acidtest 0.6.0 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/acidtest-example.yml +4 -4
- package/.github/workflows/acidtest-template.yml +1 -1
- package/README.md +55 -0
- package/dist/config.d.ts +19 -0
- package/dist/config.d.ts.map +1 -0
- package/dist/config.js +69 -0
- package/dist/config.js.map +1 -0
- package/dist/config.test.d.ts +5 -0
- package/dist/config.test.d.ts.map +1 -0
- package/dist/config.test.js +69 -0
- package/dist/config.test.js.map +1 -0
- package/dist/index.js +45 -8
- package/dist/index.js.map +1 -1
- package/dist/layers/code.js +2 -1
- package/dist/layers/code.js.map +1 -1
- package/dist/layers/injection.d.ts.map +1 -1
- package/dist/layers/injection.js +2 -1
- package/dist/layers/injection.js.map +1 -1
- package/dist/layers/permissions.d.ts.map +1 -1
- package/dist/layers/permissions.js +2 -1
- package/dist/layers/permissions.js.map +1 -1
- package/dist/patterns/credential-patterns.json +10 -1
- package/dist/patterns/dangerous-imports.json +40 -4
- package/dist/remediation.test.d.ts +5 -0
- package/dist/remediation.test.d.ts.map +1 -0
- package/dist/remediation.test.js +74 -0
- package/dist/remediation.test.js.map +1 -0
- package/dist/reporter.d.ts +4 -1
- package/dist/reporter.d.ts.map +1 -1
- package/dist/reporter.js +83 -3
- package/dist/reporter.js.map +1 -1
- package/dist/scanner.d.ts +1 -1
- package/dist/scanner.d.ts.map +1 -1
- package/dist/scanner.js +31 -3
- package/dist/scanner.js.map +1 -1
- package/dist/types.d.ts +34 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/watch.d.ts +14 -0
- package/dist/watch.d.ts.map +1 -0
- package/dist/watch.js +135 -0
- package/dist/watch.js.map +1 -0
- package/dist/watch.test.d.ts +5 -0
- package/dist/watch.test.d.ts.map +1 -0
- package/dist/watch.test.js +53 -0
- package/dist/watch.test.js.map +1 -0
- package/package.json +5 -2
|
@@ -11,7 +11,17 @@
|
|
|
11
11
|
"value": "(import|require)\\s*\\(?['\"]child_process['\"]",
|
|
12
12
|
"flags": "g"
|
|
13
13
|
},
|
|
14
|
-
"layer": "code"
|
|
14
|
+
"layer": "code",
|
|
15
|
+
"remediation": {
|
|
16
|
+
"title": "Avoid command execution when possible",
|
|
17
|
+
"suggestions": [
|
|
18
|
+
"Use built-in Node.js APIs instead of shell commands",
|
|
19
|
+
"If command execution is necessary, use spawn() with explicit arguments",
|
|
20
|
+
"Never pass user input directly to exec() or shell commands",
|
|
21
|
+
"Validate and sanitize all command arguments",
|
|
22
|
+
"Consider using safer alternatives like the 'execa' package"
|
|
23
|
+
]
|
|
24
|
+
}
|
|
15
25
|
},
|
|
16
26
|
{
|
|
17
27
|
"id": "di-002",
|
|
@@ -23,7 +33,16 @@
|
|
|
23
33
|
"value": "\\beval\\s*\\(",
|
|
24
34
|
"flags": "g"
|
|
25
35
|
},
|
|
26
|
-
"layer": "code"
|
|
36
|
+
"layer": "code",
|
|
37
|
+
"remediation": {
|
|
38
|
+
"title": "Replace eval() with safer alternatives",
|
|
39
|
+
"suggestions": [
|
|
40
|
+
"Use JSON.parse() for parsing JSON strings",
|
|
41
|
+
"Use the Function constructor only for known, non-user code",
|
|
42
|
+
"Consider removing dynamic code execution entirely",
|
|
43
|
+
"If absolutely necessary, validate and sanitize all inputs"
|
|
44
|
+
]
|
|
45
|
+
}
|
|
27
46
|
},
|
|
28
47
|
{
|
|
29
48
|
"id": "di-003",
|
|
@@ -35,7 +54,15 @@
|
|
|
35
54
|
"value": "new\\s+Function\\s*\\(",
|
|
36
55
|
"flags": "g"
|
|
37
56
|
},
|
|
38
|
-
"layer": "code"
|
|
57
|
+
"layer": "code",
|
|
58
|
+
"remediation": {
|
|
59
|
+
"title": "Avoid dynamic function creation",
|
|
60
|
+
"suggestions": [
|
|
61
|
+
"Refactor to use static function definitions",
|
|
62
|
+
"Use object maps or switch statements instead of dynamic functions",
|
|
63
|
+
"If truly necessary, ensure all code is from trusted sources only"
|
|
64
|
+
]
|
|
65
|
+
}
|
|
39
66
|
},
|
|
40
67
|
{
|
|
41
68
|
"id": "di-004",
|
|
@@ -95,7 +122,16 @@
|
|
|
95
122
|
"value": "require\\s*\\([^'\"]",
|
|
96
123
|
"flags": "g"
|
|
97
124
|
},
|
|
98
|
-
"layer": "code"
|
|
125
|
+
"layer": "code",
|
|
126
|
+
"remediation": {
|
|
127
|
+
"title": "Replace dynamic require with static imports",
|
|
128
|
+
"suggestions": [
|
|
129
|
+
"Use static import/require statements instead",
|
|
130
|
+
"If dynamic loading is needed, use a whitelist of allowed modules",
|
|
131
|
+
"Validate module names against a known set before loading",
|
|
132
|
+
"Consider using dynamic import() with explicit module names"
|
|
133
|
+
]
|
|
134
|
+
}
|
|
99
135
|
},
|
|
100
136
|
{
|
|
101
137
|
"id": "di-009",
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"remediation.test.d.ts","sourceRoot":"","sources":["../src/remediation.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Tests for remediation functionality
|
|
3
|
+
*/
|
|
4
|
+
import { describe, it, expect } from 'vitest';
|
|
5
|
+
import { scanSkill } from './scanner.js';
|
|
6
|
+
import { mkdirSync, writeFileSync, rmSync } from 'fs';
|
|
7
|
+
import { join } from 'path';
|
|
8
|
+
describe('Remediation', () => {
|
|
9
|
+
const testDir = join(process.cwd(), 'test-remediation-temp');
|
|
10
|
+
it('should include remediation suggestions for patterns that have them', async () => {
|
|
11
|
+
// Create a temporary test directory
|
|
12
|
+
mkdirSync(testDir, { recursive: true });
|
|
13
|
+
try {
|
|
14
|
+
// Create a SKILL.md file
|
|
15
|
+
writeFileSync(join(testDir, 'SKILL.md'), `---
|
|
16
|
+
name: test-skill-with-eval
|
|
17
|
+
---
|
|
18
|
+
|
|
19
|
+
# Test Skill with eval
|
|
20
|
+
|
|
21
|
+
This is a test skill that uses eval.
|
|
22
|
+
`);
|
|
23
|
+
// Create a handler file with eval usage (which has remediation)
|
|
24
|
+
writeFileSync(join(testDir, 'handler.ts'), `export function handler(input: string) {
|
|
25
|
+
const result = eval(input);
|
|
26
|
+
return result;
|
|
27
|
+
}
|
|
28
|
+
`);
|
|
29
|
+
// Scan the skill
|
|
30
|
+
const result = await scanSkill(testDir);
|
|
31
|
+
// Find the eval-usage finding
|
|
32
|
+
const evalFinding = result.findings.find(f => f.title === 'eval-usage');
|
|
33
|
+
expect(evalFinding).toBeDefined();
|
|
34
|
+
expect(evalFinding?.remediation).toBeDefined();
|
|
35
|
+
expect(evalFinding?.remediation?.title).toBe('Replace eval() with safer alternatives');
|
|
36
|
+
expect(evalFinding?.remediation?.suggestions).toBeInstanceOf(Array);
|
|
37
|
+
expect(evalFinding?.remediation?.suggestions.length).toBeGreaterThan(0);
|
|
38
|
+
}
|
|
39
|
+
finally {
|
|
40
|
+
// Clean up
|
|
41
|
+
rmSync(testDir, { recursive: true, force: true });
|
|
42
|
+
}
|
|
43
|
+
});
|
|
44
|
+
it('should not crash for findings without remediation', async () => {
|
|
45
|
+
// Create a temporary test directory
|
|
46
|
+
mkdirSync(testDir, { recursive: true });
|
|
47
|
+
try {
|
|
48
|
+
// Create a SKILL.md file
|
|
49
|
+
writeFileSync(join(testDir, 'SKILL.md'), `---
|
|
50
|
+
name: test-skill-plain
|
|
51
|
+
---
|
|
52
|
+
|
|
53
|
+
# Plain Test Skill
|
|
54
|
+
|
|
55
|
+
This is a test skill.
|
|
56
|
+
`);
|
|
57
|
+
// Create a simple handler file without security issues
|
|
58
|
+
writeFileSync(join(testDir, 'handler.ts'), `export function handler() {
|
|
59
|
+
return 'hello';
|
|
60
|
+
}
|
|
61
|
+
`);
|
|
62
|
+
// Scan the skill
|
|
63
|
+
const result = await scanSkill(testDir);
|
|
64
|
+
// Should complete without errors
|
|
65
|
+
expect(result).toBeDefined();
|
|
66
|
+
expect(result.findings).toBeInstanceOf(Array);
|
|
67
|
+
}
|
|
68
|
+
finally {
|
|
69
|
+
// Clean up
|
|
70
|
+
rmSync(testDir, { recursive: true, force: true });
|
|
71
|
+
}
|
|
72
|
+
});
|
|
73
|
+
});
|
|
74
|
+
//# sourceMappingURL=remediation.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"remediation.test.js","sourceRoot":"","sources":["../src/remediation.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AACtD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,uBAAuB,CAAC,CAAC;IAE7D,EAAE,CAAC,oEAAoE,EAAE,KAAK,IAAI,EAAE;QAClF,oCAAoC;QACpC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAExC,IAAI,CAAC;YACH,yBAAyB;YACzB,aAAa,CACX,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EACzB;;;;;;;CAOP,CACM,CAAC;YAEF,gEAAgE;YAChE,aAAa,CACX,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,EAC3B;;;;CAIP,CACM,CAAC;YAEF,iBAAiB;YACjB,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,CAAC;YAExC,8BAA8B;YAC9B,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,YAAY,CAAC,CAAC;YAExE,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAC/C,MAAM,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;YACvF,MAAM,CAAC,WAAW,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YACpE,MAAM,CAAC,WAAW,EAAE,WAAW,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC1E,CAAC;gBAAS,CAAC;YACT,WAAW;YACX,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,oCAAoC;QACpC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAExC,IAAI,CAAC;YACH,yBAAyB;YACzB,aAAa,CACX,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EACzB;;;;;;;CAOP,CACM,CAAC;YAEF,uDAAuD;YACvD,aAAa,CACX,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,EAC3B;;;CAGP,CACM,CAAC;YAEF,iBAAiB;YACjB,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,CAAC;YAExC,iCAAiC;YACjC,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAChD,CAAC;gBAAS,CAAC;YACT,WAAW;YACX,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/reporter.d.ts
CHANGED
|
@@ -3,10 +3,13 @@
|
|
|
3
3
|
* Formats scan results for terminal output with colors
|
|
4
4
|
*/
|
|
5
5
|
import type { ScanResult } from './types.js';
|
|
6
|
+
export interface ReportOptions {
|
|
7
|
+
showRemediation?: boolean;
|
|
8
|
+
}
|
|
6
9
|
/**
|
|
7
10
|
* Report scan results to terminal
|
|
8
11
|
*/
|
|
9
|
-
export declare function reportToTerminal(result: ScanResult): void;
|
|
12
|
+
export declare function reportToTerminal(result: ScanResult, options?: ReportOptions): void;
|
|
10
13
|
/**
|
|
11
14
|
* Report scan results as JSON
|
|
12
15
|
*/
|
package/dist/reporter.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,UAAU,EAA6B,MAAM,YAAY,CAAC;AAExE,MAAM,WAAW,aAAa;IAC5B,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,GAAE,aAAkB,GAAG,IAAI,CAwFtF;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,CAErD"}
|
package/dist/reporter.js
CHANGED
|
@@ -3,10 +3,11 @@
|
|
|
3
3
|
* Formats scan results for terminal output with colors
|
|
4
4
|
*/
|
|
5
5
|
import chalk from 'chalk';
|
|
6
|
+
import Table from 'cli-table3';
|
|
6
7
|
/**
|
|
7
8
|
* Report scan results to terminal
|
|
8
9
|
*/
|
|
9
|
-
export function reportToTerminal(result) {
|
|
10
|
+
export function reportToTerminal(result, options = {}) {
|
|
10
11
|
console.log();
|
|
11
12
|
console.log(chalk.bold(`AcidTest v${result.version}`));
|
|
12
13
|
console.log();
|
|
@@ -57,9 +58,14 @@ export function reportToTerminal(result) {
|
|
|
57
58
|
...info
|
|
58
59
|
];
|
|
59
60
|
for (const finding of grouped) {
|
|
60
|
-
renderFinding(finding);
|
|
61
|
+
renderFinding(finding, options.showRemediation);
|
|
61
62
|
}
|
|
62
63
|
console.log();
|
|
64
|
+
// Show summary table if there are multiple findings
|
|
65
|
+
if (result.findings.length > 1) {
|
|
66
|
+
renderSummaryTable(result.findings);
|
|
67
|
+
console.log();
|
|
68
|
+
}
|
|
63
69
|
}
|
|
64
70
|
else {
|
|
65
71
|
console.log(chalk.green('No security issues detected.'));
|
|
@@ -82,7 +88,7 @@ export function reportAsJSON(result) {
|
|
|
82
88
|
/**
|
|
83
89
|
* Render a single finding
|
|
84
90
|
*/
|
|
85
|
-
function renderFinding(finding) {
|
|
91
|
+
function renderFinding(finding, showRemediation = false) {
|
|
86
92
|
const severityIcon = getSeverityIcon(finding.severity);
|
|
87
93
|
const severityColor = getSeverityColor(finding.severity);
|
|
88
94
|
// First line: severity and title
|
|
@@ -102,8 +108,82 @@ function renderFinding(finding) {
|
|
|
102
108
|
if (finding.evidence) {
|
|
103
109
|
console.log(` ${chalk.dim(finding.evidence)}`);
|
|
104
110
|
}
|
|
111
|
+
// Remediation suggestions (only shown when --fix flag is used)
|
|
112
|
+
if (showRemediation && finding.remediation) {
|
|
113
|
+
console.log();
|
|
114
|
+
console.log(` ${chalk.cyan.bold('💡 Suggested Fix:')}`);
|
|
115
|
+
console.log(` ${chalk.cyan(finding.remediation.title)}`);
|
|
116
|
+
for (const suggestion of finding.remediation.suggestions) {
|
|
117
|
+
console.log(` ${chalk.dim('•')} ${suggestion}`);
|
|
118
|
+
}
|
|
119
|
+
}
|
|
105
120
|
console.log();
|
|
106
121
|
}
|
|
122
|
+
/**
|
|
123
|
+
* Render summary table for findings
|
|
124
|
+
*/
|
|
125
|
+
function renderSummaryTable(findings) {
|
|
126
|
+
// Count findings by severity
|
|
127
|
+
const counts = {
|
|
128
|
+
CRITICAL: findings.filter(f => f.severity === 'CRITICAL').length,
|
|
129
|
+
HIGH: findings.filter(f => f.severity === 'HIGH').length,
|
|
130
|
+
MEDIUM: findings.filter(f => f.severity === 'MEDIUM').length,
|
|
131
|
+
LOW: findings.filter(f => f.severity === 'LOW').length,
|
|
132
|
+
INFO: findings.filter(f => f.severity === 'INFO').length,
|
|
133
|
+
};
|
|
134
|
+
// Get examples for each severity (up to 3)
|
|
135
|
+
const getExamples = (severity) => {
|
|
136
|
+
const severityFindings = findings.filter(f => f.severity === severity);
|
|
137
|
+
const examples = severityFindings.slice(0, 3).map(f => f.title);
|
|
138
|
+
return examples.join(', ') + (severityFindings.length > 3 ? '...' : '');
|
|
139
|
+
};
|
|
140
|
+
const table = new Table({
|
|
141
|
+
head: [chalk.bold('Severity'), chalk.bold('Count'), chalk.bold('Examples')],
|
|
142
|
+
colWidths: [12, 8, 45],
|
|
143
|
+
style: {
|
|
144
|
+
head: [],
|
|
145
|
+
border: ['dim']
|
|
146
|
+
}
|
|
147
|
+
});
|
|
148
|
+
// Only add rows for severities that have findings
|
|
149
|
+
if (counts.CRITICAL > 0) {
|
|
150
|
+
table.push([
|
|
151
|
+
chalk.red.bold('CRITICAL'),
|
|
152
|
+
chalk.red.bold(counts.CRITICAL.toString()),
|
|
153
|
+
getExamples('CRITICAL')
|
|
154
|
+
]);
|
|
155
|
+
}
|
|
156
|
+
if (counts.HIGH > 0) {
|
|
157
|
+
table.push([
|
|
158
|
+
chalk.red('HIGH'),
|
|
159
|
+
chalk.red(counts.HIGH.toString()),
|
|
160
|
+
getExamples('HIGH')
|
|
161
|
+
]);
|
|
162
|
+
}
|
|
163
|
+
if (counts.MEDIUM > 0) {
|
|
164
|
+
table.push([
|
|
165
|
+
chalk.yellow('MEDIUM'),
|
|
166
|
+
chalk.yellow(counts.MEDIUM.toString()),
|
|
167
|
+
getExamples('MEDIUM')
|
|
168
|
+
]);
|
|
169
|
+
}
|
|
170
|
+
if (counts.LOW > 0) {
|
|
171
|
+
table.push([
|
|
172
|
+
chalk.dim('LOW'),
|
|
173
|
+
chalk.dim(counts.LOW.toString()),
|
|
174
|
+
chalk.dim(getExamples('LOW'))
|
|
175
|
+
]);
|
|
176
|
+
}
|
|
177
|
+
if (counts.INFO > 0) {
|
|
178
|
+
table.push([
|
|
179
|
+
chalk.blue('INFO'),
|
|
180
|
+
chalk.blue(counts.INFO.toString()),
|
|
181
|
+
chalk.dim(getExamples('INFO'))
|
|
182
|
+
]);
|
|
183
|
+
}
|
|
184
|
+
console.log(chalk.bold('SUMMARY'));
|
|
185
|
+
console.log(table.toString());
|
|
186
|
+
}
|
|
107
187
|
/**
|
|
108
188
|
* Get icon for severity level
|
|
109
189
|
*/
|
package/dist/reporter.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reporter.js","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"reporter.js","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,KAAK,MAAM,YAAY,CAAC;AAO/B;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAkB,EAAE,UAAyB,EAAE;IAC9E,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,+BAA+B;IAC/B,MAAM,QAAQ,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9C,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CACT,gBAAgB,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,MAAM,CAAC,IAAI,QAAQ,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAC9F,CAAC;IACF,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,wDAAwD;IACxD,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IAErD,IAAI,OAAO,IAAI,MAAM,IAAI,QAAQ,EAAE,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QAEvC,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChE,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/D,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,mBAAmB;IACnB,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,oBAAoB;QACpB,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACxE,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC;QAC9D,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG;YACd,GAAG,QAAQ;YACX,GAAG,IAAI;YACP,GAAG,MAAM;YACT,GAAG,GAAG;YACN,GAAG,IAAI;SACR,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,OAAO,EAAE,CAAC;YAC9B,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;QAClD,CAAC;QAED,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,oDAAoD;QACpD,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,iBAAiB;IACjB,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;IAClF,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC;QAC9B,mBAAmB,CAAC,MAAM,CAAC,cAAc,CAAC,CAC3C,CAAC;IAEF,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,MAAkB;IAC7C,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAgB,EAAE,kBAA2B,KAAK;IACvE,MAAM,YAAY,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEzD,iCAAiC;IACjC,OAAO,CAAC,GAAG,CACT,KAAK,YAAY,IAAI,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAC9F,CAAC;IAEF,2BAA2B;IAC3B,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI;YAC3B,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE;YACnC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,SAAS;IACT,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,OAAO,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,WAAW;IACX,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,+DAA+D;IAC/D,IAAI,eAAe,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3C,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC5D,KAAK,MAAM,UAAU,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;YACzD,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,QAAmB;IAC7C,6BAA6B;IAC7B,MAAM,MAAM,GAAG;QACb,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;QAChE,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;QACxD,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM;QAC5D,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;QACtD,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;KACzD,CAAC;IAEF,2CAA2C;IAC3C,MAAM,WAAW,GAAG,CAAC,QAAkB,EAAU,EAAE;QACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;QACvE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAChE,OAAO,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,CAAC;IAEF,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC;QACtB,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3E,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QACtB,KAAK,EAAE;YACL,IAAI,EAAE,EAAE;YACR,MAAM,EAAE,CAAC,KAAK,CAAC;SAChB;KACF,CAAC,CAAC;IAEH,kDAAkD;IAClD,IAAI,MAAM,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC;YAC1B,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YAC1C,WAAW,CAAC,UAAU,CAAC;SACxB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC;YACjB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,WAAW,CAAC,MAAM,CAAC;SACpB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC;YACtB,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,WAAW,CAAC,QAAQ,CAAC;SACtB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC;YAChB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAChC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;YAClB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;SAC/B,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,QAAkB;IACzC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACxB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACxB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC3B,KAAK,KAAK;YACR,OAAO,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACxB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,QAAkB;IAC1C,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;QACxB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC,MAAM,CAAC;QACtB,KAAK,KAAK;YACR,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,IAAI,CAAC;IACtB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,MAAc;IACpC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC;QAC1B,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC;QAC3B,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;QACxB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;QAC9B,KAAK,OAAO;YACV,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;IAC1B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,KAAa;IACnC,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC;IACrD,MAAM,KAAK,GAAG,SAAS,GAAG,MAAM,CAAC;IAEjC,IAAI,KAAuB,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;SAChC,IAAI,KAAK,IAAI,EAAE;QAAE,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;;QACtC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC;IAEvB,OAAO,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;AAClE,CAAC"}
|
package/dist/scanner.d.ts
CHANGED
|
@@ -7,7 +7,7 @@ import type { ScanResult } from "./types.js";
|
|
|
7
7
|
* Main scan function
|
|
8
8
|
* Scans a skill directory or SKILL.md file
|
|
9
9
|
*/
|
|
10
|
-
export declare function scanSkill(skillPath: string): Promise<ScanResult>;
|
|
10
|
+
export declare function scanSkill(skillPath: string, showProgress?: boolean): Promise<ScanResult>;
|
|
11
11
|
/**
|
|
12
12
|
* Scan multiple skills/MCP servers in a directory
|
|
13
13
|
*/
|
package/dist/scanner.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAmB,UAAU,EAAW,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAmB,UAAU,EAAW,MAAM,YAAY,CAAC;AAevE;;;GAGG;AACH,wBAAsB,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,GAAE,OAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CAmFrG;AAuMD;;GAEG;AACH,wBAAsB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAuD5E"}
|
package/dist/scanner.js
CHANGED
|
@@ -12,17 +12,33 @@ import { scanCode } from "./layers/code.js";
|
|
|
12
12
|
import { scanCrossReference } from "./layers/crossref.js";
|
|
13
13
|
import { calculateScore, determineStatus, generateRecommendation, } from "./scoring.js";
|
|
14
14
|
import { detectMCPManifest, parseMCPManifest } from "./loaders/mcp-loader.js";
|
|
15
|
-
|
|
15
|
+
import { loadConfig, mergeConfig } from "./config.js";
|
|
16
|
+
const VERSION = "0.7.0";
|
|
16
17
|
/**
|
|
17
18
|
* Main scan function
|
|
18
19
|
* Scans a skill directory or SKILL.md file
|
|
19
20
|
*/
|
|
20
|
-
export async function scanSkill(skillPath) {
|
|
21
|
+
export async function scanSkill(skillPath, showProgress = false) {
|
|
22
|
+
let spinner = null;
|
|
23
|
+
// Show spinner only if requested (typically for CLI, not for tests)
|
|
24
|
+
if (showProgress) {
|
|
25
|
+
const ora = (await import('ora')).default;
|
|
26
|
+
spinner = ora('Loading skill...').start();
|
|
27
|
+
}
|
|
21
28
|
// Load the skill
|
|
22
29
|
const skill = await loadSkill(skillPath);
|
|
30
|
+
// Load configuration
|
|
31
|
+
const userConfig = loadConfig(skillPath);
|
|
32
|
+
const config = mergeConfig(userConfig);
|
|
23
33
|
// Run all four scanning layers
|
|
34
|
+
if (spinner)
|
|
35
|
+
spinner.text = 'Layer 1: Checking permissions...';
|
|
24
36
|
const layer1 = await scanPermissions(skill);
|
|
37
|
+
if (spinner)
|
|
38
|
+
spinner.text = 'Layer 2: Detecting injection patterns...';
|
|
25
39
|
const layer2 = await scanInjection(skill);
|
|
40
|
+
if (spinner)
|
|
41
|
+
spinner.text = 'Layer 3: Analyzing code...';
|
|
26
42
|
const layer3 = await scanCode(skill);
|
|
27
43
|
// Combine findings from layers 1-3 for cross-reference
|
|
28
44
|
const previousFindings = [
|
|
@@ -30,14 +46,23 @@ export async function scanSkill(skillPath) {
|
|
|
30
46
|
...layer2.findings,
|
|
31
47
|
...layer3.findings,
|
|
32
48
|
];
|
|
49
|
+
if (spinner)
|
|
50
|
+
spinner.text = 'Layer 4: Cross-referencing behaviors...';
|
|
33
51
|
const layer4 = await scanCrossReference(skill, previousFindings);
|
|
34
52
|
// Combine all findings
|
|
35
|
-
|
|
53
|
+
let allFindings = [
|
|
36
54
|
...layer1.findings,
|
|
37
55
|
...layer2.findings,
|
|
38
56
|
...layer3.findings,
|
|
39
57
|
...layer4.findings,
|
|
40
58
|
];
|
|
59
|
+
// Apply ignore filters from config
|
|
60
|
+
if (config.ignore?.patterns && config.ignore.patterns.length > 0) {
|
|
61
|
+
allFindings = allFindings.filter(f => !f.patternId || !config.ignore.patterns.includes(f.patternId));
|
|
62
|
+
}
|
|
63
|
+
if (config.ignore?.categories && config.ignore.categories.length > 0) {
|
|
64
|
+
allFindings = allFindings.filter(f => !config.ignore.categories.includes(f.category));
|
|
65
|
+
}
|
|
41
66
|
// Calculate score and status
|
|
42
67
|
const score = calculateScore(allFindings);
|
|
43
68
|
const status = determineStatus(score);
|
|
@@ -57,6 +82,9 @@ export async function scanSkill(skillPath) {
|
|
|
57
82
|
findings: allFindings,
|
|
58
83
|
recommendation,
|
|
59
84
|
};
|
|
85
|
+
if (spinner) {
|
|
86
|
+
spinner.succeed('Scan complete');
|
|
87
|
+
}
|
|
60
88
|
return result;
|
|
61
89
|
}
|
|
62
90
|
/**
|
package/dist/scanner.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EACL,cAAc,EACd,eAAe,EACf,sBAAsB,GACvB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EACL,cAAc,EACd,eAAe,EACf,sBAAsB,GACvB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC9E,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,SAAiB,EAAE,eAAwB,KAAK;IAC9E,IAAI,OAAO,GAAQ,IAAI,CAAC;IAExB,oEAAoE;IACpE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,GAAG,GAAG,CAAC,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC1C,OAAO,GAAG,GAAG,CAAC,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,iBAAiB;IACjB,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;IAEzC,qBAAqB;IACrB,MAAM,UAAU,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IAEvC,+BAA+B;IAC/B,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,kCAAkC,CAAC;IAC/D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,KAAK,CAAC,CAAC;IAE5C,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,0CAA0C,CAAC;IACvE,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,CAAC;IAE1C,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,4BAA4B,CAAC;IACzD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;IAErC,uDAAuD;IACvD,MAAM,gBAAgB,GAAG;QACvB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;KACnB,CAAC;IAEF,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,yCAAyC,CAAC;IACtE,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;IAEjE,uBAAuB;IACvB,IAAI,WAAW,GAAc;QAC3B,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;KACnB,CAAC;IAEF,mCAAmC;IACnC,IAAI,MAAM,CAAC,MAAM,EAAE,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjE,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACnC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,MAAO,CAAC,QAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAChE,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,EAAE,UAAU,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrE,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACnC,CAAC,MAAM,CAAC,MAAO,CAAC,UAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CACjD,CAAC;IACJ,CAAC;IAED,6BAA6B;IAC7B,MAAM,KAAK,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,sBAAsB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAEnE,2CAA2C;IAC3C,MAAM,MAAM,GAAe;QACzB,aAAa,EAAE,OAAO;QACtB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE;YACL,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK,CAAC,IAAI;SACjB;QACD,KAAK;QACL,MAAM;QACN,WAAW,EAAE,oBAAoB,CAAC,KAAK,CAAC,QAAQ,CAAC;QACjD,QAAQ,EAAE,WAAW;QACrB,cAAc;KACf,CAAC;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,SAAS,CAAC,SAAiB;IACxC,IAAI,QAAgB,CAAC;IAErB,2CAA2C;IAC3C,IAAI,UAAU,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/D,QAAQ,GAAG,SAAS,CAAC;IACvB,CAAC;SAAM,IACL,QAAQ,CAAC,SAAS,CAAC,KAAK,UAAU;QAClC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EACrC,CAAC;QACD,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IAED,qDAAqD;IACrD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC/C,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5B,OAAO,MAAM,cAAc,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACrD,CAAC;IAED,6BAA6B;IAC7B,MAAM,eAAe,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACpD,IAAI,eAAe,EAAE,CAAC;QACpB,OAAO,MAAM,aAAa,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,IAAI,KAAK,CACb,mDAAmD,QAAQ,EAAE,CAC9D,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,cAAc,CAC3B,QAAgB,EAChB,WAAmB;IAEnB,0BAA0B;IAC1B,MAAM,YAAY,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACxD,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;IAEpC,gCAAgC;IAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC;IAC7B,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC;IAEvC,uBAAuB;IACvB,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,eAAe,CAAC;IAEzE,6CAA6C;IAC7C,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,eAAe;QACf,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,QAAgB,EAChB,YAAoB;IAEpB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;IAEhD,oDAAoD;IACpD,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAEpE,wBAAwB;IACxB,MAAM,UAAU,GACd,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC;IAEvE,sBAAsB;IACtB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,eAAe;QACf,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,QAAa;IAKzC,cAAc;IACd,IAAI,IAAI,GAAa,EAAE,CAAC;IACxB,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;QAClB,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAED,aAAa;IACb,IAAI,GAAG,GAAa,EAAE,CAAC;IACvB,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;QACjB,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACpE,CAAC;IAED,uBAAuB;IACvB,IAAI,KAAK,GAAa,EAAE,CAAC;IACzB,IAAI,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAC9B,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;YAC9C,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;YAC3B,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;IAClC,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAAC,QAAgB;IAC3C,MAAM,SAAS,GAAe,EAAE,CAAC;IAEjC,wCAAwC;IACxC,MAAM,QAAQ,GAAG;QACf,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;QACzB,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;QACzB,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;QAC1B,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;KAC3B,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;gBAChC,MAAM,EAAE;oBACN,oBAAoB;oBACpB,YAAY;oBACZ,aAAa;oBACb,iBAAiB;oBACjB,aAAa;oBACb,YAAY;oBACZ,2BAA2B;oBAC3B,2BAA2B;oBAC3B,gBAAgB;oBAChB,gBAAgB;oBAChB,YAAY;oBACZ,cAAc;oBACd,aAAa;oBACb,aAAa;oBACb,cAAc;oBACd,gBAAgB;oBAChB,aAAa;oBACb,cAAc;oBACd,cAAc;iBACf;aACF,CAAC,CAAC;YAEH,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;gBAC7B,IAAI,CAAC;oBACH,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;oBAChD,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;oBAE7D,2BAA2B;oBAC3B,IAAI,SAAsC,CAAC;oBAC3C,IAAI,GAAG,KAAK,IAAI;wBAAE,SAAS,GAAG,IAAI,CAAC;yBAC9B,IAAI,GAAG,KAAK,KAAK;wBAAE,SAAS,GAAG,KAAK,CAAC;yBACrC,IAAI,GAAG,KAAK,KAAK;wBAAE,SAAS,GAAG,KAAK,CAAC;;wBACrC,SAAS,GAAG,IAAI,CAAC;oBAEtB,SAAS,CAAC,IAAI,CAAC;wBACb,IAAI,EAAE,QAAQ;wBACd,OAAO;wBACP,SAAS;qBACV,CAAC,CAAC;gBACL,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,gCAAgC;oBAChC,OAAO,CAAC,IAAI,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,6BAA6B;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,SAAiB;IACnD,MAAM,OAAO,GAAiB,EAAE,CAAC;IACjC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC,CAAC,gDAAgD;IAEnF,0BAA0B;IAC1B,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IACpD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE;QAC1C,MAAM,EAAE,CAAC,oBAAoB,CAAC;KAC/B,CAAC,CAAC;IAEH,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;QACpC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,SAAS;QACpC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;YAC1C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CACV,oCAAoC,SAAS,GAAG,EAC/C,KAAe,CAAC,OAAO,CACzB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,MAAM,WAAW,GAAG;QAClB,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;QAC9B,IAAI,CAAC,SAAS,EAAE,gBAAgB,CAAC;KAClC,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;YACxC,MAAM,EAAE,CAAC,oBAAoB,CAAC;SAC/B,CAAC,CAAC;QAEH,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;YACzC,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;YAC1C,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;gBAAE,SAAS;YACvC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YAEzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,CAAC;gBAC7C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CACV,yCAAyC,YAAY,GAAG,EACvD,KAAe,CAAC,OAAO,CACzB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -13,6 +13,19 @@ export interface PatternMatch {
|
|
|
13
13
|
value: string;
|
|
14
14
|
flags?: string;
|
|
15
15
|
}
|
|
16
|
+
/**
|
|
17
|
+
* Remediation suggestion for a finding
|
|
18
|
+
*/
|
|
19
|
+
export interface Remediation {
|
|
20
|
+
title: string;
|
|
21
|
+
suggestions: string[];
|
|
22
|
+
autofix?: boolean;
|
|
23
|
+
fixAction?: {
|
|
24
|
+
type: 'replace';
|
|
25
|
+
pattern: string;
|
|
26
|
+
replacement: string;
|
|
27
|
+
};
|
|
28
|
+
}
|
|
16
29
|
/**
|
|
17
30
|
* Detection pattern definition
|
|
18
31
|
*/
|
|
@@ -24,6 +37,7 @@ export interface Pattern {
|
|
|
24
37
|
match: PatternMatch;
|
|
25
38
|
layer: Layer;
|
|
26
39
|
category?: string;
|
|
40
|
+
remediation?: Remediation;
|
|
27
41
|
}
|
|
28
42
|
/**
|
|
29
43
|
* Pattern category file structure
|
|
@@ -74,6 +88,7 @@ export interface Finding {
|
|
|
74
88
|
detail: string;
|
|
75
89
|
evidence?: string;
|
|
76
90
|
patternId?: string;
|
|
91
|
+
remediation?: Remediation;
|
|
77
92
|
}
|
|
78
93
|
/**
|
|
79
94
|
* Layer scan result
|
|
@@ -120,4 +135,23 @@ export interface CliOptions {
|
|
|
120
135
|
json?: boolean;
|
|
121
136
|
verbose?: boolean;
|
|
122
137
|
}
|
|
138
|
+
/**
|
|
139
|
+
* AcidTest configuration file schema (.acidtest.json)
|
|
140
|
+
*/
|
|
141
|
+
export interface AcidTestConfig {
|
|
142
|
+
ignore?: {
|
|
143
|
+
patterns?: string[];
|
|
144
|
+
categories?: string[];
|
|
145
|
+
files?: string[];
|
|
146
|
+
};
|
|
147
|
+
thresholds?: {
|
|
148
|
+
minScore?: number;
|
|
149
|
+
failOn?: Severity[];
|
|
150
|
+
};
|
|
151
|
+
output?: {
|
|
152
|
+
format?: 'detailed' | 'compact' | 'json';
|
|
153
|
+
showRemediation?: boolean;
|
|
154
|
+
colors?: boolean;
|
|
155
|
+
};
|
|
156
|
+
}
|
|
123
157
|
//# sourceMappingURL=types.d.ts.map
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;AAEnE,MAAM,MAAM,KAAK,GAAG,aAAa,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;AAErE,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,KAAK,GAAG,OAAO,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,gBAAgB,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,YAAY,CAAC;IACpB,KAAK,EAAE,KAAK,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;AAEnE,MAAM,MAAM,KAAK,GAAG,aAAa,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;AAErE,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,KAAK,GAAG,OAAO,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,gBAAgB,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE;QACV,IAAI,EAAE,SAAS,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,YAAY,CAAC;IACpB,KAAK,EAAE,KAAK,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,KAAK;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,QAAQ,EAAE,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,GAAG,KAAK,GAAG,KAAK,CAAC;CACxC;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,KAAK,CAAC;IACb,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE;QACL,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE;QACX,IAAI,EAAE,MAAM,EAAE,CAAC;QACf,GAAG,EAAE,MAAM,EAAE,CAAC;QACd,KAAK,EAAE,MAAM,EAAE,CAAC;KACjB,CAAC;IACF,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE;QACP,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IACF,UAAU,CAAC,EAAE;QACX,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC;KACrB,CAAC;IACF,MAAM,CAAC,EAAE;QACP,MAAM,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;QACzC,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB,CAAC;CACH"}
|
package/dist/watch.d.ts
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Watch mode implementation
|
|
3
|
+
* Re-scans skills on file changes
|
|
4
|
+
*/
|
|
5
|
+
export interface WatchOptions {
|
|
6
|
+
noClear?: boolean;
|
|
7
|
+
jsonOutput?: boolean;
|
|
8
|
+
showRemediation?: boolean;
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Start watch mode for a skill directory
|
|
12
|
+
*/
|
|
13
|
+
export declare function watchMode(skillPath: string, options?: WatchOptions): Promise<void>;
|
|
14
|
+
//# sourceMappingURL=watch.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"watch.d.ts","sourceRoot":"","sources":["../src/watch.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAOH,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,GAAE,YAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CA8I5F"}
|