-require',
+            title: 'Dynamic require() detected',
+            file: filePath,
+            line: dynamicRequires[0],
+            detail: `Found ${dynamicRequires.length} dynamic require() call(s)`,
+            evidence: 'Dynamic imports can load arbitrary modules'
+        });
+    }
+    // Add findings for eval usage
+    if (evals.length > 0) {
+        findings.push({
+            severity: 'CRITICAL',
+            category: 'eval-usage',
+            title: 'eval() usage detected',
+            file: filePath,
+            line: evals[0],
+            detail: `Found ${evals.length} eval() call(s)`,
+            evidence: 'eval() can execute arbitrary code'
+        });
+    }
+    return findings;
+}
+/**
+ * Find line number for a match in text
+ */
+function findLineNumber(text, match) {
+    const index = text.indexOf(match);
+    if (index === -1)
+        return undefined;
+    const beforeMatch = text.substring(0, index);
+    const lineNumber = beforeMatch.split('\n').length;
+    return lineNumber;
+}
+//# sourceMappingURL=code.js.map

package/dist/layers/code.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"code.js","sourceRoot":"","sources":["../../src/layers/code.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,MAAM,YAAY,CAAC;AAE5B,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,KAAY;IACzC,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,oCAAoC;IACpC,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,OAAO;YACL,KAAK,EAAE,MAAM;YACb,QAAQ;SACT,CAAC;IACJ,CAAC;IAED,6BAA6B;IAC7B,MAAM,gBAAgB,GAAG,MAAM,YAAY,CAAC,mBAAmB,CAAC,CAAC;IACjE,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,iBAAiB,CAAC,CAAC;IAC3D,MAAM,oBAAoB,GAAG,MAAM,YAAY,CAAC,oBAAoB,CAAC,CAAC;IACtE,MAAM,mBAAmB,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,CAAC;IAC9D,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC,qBAAqB,CAAC,CAAC;IAErE,kCAAkC;IAClC,MAAM,WAAW,GAAG;QAClB,GAAG,gBAAgB;QACnB,GAAG,YAAY;QACf,GAAG,oBAAoB;QACvB,GAAG,mBAAmB;QACtB,GAAG,kBAAkB;KACtB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,MAAM,CAAC,CAAC;IAElC,sBAAsB;IACtB,KAAK,MAAM,QAAQ,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;QACvC,+BAA+B;QAC/B,MAAM,aAAa,GAAG,iBAAiB,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAC/D,QAAQ,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,CAAC;QAEhC,qBAAqB;QACrB,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;IAChC,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM;QACb,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,QAAkB,EAAE,QAAe;IAC5D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;IACjC,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC;IAEnC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QACzE,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAErC,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,mCAAmC;YACnC,MAAM,UAAU,GAAG,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;YAEvD,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,YAAY;gBAC1C,KAAK,EAAE,OAAO,CAAC,IAAI;gBACnB,IAAI,EAAE,YAAY;gBAClB,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,OAAO,CAAC,WAAW,IAAI,kBAAkB,OAAO,CAAC,IAAI,EAAE;gBAC/D,QAAQ,EAAE,SAAS,OAAO,CAAC,MAAM,gBAAgB;gBACjD,SAAS,EAAE,OAAO,CAAC,EAAE;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,QAAkB;IACzC,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC;IAEnC,IAAI,CAAC;QACH,8BAA8B;QAC9B,MAAM,UAAU,GAAG,EAAE,CAAC,gBAAgB,CACpC,QAAQ,CAAC,IAAI,EACb,QAAQ,CAAC,OAAO,EAChB,EAAE,CAAC,YAAY,CAAC,MAAM,EACtB,IAAI,CACL,CAAC;QAEF,wCAAwC;QACxC,MAAM,IAAI,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;QACrC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,cAAc;gBACxB,KAAK,EAAE,4BAA4B;gBACnC,IAAI,EAAE,YAAY;gBAClB,MAAM,EAAE,SAAS,IAAI,CAAC,MAAM,iBAAiB;gBAC7C,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;aACvE,CAAC,CAAC;QACL,CAAC;QAED,gCAAgC;QAChC,MAAM,kBAAkB,GAAG,wBAAwB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAC9E,QAAQ,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,CAAC;IAEvC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,8DAA8D;QAC9D,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,aAAa;YACvB,KAAK,EAAE,2BAA2B;YAClC,IAAI,EAAE,YAAY;YAClB,MAAM,EAAE,qDAAqD;YAC7D,QAAQ,EAAE,2CAA2C;SACtD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,UAAyB;IAC5C,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,UAAU,GAAG,0CAA0C,CAAC;IAE9D,SAAS,KAAK,CAAC,IAAa;QAC1B,IAAI,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,+BAA+B,CAAC,IAAI,CAAC,EAAE,CAAC;YACzE,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;YACvB,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1B,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,CAAC;IAClB,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,wBAAwB,CAAC,UAAyB,EAAE,QAAgB;IAC3E,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,SAAS,KAAK,CAAC,IAAa;QAC1B,yBAAyB;QACzB,IAAI,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;YACnC,IAAI,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBAC9D,MAAM,UAAU,GAAG,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC;gBACtF,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACzB,CAAC;YAED,iDAAiD;YACjD,IAAI,EAAE,CAAC,YAAY,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBACjE,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oBAC9B,IAAI,CAAC,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,+BAA+B,CAAC,GAAG,CAAC,EAAE,CAAC;wBACzE,MAAM,UAAU,GAAG,UAAU,CAAC,6BAA6B,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC;wBACtF,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;oBACnC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,CAAC;IAElB,oCAAoC;IACpC,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,iBAAiB;YAC3B,KAAK,EAAE,4BAA4B;YACnC,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC;YACxB,MAAM,EAAE,SAAS,eAAe,CAAC,MAAM,4BAA4B;YACnE,QAAQ,EAAE,4CAA4C;SACvD,CAAC,CAAC;IACL,CAAC;IAED,8BAA8B;IAC9B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,YAAY;YACtB,KAAK,EAAE,uBAAuB;YAC9B,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;YACd,MAAM,EAAE,SAAS,KAAK,CAAC,MAAM,iBAAiB;YAC9C,QAAQ,EAAE,mCAAmC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,IAAY,EAAE,KAAa;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,KAAK,KAAK,CAAC,CAAC;QAAE,OAAO,SAAS,CAAC;IAEnC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;IAElD,OAAO,UAAU,CAAC;AACpB,CAAC"}

package/dist/layers/crossref.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Layer 4: Cross-Reference Analysis
+ * Compares findings across layers to detect permission mismatches and deception
+ */
+import type { Skill, Finding, LayerResult } from '../types.js';
+/**
+ * Cross-reference findings from previous layers
+ */
+export declare function scanCrossReference(skill: Skill, previousFindings: Finding[]): Promise<LayerResult>;
+//# sourceMappingURL=crossref.d.ts.map

package/dist/layers/crossref.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crossref.d.ts","sourceRoot":"","sources":["../../src/layers/crossref.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/D;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,KAAK,EACZ,gBAAgB,EAAE,OAAO,EAAE,GAC1B,OAAO,CAAC,WAAW,CAAC,CAwKtB"}