acidtest 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +79 -12
- package/dist/index.js +1 -1
- package/dist/layers/crossref.d.ts.map +1 -1
- package/dist/layers/crossref.js +7 -0
- package/dist/layers/crossref.js.map +1 -1
- package/dist/layers/injection.d.ts.map +1 -1
- package/dist/layers/injection.js +8 -1
- package/dist/layers/injection.js.map +1 -1
- package/dist/layers/permissions.d.ts.map +1 -1
- package/dist/layers/permissions.js +7 -0
- package/dist/layers/permissions.js.map +1 -1
- package/dist/mcp-server.js +1 -1
- package/dist/reporter.d.ts.map +1 -1
- package/dist/reporter.js +6 -0
- package/dist/reporter.js.map +1 -1
- package/dist/scanner.d.ts.map +1 -1
- package/dist/scanner.js +37 -2
- package/dist/scanner.js.map +1 -1
- package/dist/scanner.test.js +31 -0
- package/dist/scanner.test.js.map +1 -1
- package/dist/types.d.ts +3 -1
- package/dist/types.d.ts.map +1 -1
- package/package.json +1 -1
- package/test-fixtures/fixture-no-manifest-node/README.md +4 -0
- package/test-fixtures/fixture-no-manifest-node/index.js +24 -0
- package/test-fixtures/fixture-no-manifest-python/README.md +4 -0
- package/test-fixtures/fixture-no-manifest-python/app.py +24 -0
package/README.md
CHANGED
|
@@ -26,35 +26,50 @@
|
|
|
26
26
|
|
|
27
27
|
## The Problem
|
|
28
28
|
|
|
29
|
-
The AI agent
|
|
29
|
+
**February 2026: The AI agent security crisis went mainstream.**
|
|
30
30
|
|
|
31
|
+
Researchers discovered **341 malicious skills on ClawHub** (12% of all published skills):
|
|
32
|
+
- **ClawHavoc campaign:** 335 infostealer packages deploying Atomic macOS Stealer
|
|
33
|
+
- **283 skills leaking credentials** (7.1% of ecosystem)
|
|
34
|
+
- **1,467 security flaws** found by Snyk across 3,984 scanned skills (36.82%)
|
|
35
|
+
- **30,000+ exposed OpenClaw instances** on the public internet
|
|
36
|
+
|
|
37
|
+
The ecosystem is growing faster than security can keep up:
|
|
31
38
|
- **No centralized vetting**: Unlike mobile app stores, there's no security review before skills are published
|
|
32
39
|
- **Broad permissions**: Skills can request file system access, environment variables, and network calls
|
|
33
40
|
- **Supply chain risks**: Dependencies and third-party code run with full skill permissions
|
|
34
41
|
- **Prompt injection**: Malicious skills can manipulate AI behavior through carefully crafted prompts
|
|
35
|
-
- **Credential harvesting**: Skills requesting API keys and tokens without proper justification
|
|
36
|
-
|
|
37
|
-
Recent ecosystem incidents highlight these risks:
|
|
38
|
-
- Mass uploads of malicious skills to public marketplaces
|
|
39
|
-
- Skills with undeclared network calls exfiltrating data
|
|
40
|
-
- Obfuscated code hiding malicious behavior
|
|
41
|
-
- Permission escalation through dynamic imports
|
|
42
42
|
|
|
43
43
|
**AcidTest provides security scanning before installation**, helping you identify risks before they reach your system.
|
|
44
44
|
|
|
45
|
+
Industry response:
|
|
46
|
+
- OpenClaw integrated VirusTotal scanning (February 7, 2026)
|
|
47
|
+
- Cisco released an LLM-based Skill Scanner
|
|
48
|
+
- Snyk published ToxicSkills research
|
|
49
|
+
|
|
50
|
+
**AcidTest's differentiator:** Dataflow analysis. We track data flow from sources to sinks, catching multi-step attacks that pattern matching alone misses.
|
|
51
|
+
|
|
45
52
|
## Quick Start
|
|
46
53
|
```bash
|
|
47
54
|
# See AcidTest in action
|
|
48
55
|
npx acidtest demo
|
|
49
56
|
|
|
50
|
-
# Scan
|
|
57
|
+
# Scan ANY AI agent code (works on any Python/TypeScript project)
|
|
51
58
|
npx acidtest scan ./my-skill
|
|
52
|
-
|
|
53
|
-
# Scan an MCP server
|
|
54
59
|
npx acidtest scan ./my-mcp-server
|
|
60
|
+
npx acidtest scan ./downloaded-from-clawhub
|
|
61
|
+
|
|
62
|
+
# No manifest required - we scan the code anyway
|
|
63
|
+
npx acidtest scan ./suspicious-python-script
|
|
55
64
|
```
|
|
56
65
|
|
|
57
|
-
No API keys. No configuration
|
|
66
|
+
**No manifest required. No API keys. No configuration.** Works with AgentSkills, MCP servers, or any Python/TypeScript code.
|
|
67
|
+
|
|
68
|
+
**What makes us different:**
|
|
69
|
+
- ✅ Scans code even without SKILL.md or mcp.json
|
|
70
|
+
- ✅ Dataflow analysis tracks multi-step attacks
|
|
71
|
+
- ✅ 104 patterns across 14 threat categories
|
|
72
|
+
- ✅ Runs completely offline (no cloud uploads)
|
|
58
73
|
|
|
59
74
|
## Example Output
|
|
60
75
|
```
|
|
@@ -146,6 +161,32 @@ Works with both SKILL.md (AgentSkills) and MCP manifests (mcp.json, server.json,
|
|
|
146
161
|
|
|
147
162
|
**Defense-in-depth approach:** Use AcidTest **with** `npm audit` and sandboxing for comprehensive security.
|
|
148
163
|
|
|
164
|
+
## What Makes Us Different
|
|
165
|
+
|
|
166
|
+
The ClawHub crisis triggered a wave of security tools. Here's how we compare:
|
|
167
|
+
|
|
168
|
+
**vs. Cisco Skill Scanner:** They use LLM-as-judge (semantic inspection). We use dataflow analysis (deterministic, free, explainable).
|
|
169
|
+
|
|
170
|
+
**vs. VirusTotal:** They use malware signatures (hash-based). We use static analysis (behavior-based). Use both: VirusTotal for known threats, AcidTest for novel attacks.
|
|
171
|
+
|
|
172
|
+
**vs. Snyk:** They did excellent research (ToxicSkills report). We built a tool you can run locally today.
|
|
173
|
+
|
|
174
|
+
**vs. Clawhatch:** They have 128 regex checks. We have 104 AST patterns + dataflow/taint propagation.
|
|
175
|
+
|
|
176
|
+
**Our unique value:** Layer 5 Dataflow Analysis tracks data from sources (env vars, user input) through assignments and function calls to dangerous sinks (exec, eval, fetch).
|
|
177
|
+
|
|
178
|
+
Example of what dataflow catches that pattern matching misses:
|
|
179
|
+
```python
|
|
180
|
+
# Pattern matching: "subprocess imported" → MEDIUM
|
|
181
|
+
# Dataflow: "user input → subprocess shell=True" → CRITICAL
|
|
182
|
+
|
|
183
|
+
cmd = sys.argv[1] # SOURCE
|
|
184
|
+
subprocess.call(f"echo {cmd}", shell=True) # SINK
|
|
185
|
+
# AcidTest detects the 2-step command injection path
|
|
186
|
+
```
|
|
187
|
+
|
|
188
|
+
See [METHODOLOGY.md](./METHODOLOGY.md) for technical details.
|
|
189
|
+
|
|
149
190
|
## Install
|
|
150
191
|
```bash
|
|
151
192
|
npm install -g acidtest
|
|
@@ -409,6 +450,32 @@ TODO: Add testimonials from dogfooding campaign (Task 1 - Phase 2)
|
|
|
409
450
|
> — [Company Name]
|
|
410
451
|
-->
|
|
411
452
|
|
|
453
|
+
## Our Take on the Crisis
|
|
454
|
+
|
|
455
|
+
The ClawHub security findings (341 malicious skills, 12%) are a wake-up call, but not a death sentence.
|
|
456
|
+
|
|
457
|
+
**What we believe:**
|
|
458
|
+
|
|
459
|
+
**1. The crisis is real, but concentrated**
|
|
460
|
+
- 90% of skills are secure (our validation: 145/161 PASS)
|
|
461
|
+
- ClawHavoc campaign = 335 of 341 malicious skills
|
|
462
|
+
- Ecosystem can recover with better tooling
|
|
463
|
+
|
|
464
|
+
**2. No single tool is the answer**
|
|
465
|
+
Defense-in-depth means using multiple layers:
|
|
466
|
+
- AcidTest (pre-install static analysis)
|
|
467
|
+
- npm audit (dependency vulnerabilities)
|
|
468
|
+
- VirusTotal (known malware)
|
|
469
|
+
- Sandboxing (runtime isolation)
|
|
470
|
+
|
|
471
|
+
**3. Transparency builds trust**
|
|
472
|
+
We're honest about our ~90-95% detection rate. We document what we can't catch. We show our work in [METHODOLOGY.md](./METHODOLOGY.md).
|
|
473
|
+
|
|
474
|
+
**4. Open source is the path forward**
|
|
475
|
+
Proprietary scanners create vendor lock-in. Our 104 patterns are JSON files you can review, improve, and contribute to.
|
|
476
|
+
|
|
477
|
+
**Scan before you install. Make it a habit.**
|
|
478
|
+
|
|
412
479
|
## Contributing
|
|
413
480
|
|
|
414
481
|
Detection patterns are JSON files in `src/patterns/`. Add new patterns and submit a PR.
|
package/dist/index.js
CHANGED
|
@@ -9,7 +9,7 @@ import { loadConfig, mergeConfig } from "./config.js";
|
|
|
9
9
|
import { join, dirname } from "path";
|
|
10
10
|
import { fileURLToPath } from "url";
|
|
11
11
|
import { spawn } from "child_process";
|
|
12
|
-
const VERSION = "1.0.
|
|
12
|
+
const VERSION = "1.0.1";
|
|
13
13
|
/**
|
|
14
14
|
* Main CLI function
|
|
15
15
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crossref.d.ts","sourceRoot":"","sources":["../../src/layers/crossref.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/D;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,KAAK,EACZ,gBAAgB,EAAE,OAAO,EAAE,GAC1B,OAAO,CAAC,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"crossref.d.ts","sourceRoot":"","sources":["../../src/layers/crossref.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/D;;GAEG;AACH,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,KAAK,EACZ,gBAAgB,EAAE,OAAO,EAAE,GAC1B,OAAO,CAAC,WAAW,CAAC,CAmLtB"}
|
package/dist/layers/crossref.js
CHANGED
|
@@ -8,6 +8,13 @@
|
|
|
8
8
|
export async function scanCrossReference(skill, previousFindings) {
|
|
9
9
|
const findings = [];
|
|
10
10
|
const metadata = skill.metadata;
|
|
11
|
+
// Skip cross-reference if no manifest found (empty metadata)
|
|
12
|
+
if (!skill.hasManifest || Object.keys(metadata).length === 0) {
|
|
13
|
+
return {
|
|
14
|
+
layer: 'crossref',
|
|
15
|
+
findings: [] // Empty findings array, no error
|
|
16
|
+
};
|
|
17
|
+
}
|
|
11
18
|
// Extract findings by category
|
|
12
19
|
const networkFindings = previousFindings.filter(f => f.category.includes('network') ||
|
|
13
20
|
f.category === 'exfiltration-sinks' ||
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crossref.js","sourceRoot":"","sources":["../../src/layers/crossref.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAY,EACZ,gBAA2B;IAE3B,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAEhC,+BAA+B;IAC/B,MAAM,eAAe,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAClD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC9B,CAAC,CAAC,QAAQ,KAAK,oBAAoB;QACnC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,KAAK,CAAC,CAC/B,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC;QACpC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC5B,CAAC,CAAC,SAAS,KAAK,QAAQ,CACzB,CAAC;IAEF,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACrD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;QACjC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC;QACtC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,KAAK,CAAC,CAC/B,CAAC;IAEF,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACpD,CAAC,CAAC,SAAS,KAAK,QAAQ,CAAC,qBAAqB;KAC/C,CAAC;IAEF,2BAA2B;IAC3B,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;IACxC,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,IAAI,EAAE,CAAC;IAEtC,0CAA0C;IAC1C,2FAA2F;IAC3F,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/C,MAAM,eAAe,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC/C,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACxE,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CACjC,CACF,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC1B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAC9D,CAAC;QAEF,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,2BAA2B;gBAClC,MAAM,EAAE,yEAAyE;gBACjF,QAAQ,EAAE,SAAS,eAAe,CAAC,MAAM,qCAAqC;aAC/E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,aAAa,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC7C,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC7C,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAChC,CACF,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC1B,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC3D,GAAG,CAAC,WAAW,EAAE,KAAK,EAAE,CACzB,CACF,CAAC;QAEF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,4BAA4B;gBACnC,MAAM,EAAE,2EAA2E;gBACnF,QAAQ,EAAE,SAAS,aAAa,CAAC,MAAM,mCAAmC;aAC3E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,0CAA0C;IAC1C,6EAA6E;IAC7E,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1C,CAAC,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CACtD,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAChC,CACF,CAAC;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,+BAA+B;gBACtC,MAAM,EAAE,sFAAsF;gBAC9F,QAAQ,EAAE,SAAS,kBAAkB,CAAC,MAAM,wCAAwC;aACrF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,iEAAiE;IACjE,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/E,iDAAiD;QACjD,MAAM,WAAW,GAAG,sBAAsB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAE5D,2BAA2B;QAC3B,MAAM,iBAAiB,GAAG,WAAW,CAAC,MAAM,CAC1C,MAAM,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CACvC,CAAC;QAEF,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,wCAAwC;gBAC/C,MAAM,EAAE,oEAAoE;gBAC5E,QAAQ,EAAE,yBAAyB,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;aAC1H,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,MAAM,WAAW,GAAG,CAAC,QAAQ,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAC/D,MAAM,cAAc,GAAG,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;IAC7F,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;IAExE,IAAI,WAAW,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,qBAAqB;YAC/B,KAAK,EAAE,wCAAwC;YAC/C,MAAM,EAAE,yBAAyB,QAAQ,CAAC,WAAW,2BAA2B;YAChF,QAAQ,EAAE,+DAA+D;SAC1E,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,mEAAmE;QACnE,MAAM,aAAa,GAAG,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAEpF,IAAI,aAAa,GAAG,MAAM,IAAI,WAAW,EAAE,CAAC;YAC1C,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,yCAAyC;gBAChD,MAAM,EAAE,WAAW,aAAa,iEAAiE;gBACjG,QAAQ,EAAE,mDAAmD;aAC9D,CAAC,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;YAC3C,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,aAAa,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACtD,OAAO,aAAa,GAAG,GAAG,CAAC,CAAC,iDAAiD;QAC/E,CAAC,CAAC,CAAC;QAEH,IAAI,WAAW,EAAE,CAAC;YAChB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,sCAAsC;gBAC7C,MAAM,EAAE,2CAA2C;gBACnD,QAAQ,EAAE,kEAAkE;aAC7E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,UAAU;QACjB,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,SAAgB;IAC9C,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,MAAM,UAAU,GAAG,mCAAmC,CAAC;IAEvD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,KAAK,CAAC;QACV,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAC7B,CAAC"}
|
|
1
|
+
{"version":3,"file":"crossref.js","sourceRoot":"","sources":["../../src/layers/crossref.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAY,EACZ,gBAA2B;IAE3B,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAEhC,6DAA6D;IAC7D,IAAI,CAAC,KAAK,CAAC,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7D,OAAO;YACL,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,EAAE,CAAC,iCAAiC;SAC/C,CAAC;IACJ,CAAC;IAED,+BAA+B;IAC/B,MAAM,eAAe,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAClD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC9B,CAAC,CAAC,QAAQ,KAAK,oBAAoB;QACnC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,KAAK,CAAC,CAC/B,CAAC;IAEF,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC;QACpC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC5B,CAAC,CAAC,SAAS,KAAK,QAAQ,CACzB,CAAC;IAEF,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACrD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;QACjC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC;QACtC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,KAAK,CAAC,CAC/B,CAAC;IAEF,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACpD,CAAC,CAAC,SAAS,KAAK,QAAQ,CAAC,qBAAqB;KAC/C,CAAC;IAEF,2BAA2B;IAC3B,MAAM,YAAY,GAAG,QAAQ,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;IACxC,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,IAAI,EAAE,CAAC;IAEtC,0CAA0C;IAC1C,2FAA2F;IAC3F,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/C,MAAM,eAAe,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC/C,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CACxE,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CACjC,CACF,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC1B,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAC9D,CAAC;QAEF,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,2BAA2B;gBAClC,MAAM,EAAE,yEAAyE;gBACjF,QAAQ,EAAE,SAAS,eAAe,CAAC,MAAM,qCAAqC;aAC/E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,aAAa,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC7C,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC7C,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAChC,CACF,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC1B,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC3D,GAAG,CAAC,WAAW,EAAE,KAAK,EAAE,CACzB,CACF,CAAC;QAEF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,4BAA4B;gBACnC,MAAM,EAAE,2EAA2E;gBACnF,QAAQ,EAAE,SAAS,aAAa,CAAC,MAAM,mCAAmC;aAC3E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,0CAA0C;IAC1C,6EAA6E;IAC7E,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1C,CAAC,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CACtD,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAChC,CACF,CAAC;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,+BAA+B;gBACtC,MAAM,EAAE,sFAAsF;gBAC9F,QAAQ,EAAE,SAAS,kBAAkB,CAAC,MAAM,wCAAwC;aACrF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,iEAAiE;IACjE,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/E,iDAAiD;QACjD,MAAM,WAAW,GAAG,sBAAsB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAE5D,2BAA2B;QAC3B,MAAM,iBAAiB,GAAG,WAAW,CAAC,MAAM,CAC1C,MAAM,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CACvC,CAAC;QAEF,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,qBAAqB;gBAC/B,KAAK,EAAE,wCAAwC;gBAC/C,MAAM,EAAE,oEAAoE;gBAC5E,QAAQ,EAAE,yBAAyB,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;aAC1H,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,MAAM,WAAW,GAAG,CAAC,QAAQ,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAC/D,MAAM,cAAc,GAAG,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;IAC7F,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;IAExE,IAAI,WAAW,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,qBAAqB;YAC/B,KAAK,EAAE,wCAAwC;YAC/C,MAAM,EAAE,yBAAyB,QAAQ,CAAC,WAAW,2BAA2B;YAChF,QAAQ,EAAE,+DAA+D;SAC1E,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,mEAAmE;QACnE,MAAM,aAAa,GAAG,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAEpF,IAAI,aAAa,GAAG,MAAM,IAAI,WAAW,EAAE,CAAC;YAC1C,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,yCAAyC;gBAChD,MAAM,EAAE,WAAW,aAAa,iEAAiE;gBACjG,QAAQ,EAAE,mDAAmD;aAC9D,CAAC,CAAC;QACL,CAAC;QAED,0BAA0B;QAC1B,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;YAC3C,MAAM,KAAK,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACpC,MAAM,aAAa,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACtD,OAAO,aAAa,GAAG,GAAG,CAAC,CAAC,iDAAiD;QAC/E,CAAC,CAAC,CAAC;QAEH,IAAI,WAAW,EAAE,CAAC;YAChB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,sCAAsC;gBAC7C,MAAM,EAAE,2CAA2C;gBACnD,QAAQ,EAAE,kEAAkE;aAC7E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,UAAU;QACjB,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,SAAgB;IAC9C,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,MAAM,UAAU,GAAG,mCAAmC,CAAC;IAEvD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,KAAK,CAAC;QACV,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAC7B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"injection.d.ts","sourceRoot":"","sources":["../../src/layers/injection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAW,WAAW,EAAE,MAAM,aAAa,CAAC;AAG/D;;GAEG;AACH,wBAAsB,aAAa,CAAC,KAAK,EAAE,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"injection.d.ts","sourceRoot":"","sources":["../../src/layers/injection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAW,WAAW,EAAE,MAAM,aAAa,CAAC;AAG/D;;GAEG;AACH,wBAAsB,aAAa,CAAC,KAAK,EAAE,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,CA4EtE"}
|
package/dist/layers/injection.js
CHANGED
|
@@ -8,7 +8,14 @@ import { loadPatterns } from '../pattern-loader.js';
|
|
|
8
8
|
*/
|
|
9
9
|
export async function scanInjection(skill) {
|
|
10
10
|
const findings = [];
|
|
11
|
-
const markdown = skill.markdownContent;
|
|
11
|
+
const markdown = skill.markdownContent || '';
|
|
12
|
+
// Skip markdown scanning if no markdown content
|
|
13
|
+
if (!markdown || markdown.length === 0) {
|
|
14
|
+
return {
|
|
15
|
+
layer: 'markdown',
|
|
16
|
+
findings: []
|
|
17
|
+
};
|
|
18
|
+
}
|
|
12
19
|
// Load prompt injection and sensitive path patterns
|
|
13
20
|
const promptPatterns = await loadPatterns('prompt-injection');
|
|
14
21
|
const pathPatterns = await loadPatterns('sensitive-paths');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"injection.js","sourceRoot":"","sources":["../../src/layers/injection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAY;IAC9C,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"injection.js","sourceRoot":"","sources":["../../src/layers/injection.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAY;IAC9C,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,eAAe,IAAI,EAAE,CAAC;IAE7C,gDAAgD;IAChD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvC,OAAO;YACL,KAAK,EAAE,UAAU;YACjB,QAAQ,EAAE,EAAE;SACb,CAAC;IACJ,CAAC;IAED,oDAAoD;IACpD,MAAM,cAAc,GAAG,MAAM,YAAY,CAAC,kBAAkB,CAAC,CAAC;IAC9D,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,iBAAiB,CAAC,CAAC;IAE3D,gDAAgD;IAChD,MAAM,WAAW,GAAG,CAAC,GAAG,cAAc,EAAE,GAAG,YAAY,CAAC,CAAC,MAAM,CAC7D,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,UAAU,CAC5B,CAAC;IAEF,4BAA4B;IAC5B,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QACzE,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEtC,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,wCAAwC;YACxC,MAAM,UAAU,GAAG,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;YAExD,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,kBAAkB;gBAChD,KAAK,EAAE,OAAO,CAAC,IAAI;gBACnB,IAAI,EAAE,UAAU;gBAChB,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,OAAO,CAAC,WAAW,IAAI,kBAAkB,OAAO,CAAC,IAAI,EAAE;gBAC/D,QAAQ,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,MAAM,gBAAgB,CAAC,CAAC,CAAC,WAAW,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG;gBAC1G,SAAS,EAAE,OAAO,CAAC,EAAE;gBACrB,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;aACjE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8BAA8B;IAE9B,qEAAqE;IACrE,IAAI,QAAQ,CAAC,MAAM,GAAG,KAAK,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,iBAAiB;YAC3B,KAAK,EAAE,qCAAqC;YAC5C,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,0BAA0B,QAAQ,CAAC,MAAM,aAAa;YAC9D,QAAQ,EAAE,wCAAwC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,uEAAuE;IACvE,MAAM,aAAa,GAAG,4BAA4B,CAAC;IACnD,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;IACpD,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,aAAa;YACvB,KAAK,EAAE,6CAA6C;YACpD,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,SAAS,aAAa,CAAC,MAAM,2BAA2B;YAChE,QAAQ,EAAE,iDAAiD;SAC5D,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,KAAK,EAAE,UAAU;QACjB,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,IAAY,EAAE,KAAa;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,KAAK,KAAK,CAAC,CAAC;QAAE,OAAO,SAAS,CAAC;IAEnC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC7C,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;IAElD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,GAAW,EAAE,SAAiB;IAC9C,2CAA2C;IAC3C,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAEhD,IAAI,OAAO,CAAC,MAAM,IAAI,SAAS,EAAE,CAAC;QAChC,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,OAAO,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC;AACjD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/layers/permissions.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAW,WAAW,EAAW,MAAM,aAAa,CAAC;AAGxE;;GAEG;AACH,wBAAsB,eAAe,CAAC,KAAK,EAAE,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/layers/permissions.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,KAAK,EAAW,WAAW,EAAW,MAAM,aAAa,CAAC;AAGxE;;GAEG;AACH,wBAAsB,eAAe,CAAC,KAAK,EAAE,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,CA2IxE"}
|
|
@@ -9,6 +9,13 @@ import { loadPatterns } from '../pattern-loader.js';
|
|
|
9
9
|
export async function scanPermissions(skill) {
|
|
10
10
|
const findings = [];
|
|
11
11
|
const metadata = skill.metadata;
|
|
12
|
+
// Skip permission audit if no manifest found (empty metadata)
|
|
13
|
+
if (!skill.hasManifest || Object.keys(metadata).length === 0) {
|
|
14
|
+
return {
|
|
15
|
+
layer: 'permissions',
|
|
16
|
+
findings: [] // Empty findings array, no error
|
|
17
|
+
};
|
|
18
|
+
}
|
|
12
19
|
// Load credential patterns for environment variable scanning
|
|
13
20
|
const credentialPatterns = await loadPatterns('credential-patterns');
|
|
14
21
|
// Check for no declared permissions (suspicious)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/layers/permissions.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,KAAY;IAChD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAEhC,6DAA6D;IAC7D,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC,qBAAqB,CAAC,CAAC;IAErE,iDAAiD;IACjD,8EAA8E;IAC9E,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAClF,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,aAAa;YACvB,KAAK,EAAE,yBAAyB;YAChC,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,6DAA6D;YACrE,QAAQ,EAAE,6DAA6D;SACxE,CAAC,CAAC;IACL,CAAC;IAED,qDAAqD;IACrD,IAAI,QAAQ,CAAC,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;YAClC,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;gBACzC,IAAI,OAAO,CAAC,KAAK,KAAK,aAAa;oBAAE,SAAS;gBAE9C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBACnE,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACvB,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,QAAQ,EAAE,oBAAoB;wBAC9B,KAAK,EAAE,OAAO,CAAC,IAAI;wBACnB,IAAI,EAAE,UAAU;wBAChB,MAAM,EAAE,6CAA6C,MAAM,EAAE;wBAC7D,QAAQ,EAAE,OAAO,CAAC,WAAW;wBAC7B,SAAS,EAAE,OAAO,CAAC,EAAE;wBACrB,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;qBACjE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,gDAAgD;IAChD,IAAI,QAAQ,CAAC,eAAe,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC;QAC1E,MAAM,KAAK,GAAG,QAAQ,CAAC,eAAe,CAAC,CAAC;QAExC,oCAAoC;QACpC,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACxD,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CACrE,CAAC;QAEF,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,sBAAsB;gBAChC,KAAK,EAAE,4BAA4B;gBACnC,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,mDAAmD;gBAC3D,QAAQ,EAAE,kBAAkB,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAChH,CAAC,CAAC;QACL,CAAC;QAED,2BAA2B;QAC3B,MAAM,YAAY,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QACpF,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACnC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CACnE,CAAC;QAEF,IAAI,UAAU,EAAE,CAAC;YACf,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,oBAAoB;gBAC9B,KAAK,EAAE,2BAA2B;gBAClC,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,+CAA+C;gBACvD,QAAQ,EAAE,kBAAkB,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAClH,CAAC,CAAC;QACL,CAAC;QAED,+BAA+B;QAC/B,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAC9D,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;QAEF,IAAI,aAAa,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,+BAA+B;gBACtC,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,8CAA8C;gBACtD,QAAQ,EAAE,kBAAkB,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAC7G,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,IAAI,QAAQ,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAClD,MAAM,aAAa,GAAG;YACpB,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,UAAmB,EAAE,MAAM,EAAE,mBAAmB,EAAE;YAC/G,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,uBAAuB,EAAE;YAC/F,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAmB,EAAE,MAAM,EAAE,yBAAyB,EAAE;YACpG,EAAE,OAAO,EAAE,gCAAgC,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,oBAAoB,EAAE;YACtG,EAAE,OAAO,EAAE,4BAA4B,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,sBAAsB,EAAE;YACpG,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,oBAAoB,EAAE;YACzF,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAiB,EAAE,MAAM,EAAE,6CAA6C,EAAE;SAC5G,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAChC,KAAK,MAAM,SAAS,IAAI,aAAa,EAAE,CAAC;gBACtC,IAAI,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBAChC,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,SAAS,CAAC,QAAQ;wBAC5B,QAAQ,EAAE,kBAAkB;wBAC5B,KAAK,EAAE,qBAAqB,GAAG,EAAE;wBACjC,IAAI,EAAE,UAAU;wBAChB,MAAM,EAAE,qCAAqC,GAAG,EAAE;wBAClD,QAAQ,EAAE,SAAS,CAAC,MAAM;qBAC3B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,aAAa;QACpB,QAAQ;KACT,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/layers/permissions.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,KAAY;IAChD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAEhC,8DAA8D;IAC9D,IAAI,CAAC,KAAK,CAAC,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7D,OAAO;YACL,KAAK,EAAE,aAAa;YACpB,QAAQ,EAAE,EAAE,CAAC,iCAAiC;SAC/C,CAAC;IACJ,CAAC;IAED,6DAA6D;IAC7D,MAAM,kBAAkB,GAAG,MAAM,YAAY,CAAC,qBAAqB,CAAC,CAAC;IAErE,iDAAiD;IACjD,8EAA8E;IAC9E,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAClF,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,aAAa;YACvB,KAAK,EAAE,yBAAyB;YAChC,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,6DAA6D;YACrE,QAAQ,EAAE,6DAA6D;SACxE,CAAC,CAAC;IACL,CAAC;IAED,qDAAqD;IACrD,IAAI,QAAQ,CAAC,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;YAClC,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;gBACzC,IAAI,OAAO,CAAC,KAAK,KAAK,aAAa;oBAAE,SAAS;gBAE9C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBACnE,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACvB,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,QAAQ,EAAE,oBAAoB;wBAC9B,KAAK,EAAE,OAAO,CAAC,IAAI;wBACnB,IAAI,EAAE,UAAU;wBAChB,MAAM,EAAE,6CAA6C,MAAM,EAAE;wBAC7D,QAAQ,EAAE,OAAO,CAAC,WAAW;wBAC7B,SAAS,EAAE,OAAO,CAAC,EAAE;wBACrB,GAAG,CAAC,OAAO,CAAC,WAAW,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;qBACjE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,gDAAgD;IAChD,IAAI,QAAQ,CAAC,eAAe,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC;QAC1E,MAAM,KAAK,GAAG,QAAQ,CAAC,eAAe,CAAC,CAAC;QAExC,oCAAoC;QACpC,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACxD,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CACrE,CAAC;QAEF,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,sBAAsB;gBAChC,KAAK,EAAE,4BAA4B;gBACnC,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,mDAAmD;gBAC3D,QAAQ,EAAE,kBAAkB,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAChH,CAAC,CAAC;QACL,CAAC;QAED,2BAA2B;QAC3B,MAAM,YAAY,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;QACpF,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACnC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CACnE,CAAC;QAEF,IAAI,UAAU,EAAE,CAAC;YACf,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,oBAAoB;gBAC9B,KAAK,EAAE,2BAA2B;gBAClC,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,+CAA+C;gBACvD,QAAQ,EAAE,kBAAkB,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAClH,CAAC,CAAC;QACL,CAAC;QAED,+BAA+B;QAC/B,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAC9D,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAC5D,CAAC;QAEF,IAAI,aAAa,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,+BAA+B;gBACtC,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,8CAA8C;gBACtD,QAAQ,EAAE,kBAAkB,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAC7G,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,IAAI,QAAQ,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAClD,MAAM,aAAa,GAAG;YACpB,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,UAAmB,EAAE,MAAM,EAAE,mBAAmB,EAAE;YAC/G,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,uBAAuB,EAAE;YAC/F,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAmB,EAAE,MAAM,EAAE,yBAAyB,EAAE;YACpG,EAAE,OAAO,EAAE,gCAAgC,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,oBAAoB,EAAE;YACtG,EAAE,OAAO,EAAE,4BAA4B,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,sBAAsB,EAAE;YACpG,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAe,EAAE,MAAM,EAAE,oBAAoB,EAAE;YACzF,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAiB,EAAE,MAAM,EAAE,6CAA6C,EAAE;SAC5G,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAChC,KAAK,MAAM,SAAS,IAAI,aAAa,EAAE,CAAC;gBACtC,IAAI,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;oBAChC,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,SAAS,CAAC,QAAQ;wBAC5B,QAAQ,EAAE,kBAAkB;wBAC5B,KAAK,EAAE,qBAAqB,GAAG,EAAE;wBACjC,IAAI,EAAE,UAAU;wBAChB,MAAM,EAAE,qCAAqC,GAAG,EAAE;wBAClD,QAAQ,EAAE,SAAS,CAAC,MAAM;qBAC3B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,aAAa;QACpB,QAAQ;KACT,CAAC;AACJ,CAAC"}
|
package/dist/mcp-server.js
CHANGED
|
@@ -7,7 +7,7 @@ import { Server } from "@modelcontextprotocol/sdk/server/index.js";
|
|
|
7
7
|
import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
|
|
8
8
|
import { CallToolRequestSchema, ListToolsRequestSchema, } from "@modelcontextprotocol/sdk/types.js";
|
|
9
9
|
import { scanSkill, scanAllSkills } from "./scanner.js";
|
|
10
|
-
const VERSION = "1.0.
|
|
10
|
+
const VERSION = "1.0.1";
|
|
11
11
|
/**
|
|
12
12
|
* Create and configure the MCP server
|
|
13
13
|
*/
|
package/dist/reporter.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,UAAU,EAA6B,MAAM,YAAY,CAAC;AAExE,MAAM,WAAW,aAAa;IAC5B,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,GAAE,aAAkB,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,UAAU,EAA6B,MAAM,YAAY,CAAC;AAExE,MAAM,WAAW,aAAa;IAC5B,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,GAAE,aAAkB,GAAG,IAAI,CAgGtF;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,CAErD"}
|
package/dist/reporter.js
CHANGED
|
@@ -14,6 +14,12 @@ export function reportToTerminal(result, options = {}) {
|
|
|
14
14
|
console.log(`Scanning: ${chalk.cyan(result.skill.name)}`);
|
|
15
15
|
console.log(`Source: ${chalk.dim(result.skill.path)}`);
|
|
16
16
|
console.log();
|
|
17
|
+
// Show warning if no manifest found
|
|
18
|
+
if (result.skill.hasManifest === false) {
|
|
19
|
+
console.log(chalk.yellow('⚠ No manifest found. Running security scan without permission audit.'));
|
|
20
|
+
console.log(chalk.dim(' For full analysis, add SKILL.md: https://acidtest.dev/docs/manifests'));
|
|
21
|
+
console.log();
|
|
22
|
+
}
|
|
17
23
|
console.log(chalk.dim('━'.repeat(60)));
|
|
18
24
|
console.log();
|
|
19
25
|
// Trust score with colored bar
|
package/dist/reporter.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reporter.js","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,KAAK,MAAM,YAAY,CAAC;AAO/B;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAkB,EAAE,UAAyB,EAAE;IAC9E,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"reporter.js","sourceRoot":"","sources":["../src/reporter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,KAAK,MAAM,YAAY,CAAC;AAO/B;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAkB,EAAE,UAAyB,EAAE;IAC9E,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,aAAa,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,oCAAoC;IACpC,IAAI,MAAM,CAAC,KAAK,CAAC,WAAW,KAAK,KAAK,EAAE,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,uEAAuE,CAAC,CAAC,CAAC;QACnG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,yEAAyE,CAAC,CAAC,CAAC;QAClG,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,+BAA+B;IAC/B,MAAM,QAAQ,GAAG,cAAc,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9C,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CACT,gBAAgB,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,KAAK,MAAM,CAAC,IAAI,QAAQ,IAAI,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAC9F,CAAC;IACF,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,wDAAwD;IACxD,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IAErD,IAAI,OAAO,IAAI,MAAM,IAAI,QAAQ,EAAE,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QAEvC,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChE,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/D,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,mBAAmB;IACnB,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,oBAAoB;QACpB,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACxE,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;QACpE,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC;QAC9D,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG;YACd,GAAG,QAAQ;YACX,GAAG,IAAI;YACP,GAAG,MAAM;YACT,GAAG,GAAG;YACN,GAAG,IAAI;SACR,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,OAAO,EAAE,CAAC;YAC9B,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;QAClD,CAAC;QAED,OAAO,CAAC,GAAG,EAAE,CAAC;QAEd,oDAAoD;QACpD,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpC,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,iBAAiB;IACjB,MAAM,mBAAmB,GAAG,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;IAClF,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC;QAC9B,mBAAmB,CAAC,MAAM,CAAC,cAAc,CAAC,CAC3C,CAAC;IAEF,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,MAAkB;IAC7C,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAgB,EAAE,kBAA2B,KAAK;IACvE,MAAM,YAAY,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEzD,iCAAiC;IACjC,OAAO,CAAC,GAAG,CACT,KAAK,YAAY,IAAI,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAC9F,CAAC;IAEF,2BAA2B;IAC3B,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI;YAC3B,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE;YACnC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,SAAS;IACT,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,OAAO,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACvC,CAAC;IAED,WAAW;IACX,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,+DAA+D;IAC/D,IAAI,eAAe,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3C,OAAO,CAAC,GAAG,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC5D,KAAK,MAAM,UAAU,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC;YACzD,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,UAAU,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,QAAmB;IAC7C,6BAA6B;IAC7B,MAAM,MAAM,GAAG;QACb,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;QAChE,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;QACxD,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM;QAC5D,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;QACtD,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;KACzD,CAAC;IAEF,2CAA2C;IAC3C,MAAM,WAAW,GAAG,CAAC,QAAkB,EAAU,EAAE;QACjD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;QACvE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAChE,OAAO,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC,CAAC;IAEF,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC;QACtB,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3E,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;QACtB,KAAK,EAAE;YACL,IAAI,EAAE,EAAE;YACR,MAAM,EAAE,CAAC,KAAK,CAAC;SAChB;KACF,CAAC,CAAC;IAEH,kDAAkD;IAClD,IAAI,MAAM,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC;YAC1B,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YAC1C,WAAW,CAAC,UAAU,CAAC;SACxB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC;YACjB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,WAAW,CAAC,MAAM,CAAC;SACpB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC;YACtB,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,WAAW,CAAC,QAAQ,CAAC;SACtB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC;YAChB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAChC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC;YACT,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;YAClB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;SAC/B,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,QAAkB;IACzC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACxB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACxB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC3B,KAAK,KAAK;YACR,OAAO,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACxB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,QAAkB;IAC1C,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;QACxB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC,MAAM,CAAC;QACtB,KAAK,KAAK;YACR,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,IAAI,CAAC;IACtB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,MAAc;IACpC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC;QAC1B,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC;QAC3B,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;QACxB,KAAK,QAAQ;YACX,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;QAC9B,KAAK,OAAO;YACV,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;IAC1B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,KAAa;IACnC,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC;IACrD,MAAM,KAAK,GAAG,SAAS,GAAG,MAAM,CAAC;IAEjC,IAAI,KAAuB,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;SAChC,IAAI,KAAK,IAAI,EAAE;QAAE,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;;QACtC,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC;IAEvB,OAAO,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;AAClE,CAAC"}
|
package/dist/scanner.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAmB,UAAU,EAAW,MAAM,YAAY,CAAC;AAgBvE;;;GAGG;AACH,wBAAsB,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,GAAE,OAAe,GAAG,OAAO,CAAC,UAAU,CAAC,
|
|
1
|
+
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAmB,UAAU,EAAW,MAAM,YAAY,CAAC;AAgBvE;;;GAGG;AACH,wBAAsB,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,YAAY,GAAE,OAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CA6FrG;AAoRD;;GAEG;AACH,wBAAsB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,CAuD5E"}
|
package/dist/scanner.js
CHANGED
|
@@ -14,7 +14,7 @@ import { scanDataflow } from "./layers/dataflow.js";
|
|
|
14
14
|
import { calculateScore, determineStatus, generateRecommendation, } from "./scoring.js";
|
|
15
15
|
import { detectMCPManifest, parseMCPManifest } from "./loaders/mcp-loader.js";
|
|
16
16
|
import { loadConfig, mergeConfig } from "./config.js";
|
|
17
|
-
const VERSION = "1.0.
|
|
17
|
+
const VERSION = "1.0.1";
|
|
18
18
|
/**
|
|
19
19
|
* Main scan function
|
|
20
20
|
* Scans a skill directory or SKILL.md file
|
|
@@ -84,6 +84,7 @@ export async function scanSkill(skillPath, showProgress = false) {
|
|
|
84
84
|
skill: {
|
|
85
85
|
name: skill.name,
|
|
86
86
|
path: skill.path,
|
|
87
|
+
hasManifest: skill.hasManifest,
|
|
87
88
|
},
|
|
88
89
|
score,
|
|
89
90
|
status,
|
|
@@ -99,6 +100,7 @@ export async function scanSkill(skillPath, showProgress = false) {
|
|
|
99
100
|
/**
|
|
100
101
|
* Load a skill from a directory or SKILL.md file
|
|
101
102
|
* Also supports MCP server manifests (mcp.json, server.json, package.json)
|
|
103
|
+
* If no manifest found, creates minimal Skill object for code-only scanning
|
|
102
104
|
*/
|
|
103
105
|
async function loadSkill(skillPath) {
|
|
104
106
|
let skillDir;
|
|
@@ -123,7 +125,8 @@ async function loadSkill(skillPath) {
|
|
|
123
125
|
if (mcpManifestPath) {
|
|
124
126
|
return await loadMCPServer(skillDir, mcpManifestPath);
|
|
125
127
|
}
|
|
126
|
-
|
|
128
|
+
// No manifest found - create minimal Skill object for code-only scanning
|
|
129
|
+
return await loadGenericCode(skillDir);
|
|
127
130
|
}
|
|
128
131
|
/**
|
|
129
132
|
* Load an AgentSkills format skill (SKILL.md)
|
|
@@ -145,6 +148,7 @@ async function loadAgentSkill(skillDir, skillMdPath) {
|
|
|
145
148
|
metadata,
|
|
146
149
|
markdownContent,
|
|
147
150
|
codeFiles,
|
|
151
|
+
hasManifest: true,
|
|
148
152
|
};
|
|
149
153
|
}
|
|
150
154
|
/**
|
|
@@ -165,6 +169,37 @@ async function loadMCPServer(skillDir, manifestPath) {
|
|
|
165
169
|
markdownContent,
|
|
166
170
|
codeFiles,
|
|
167
171
|
isMCP: true, // Flag this as an MCP server
|
|
172
|
+
hasManifest: true,
|
|
173
|
+
};
|
|
174
|
+
}
|
|
175
|
+
/**
|
|
176
|
+
* Load generic code directory without manifest
|
|
177
|
+
* Creates minimal Skill object to enable code-only scanning
|
|
178
|
+
*/
|
|
179
|
+
async function loadGenericCode(skillDir) {
|
|
180
|
+
// Use directory name as skill name
|
|
181
|
+
const skillName = basename(skillDir) || "unknown-code";
|
|
182
|
+
// Find all code files
|
|
183
|
+
const codeFiles = await findCodeFiles(skillDir);
|
|
184
|
+
// Check for README.md to use as markdown content (optional)
|
|
185
|
+
let markdownContent = "";
|
|
186
|
+
const readmePath = join(skillDir, "README.md");
|
|
187
|
+
if (existsSync(readmePath)) {
|
|
188
|
+
try {
|
|
189
|
+
markdownContent = readFileSync(readmePath, "utf-8");
|
|
190
|
+
}
|
|
191
|
+
catch (error) {
|
|
192
|
+
// Ignore read errors
|
|
193
|
+
}
|
|
194
|
+
}
|
|
195
|
+
return {
|
|
196
|
+
name: skillName,
|
|
197
|
+
path: skillDir,
|
|
198
|
+
metadata: {}, // Empty metadata signals no manifest
|
|
199
|
+
markdownContent,
|
|
200
|
+
codeFiles,
|
|
201
|
+
isMCP: false,
|
|
202
|
+
hasManifest: false, // No manifest found
|
|
168
203
|
};
|
|
169
204
|
}
|
|
170
205
|
/**
|
package/dist/scanner.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EACL,cAAc,EACd,eAAe,EACf,sBAAsB,GACvB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC9E,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,SAAiB,EAAE,eAAwB,KAAK;IAC9E,IAAI,OAAO,GAAQ,IAAI,CAAC;IAExB,oEAAoE;IACpE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,GAAG,GAAG,CAAC,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC1C,OAAO,GAAG,GAAG,CAAC,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,iBAAiB;IACjB,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;IAEzC,qBAAqB;IACrB,MAAM,UAAU,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IAEvC,+BAA+B;IAC/B,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,kCAAkC,CAAC;IAC/D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,KAAK,CAAC,CAAC;IAE5C,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,0CAA0C,CAAC;IACvE,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,CAAC;IAE1C,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,4BAA4B,CAAC;IACzD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;IAErC,uDAAuD;IACvD,MAAM,gBAAgB,GAAG;QACvB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;KACnB,CAAC;IAEF,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,yCAAyC,CAAC;IACtE,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;IAEjE,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,gCAAgC,CAAC;IAC7D,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,CAAC;IAEzC,uBAAuB;IACvB,IAAI,WAAW,GAAc;QAC3B,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;KACnB,CAAC;IAEF,mCAAmC;IACnC,IAAI,MAAM,CAAC,MAAM,EAAE,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjE,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACnC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,MAAO,CAAC,QAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAChE,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,EAAE,UAAU,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrE,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACnC,CAAC,MAAM,CAAC,MAAO,CAAC,UAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CACjD,CAAC;IACJ,CAAC;IAED,0CAA0C;IAC1C,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,WAAW,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;IAClD,CAAC;IAED,6BAA6B;IAC7B,MAAM,KAAK,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,sBAAsB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAEnE,2CAA2C;IAC3C,MAAM,MAAM,GAAe;QACzB,aAAa,EAAE,OAAO;QACtB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE;YACL,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK,CAAC,IAAI;SACjB;QACD,KAAK;QACL,MAAM;QACN,WAAW,EAAE,oBAAoB,CAAC,KAAK,CAAC,QAAQ,CAAC;QACjD,QAAQ,EAAE,WAAW;QACrB,cAAc;KACf,CAAC;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,SAAS,CAAC,SAAiB;IACxC,IAAI,QAAgB,CAAC;IAErB,2CAA2C;IAC3C,IAAI,UAAU,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/D,QAAQ,GAAG,SAAS,CAAC;IACvB,CAAC;SAAM,IACL,QAAQ,CAAC,SAAS,CAAC,KAAK,UAAU;QAClC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EACrC,CAAC;QACD,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IAED,qDAAqD;IACrD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC/C,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5B,OAAO,MAAM,cAAc,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACrD,CAAC;IAED,6BAA6B;IAC7B,MAAM,eAAe,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACpD,IAAI,eAAe,EAAE,CAAC;QACpB,OAAO,MAAM,aAAa,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,IAAI,KAAK,CACb,mDAAmD,QAAQ,EAAE,CAC9D,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,cAAc,CAC3B,QAAgB,EAChB,WAAmB;IAEnB,0BAA0B;IAC1B,MAAM,YAAY,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACxD,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;IAEpC,gCAAgC;IAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC;IAC7B,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC;IAEvC,uBAAuB;IACvB,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,eAAe,CAAC;IAEzE,6CAA6C;IAC7C,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,eAAe;QACf,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,QAAgB,EAChB,YAAoB;IAEpB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;IAEhD,oDAAoD;IACpD,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAEpE,wBAAwB;IACxB,MAAM,UAAU,GACd,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC;IAEvE,sBAAsB;IACtB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,eAAe;QACf,SAAS;QACT,KAAK,EAAE,IAAI,EAAE,6BAA6B;KAC3C,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,QAAa;IAKzC,cAAc;IACd,IAAI,IAAI,GAAa,EAAE,CAAC;IACxB,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;QAClB,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAED,aAAa;IACb,IAAI,GAAG,GAAa,EAAE,CAAC;IACvB,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;QACjB,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACpE,CAAC;IAED,uBAAuB;IACvB,IAAI,KAAK,GAAa,EAAE,CAAC;IACzB,IAAI,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAC9B,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;YAC9C,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;YAC3B,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;IAClC,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAAC,QAAgB;IAC3C,MAAM,SAAS,GAAe,EAAE,CAAC;IAEjC,6CAA6C;IAC7C,MAAM,QAAQ,GAAG;QACf,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;QACzB,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;QACzB,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;QAC1B,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;QAC1B,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;KAC1B,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;gBAChC,MAAM,EAAE;oBACN,oBAAoB;oBACpB,YAAY;oBACZ,aAAa;oBACb,iBAAiB;oBACjB,aAAa;oBACb,YAAY;oBACZ,2BAA2B;oBAC3B,2BAA2B;oBAC3B,WAAW,EAAE,uCAAuC;oBACpD,gBAAgB;oBAChB,gBAAgB;oBAChB,YAAY;oBACZ,cAAc;oBACd,aAAa;oBACb,aAAa;oBACb,cAAc;oBACd,gBAAgB;oBAChB,aAAa;oBACb,cAAc;oBACd,cAAc;iBACf;aACF,CAAC,CAAC;YAEH,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;gBAC7B,IAAI,CAAC;oBACH,4CAA4C;oBAC5C,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;wBAC/B,SAAS;oBACX,CAAC;oBAED,kBAAkB;oBAClB,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAC/D,SAAS;oBACX,CAAC;oBAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;oBAChD,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;oBAE7D,2BAA2B;oBAC3B,IAAI,SAA6C,CAAC;oBAClD,IAAI,GAAG,KAAK,IAAI;wBAAE,SAAS,GAAG,IAAI,CAAC;yBAC9B,IAAI,GAAG,KAAK,KAAK;wBAAE,SAAS,GAAG,KAAK,CAAC;yBACrC,IAAI,GAAG,KAAK,KAAK;wBAAE,SAAS,GAAG,KAAK,CAAC;yBACrC,IAAI,GAAG,KAAK,IAAI;wBAAE,SAAS,GAAG,IAAI,CAAC;;wBACnC,SAAS,GAAG,IAAI,CAAC;oBAEtB,SAAS,CAAC,IAAI,CAAC;wBACb,IAAI,EAAE,QAAQ;wBACd,OAAO;wBACP,SAAS;qBACV,CAAC,CAAC;gBACL,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,gCAAgC;oBAChC,OAAO,CAAC,IAAI,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,6BAA6B;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,SAAS,oBAAoB,CAAC,QAAmB;IAC/C,OAAO,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;QAC5B,mEAAmE;QACnE,MAAM,uBAAuB,GAAG;YAC9B,QAAQ,EAAG,8CAA8C;YACzD,QAAQ,EAAG,kDAAkD;YAC7D,QAAQ,EAAG,sCAAsC;YACjD,QAAQ,EAAG,iDAAiD;SAC7D,CAAC;QAEF,IAAI,uBAAuB,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9D,+CAA+C;YAC/C,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAClC,OAAO,EAAE,GAAG,OAAO,EAAE,QAAQ,EAAE,KAAc,EAAE,CAAC;YAClD,CAAC;YACD,IAAI,OAAO,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBAC/B,OAAO,EAAE,GAAG,OAAO,EAAE,QAAQ,EAAE,MAAe,EAAE,CAAC;YACnD,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,SAAiB;IACnD,MAAM,OAAO,GAAiB,EAAE,CAAC;IACjC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC,CAAC,gDAAgD;IAEnF,0BAA0B;IAC1B,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IACpD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE;QAC1C,MAAM,EAAE,CAAC,oBAAoB,CAAC;KAC/B,CAAC,CAAC;IAEH,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;QACpC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,SAAS;QACpC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;YAC1C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CACV,oCAAoC,SAAS,GAAG,EAC/C,KAAe,CAAC,OAAO,CACzB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,MAAM,WAAW,GAAG;QAClB,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;QAC9B,IAAI,CAAC,SAAS,EAAE,gBAAgB,CAAC;KAClC,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;YACxC,MAAM,EAAE,CAAC,oBAAoB,CAAC;SAC/B,CAAC,CAAC;QAEH,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;YACzC,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;YAC1C,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;gBAAE,SAAS;YACvC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YAEzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,CAAC;gBAC7C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CACV,yCAAyC,YAAY,GAAG,EACvD,KAAe,CAAC,OAAO,CACzB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
1
|
+
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,MAAM,MAAM,aAAa,CAAC;AAEjC,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EACL,cAAc,EACd,eAAe,EACf,sBAAsB,GACvB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC9E,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,SAAiB,EAAE,eAAwB,KAAK;IAC9E,IAAI,OAAO,GAAQ,IAAI,CAAC;IAExB,oEAAoE;IACpE,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,GAAG,GAAG,CAAC,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAC1C,OAAO,GAAG,GAAG,CAAC,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;IAC5C,CAAC;IAED,iBAAiB;IACjB,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;IAEzC,qBAAqB;IACrB,MAAM,UAAU,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,WAAW,CAAC,UAAU,CAAC,CAAC;IAEvC,+BAA+B;IAC/B,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,kCAAkC,CAAC;IAC/D,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,KAAK,CAAC,CAAC;IAE5C,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,0CAA0C,CAAC;IACvE,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,KAAK,CAAC,CAAC;IAE1C,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,4BAA4B,CAAC;IACzD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAC;IAErC,uDAAuD;IACvD,MAAM,gBAAgB,GAAG;QACvB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;KACnB,CAAC;IAEF,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,yCAAyC,CAAC;IACtE,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;IAEjE,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,GAAG,gCAAgC,CAAC;IAC7D,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,CAAC;IAEzC,uBAAuB;IACvB,IAAI,WAAW,GAAc;QAC3B,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;QAClB,GAAG,MAAM,CAAC,QAAQ;KACnB,CAAC;IAEF,mCAAmC;IACnC,IAAI,MAAM,CAAC,MAAM,EAAE,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjE,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACnC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,MAAO,CAAC,QAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAChE,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,EAAE,UAAU,IAAI,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrE,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACnC,CAAC,MAAM,CAAC,MAAO,CAAC,UAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CACjD,CAAC;IACJ,CAAC;IAED,0CAA0C;IAC1C,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,WAAW,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;IAClD,CAAC;IAED,6BAA6B;IAC7B,MAAM,KAAK,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,sBAAsB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAEnE,2CAA2C;IAC3C,MAAM,MAAM,GAAe;QACzB,aAAa,EAAE,OAAO;QACtB,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE;YACL,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,WAAW,EAAE,KAAK,CAAC,WAAW;SAC/B;QACD,KAAK;QACL,MAAM;QACN,WAAW,EAAE,oBAAoB,CAAC,KAAK,CAAC,QAAQ,CAAC;QACjD,QAAQ,EAAE,WAAW;QACrB,cAAc;KACf,CAAC;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,SAAS,CAAC,SAAiB;IACxC,IAAI,QAAgB,CAAC;IAErB,2CAA2C;IAC3C,IAAI,UAAU,CAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/D,QAAQ,GAAG,SAAS,CAAC;IACvB,CAAC;SAAM,IACL,QAAQ,CAAC,SAAS,CAAC,KAAK,UAAU;QAClC,QAAQ,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EACrC,CAAC;QACD,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CACb,8DAA8D,CAC/D,CAAC;IACJ,CAAC;IAED,qDAAqD;IACrD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC/C,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5B,OAAO,MAAM,cAAc,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IACrD,CAAC;IAED,6BAA6B;IAC7B,MAAM,eAAe,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACpD,IAAI,eAAe,EAAE,CAAC;QACpB,OAAO,MAAM,aAAa,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IACxD,CAAC;IAED,yEAAyE;IACzE,OAAO,MAAM,eAAe,CAAC,QAAQ,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,cAAc,CAC3B,QAAgB,EAChB,WAAmB;IAEnB,0BAA0B;IAC1B,MAAM,YAAY,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACxD,MAAM,MAAM,GAAG,MAAM,CAAC,YAAY,CAAC,CAAC;IAEpC,gCAAgC;IAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC;IAC7B,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC;IAEvC,uBAAuB;IACvB,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,eAAe,CAAC;IAEzE,6CAA6C;IAC7C,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,eAAe;QACf,SAAS;QACT,WAAW,EAAE,IAAI;KAClB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,QAAgB,EAChB,YAAoB;IAEpB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;IAEhD,oDAAoD;IACpD,MAAM,eAAe,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAEpE,wBAAwB;IACxB,MAAM,UAAU,GACd,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC;IAEvE,sBAAsB;IACtB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,eAAe;QACf,SAAS;QACT,KAAK,EAAE,IAAI,EAAE,6BAA6B;QAC1C,WAAW,EAAE,IAAI;KAClB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,eAAe,CAAC,QAAgB;IAC7C,mCAAmC;IACnC,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,IAAI,cAAc,CAAC;IAEvD,sBAAsB;IACtB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,4DAA4D;IAC5D,IAAI,eAAe,GAAG,EAAE,CAAC;IACzB,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;IAC/C,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,eAAe,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,qBAAqB;QACvB,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,SAAS;QACf,IAAI,EAAE,QAAQ;QACd,QAAQ,EAAE,EAAE,EAAE,qCAAqC;QACnD,eAAe;QACf,SAAS;QACT,KAAK,EAAE,KAAK;QACZ,WAAW,EAAE,KAAK,EAAE,oBAAoB;KACzC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,QAAa;IAKzC,cAAc;IACd,IAAI,IAAI,GAAa,EAAE,CAAC;IACxB,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;QAClB,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAED,aAAa;IACb,IAAI,GAAG,GAAa,EAAE,CAAC;IACvB,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC;QACjB,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACpE,CAAC;IAED,uBAAuB;IACvB,IAAI,KAAK,GAAa,EAAE,CAAC;IACzB,IAAI,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAC9B,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;YAC9C,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;YAC3B,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;IAClC,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAAC,QAAgB;IAC3C,MAAM,SAAS,GAAe,EAAE,CAAC;IAEjC,6CAA6C;IAC7C,MAAM,QAAQ,GAAG;QACf,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;QACzB,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;QACzB,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;QAC1B,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;QAC1B,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC;KAC1B,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;gBAChC,MAAM,EAAE;oBACN,oBAAoB;oBACpB,YAAY;oBACZ,aAAa;oBACb,iBAAiB;oBACjB,aAAa;oBACb,YAAY;oBACZ,2BAA2B;oBAC3B,2BAA2B;oBAC3B,WAAW,EAAE,uCAAuC;oBACpD,gBAAgB;oBAChB,gBAAgB;oBAChB,YAAY;oBACZ,cAAc;oBACd,aAAa;oBACb,aAAa;oBACb,cAAc;oBACd,gBAAgB;oBAChB,aAAa;oBACb,cAAc;oBACd,cAAc;iBACf;aACF,CAAC,CAAC;YAEH,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;gBAC7B,IAAI,CAAC;oBACH,4CAA4C;oBAC5C,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;wBAC/B,SAAS;oBACX,CAAC;oBAED,kBAAkB;oBAClB,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAC/D,SAAS;oBACX,CAAC;oBAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;oBAChD,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,qBAAqB;oBAE7D,2BAA2B;oBAC3B,IAAI,SAA6C,CAAC;oBAClD,IAAI,GAAG,KAAK,IAAI;wBAAE,SAAS,GAAG,IAAI,CAAC;yBAC9B,IAAI,GAAG,KAAK,KAAK;wBAAE,SAAS,GAAG,KAAK,CAAC;yBACrC,IAAI,GAAG,KAAK,KAAK;wBAAE,SAAS,GAAG,KAAK,CAAC;yBACrC,IAAI,GAAG,KAAK,IAAI;wBAAE,SAAS,GAAG,IAAI,CAAC;;wBACnC,SAAS,GAAG,IAAI,CAAC;oBAEtB,SAAS,CAAC,IAAI,CAAC;wBACb,IAAI,EAAE,QAAQ;wBACd,OAAO;wBACP,SAAS;qBACV,CAAC,CAAC;gBACL,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,gCAAgC;oBAChC,OAAO,CAAC,IAAI,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;gBAC5D,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,6BAA6B;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,SAAS,oBAAoB,CAAC,QAAmB;IAC/C,OAAO,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;QAC5B,mEAAmE;QACnE,MAAM,uBAAuB,GAAG;YAC9B,QAAQ,EAAG,8CAA8C;YACzD,QAAQ,EAAG,kDAAkD;YAC7D,QAAQ,EAAG,sCAAsC;YACjD,QAAQ,EAAG,iDAAiD;SAC7D,CAAC;QAEF,IAAI,uBAAuB,CAAC,QAAQ,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9D,+CAA+C;YAC/C,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAClC,OAAO,EAAE,GAAG,OAAO,EAAE,QAAQ,EAAE,KAAc,EAAE,CAAC;YAClD,CAAC;YACD,IAAI,OAAO,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBAC/B,OAAO,EAAE,GAAG,OAAO,EAAE,QAAQ,EAAE,MAAe,EAAE,CAAC;YACnD,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,SAAiB;IACnD,MAAM,OAAO,GAAiB,EAAE,CAAC;IACjC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC,CAAC,gDAAgD;IAEnF,0BAA0B;IAC1B,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IACpD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE;QAC1C,MAAM,EAAE,CAAC,oBAAoB,CAAC;KAC/B,CAAC,CAAC;IAEH,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;QACpC,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,SAAS;QACpC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,CAAC;YAC1C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CACV,oCAAoC,SAAS,GAAG,EAC/C,KAAe,CAAC,OAAO,CACzB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,MAAM,WAAW,GAAG;QAClB,IAAI,CAAC,SAAS,EAAE,aAAa,CAAC;QAC9B,IAAI,CAAC,SAAS,EAAE,gBAAgB,CAAC;KAClC,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;YACxC,MAAM,EAAE,CAAC,oBAAoB,CAAC;SAC/B,CAAC,CAAC;QAEH,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;YACzC,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;YAC1C,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC;gBAAE,SAAS;YACvC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YAEzB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,YAAY,CAAC,CAAC;gBAC7C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CACV,yCAAyC,YAAY,GAAG,EACvD,KAAe,CAAC,OAAO,CACzB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/dist/scanner.test.js
CHANGED
|
@@ -73,5 +73,36 @@ describe("scanSkill", () => {
|
|
|
73
73
|
// But it also has a suspicious base64 string - should be flagged
|
|
74
74
|
expect(obfuscationFindings.length).toBeGreaterThan(0);
|
|
75
75
|
});
|
|
76
|
+
it("should scan code without manifest (Node.js)", async () => {
|
|
77
|
+
const result = await scanSkill(join(fixturesDir, "fixture-no-manifest-node"));
|
|
78
|
+
// Should complete without errors
|
|
79
|
+
expect(result.status).toBeDefined();
|
|
80
|
+
expect(result.skill.name).toBe("fixture-no-manifest-node");
|
|
81
|
+
expect(result.skill.hasManifest).toBe(false);
|
|
82
|
+
// Should still detect code patterns (layers 2, 3, 5)
|
|
83
|
+
expect(result.findings.length).toBeGreaterThan(0);
|
|
84
|
+
// Should NOT have permission mismatches (layer 1 & 4 skipped)
|
|
85
|
+
const permissionFindings = result.findings.filter(f => f.category.includes('permission'));
|
|
86
|
+
expect(permissionFindings.length).toBe(0);
|
|
87
|
+
});
|
|
88
|
+
it("should scan code without manifest (Python)", async () => {
|
|
89
|
+
const result = await scanSkill(join(fixturesDir, "fixture-no-manifest-python"));
|
|
90
|
+
// Should complete without errors
|
|
91
|
+
expect(result.status).toBeDefined();
|
|
92
|
+
expect(result.skill.name).toBe("fixture-no-manifest-python");
|
|
93
|
+
expect(result.skill.hasManifest).toBe(false);
|
|
94
|
+
// Should still detect code patterns
|
|
95
|
+
expect(result.findings.length).toBeGreaterThan(0);
|
|
96
|
+
// Should have shell execution finding (from code layer)
|
|
97
|
+
const shellFindings = result.findings.filter(f => f.category.includes('child_process') || f.title.includes('shell'));
|
|
98
|
+
expect(shellFindings.length).toBeGreaterThan(0);
|
|
99
|
+
});
|
|
100
|
+
it("should have empty permissions for code without manifest", async () => {
|
|
101
|
+
const result = await scanSkill(join(fixturesDir, "fixture-no-manifest-node"));
|
|
102
|
+
// Permissions should be empty arrays
|
|
103
|
+
expect(result.permissions.bins).toEqual([]);
|
|
104
|
+
expect(result.permissions.env).toEqual([]);
|
|
105
|
+
expect(result.permissions.tools).toEqual([]);
|
|
106
|
+
});
|
|
76
107
|
});
|
|
77
108
|
//# sourceMappingURL=scanner.test.js.map
|
package/dist/scanner.test.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.test.js","sourceRoot":"","sources":["../src/scanner.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAE/B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC;AAE3D,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;IACzB,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC,CAAC;QAEpE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;QAC7C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC,CAAC;QAEpE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;QAC7C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5C,MAAM,CAAC,OAAO,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;QAC5C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1D,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC7D,MAAM,MAAM,CACV,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAC7C,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,CAAC;QAEtE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wEAAwE,EAAE,KAAK,IAAI,EAAE;QACtF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC,CAAC;QAErE,qDAAqD;QACrD,MAAM,mBAAmB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,CACnC,CAAC;QAEF,mEAAmE;QACnE,iEAAiE;QACjE,MAAM,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"scanner.test.js","sourceRoot":"","sources":["../src/scanner.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAE/B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,eAAe,CAAC,CAAC;AAE3D,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;IACzB,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iDAAiD,EAAE,KAAK,IAAI,EAAE;QAC/D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;QACnE,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC,CAAC;QAEpE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IACxC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;QAC7C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC,CAAC;QAEpE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;QAC7C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5C,MAAM,CAAC,OAAO,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;QAC5C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1D,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+CAA+C,EAAE,KAAK,IAAI,EAAE;QAC7D,MAAM,MAAM,CACV,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC,CAC7C,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC,CAAC;QAEtE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wEAAwE,EAAE,KAAK,IAAI,EAAE;QACtF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC,CAAC;QAErE,qDAAqD;QACrD,MAAM,mBAAmB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,CACnC,CAAC;QAEF,mEAAmE;QACnE,iEAAiE;QACjE,MAAM,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,KAAK,IAAI,EAAE;QAC3D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,CAAC;QAE9E,iCAAiC;QACjC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QAC3D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE7C,qDAAqD;QACrD,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAElD,8DAA8D;QAC9D,MAAM,kBAAkB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACpD,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,CAClC,CAAC;QACF,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;QAC1D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,4BAA4B,CAAC,CAAC,CAAC;QAEhF,iCAAiC;QACjC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QACpC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE7C,oCAAoC;QACpC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAElD,wDAAwD;QACxD,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC/C,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAClE,CAAC;QACF,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,CAAC,CAAC;QAE9E,qCAAqC;QACrC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC5C,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -65,9 +65,10 @@ export interface Skill {
|
|
|
65
65
|
name: string;
|
|
66
66
|
path: string;
|
|
67
67
|
metadata: SkillMetadata;
|
|
68
|
-
markdownContent
|
|
68
|
+
markdownContent?: string;
|
|
69
69
|
codeFiles: CodeFile[];
|
|
70
70
|
isMCP?: boolean;
|
|
71
|
+
hasManifest?: boolean;
|
|
71
72
|
}
|
|
72
73
|
/**
|
|
73
74
|
* Code file structure
|
|
@@ -108,6 +109,7 @@ export interface ScanResult {
|
|
|
108
109
|
skill: {
|
|
109
110
|
name: string;
|
|
110
111
|
path: string;
|
|
112
|
+
hasManifest?: boolean;
|
|
111
113
|
};
|
|
112
114
|
score: number;
|
|
113
115
|
status: Status;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;AAEnE,MAAM,MAAM,KAAK,GAAG,aAAa,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;AAErE,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,KAAK,GAAG,OAAO,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,gBAAgB,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE;QACV,IAAI,EAAE,SAAS,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,YAAY,CAAC;IACpB,KAAK,EAAE,KAAK,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,KAAK;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;IACxB,eAAe,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;AAEnE,MAAM,MAAM,KAAK,GAAG,aAAa,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;AAErE,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,KAAK,GAAG,OAAO,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,gBAAgB,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE;QACV,IAAI,EAAE,SAAS,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,YAAY,CAAC;IACpB,KAAK,EAAE,KAAK,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,KAAK;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;IACxB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,IAAI,GAAG,IAAI,GAAG,KAAK,GAAG,KAAK,GAAG,IAAI,CAAC;CAC/C;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,KAAK,CAAC;IACb,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE;QACL,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,CAAC,EAAE,OAAO,CAAC;KACvB,CAAC;IACF,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE;QACX,IAAI,EAAE,MAAM,EAAE,CAAC;QACf,GAAG,EAAE,MAAM,EAAE,CAAC;QACd,KAAK,EAAE,MAAM,EAAE,CAAC;KACjB,CAAC;IACF,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE;QACP,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;QACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IACF,UAAU,CAAC,EAAE;QACX,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,MAAM,CAAC,EAAE,QAAQ,EAAE,CAAC;KACrB,CAAC;IACF,MAAM,CAAC,EAAE;QACP,MAAM,CAAC,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;QACzC,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,MAAM,CAAC,EAAE,OAAO,CAAC;KAClB,CAAC;CACH"}
|
package/package.json
CHANGED
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
// Simple Express.js-style application without SKILL.md
|
|
2
|
+
const express = require('express');
|
|
3
|
+
const fs = require('fs');
|
|
4
|
+
|
|
5
|
+
const app = express();
|
|
6
|
+
const PORT = process.env.PORT || 3000;
|
|
7
|
+
|
|
8
|
+
// Some potentially risky patterns to detect
|
|
9
|
+
app.get('/data', (req, res) => {
|
|
10
|
+
// Reading from filesystem
|
|
11
|
+
const filePath = `/tmp/${req.query.file}`;
|
|
12
|
+
const content = fs.readFileSync(filePath, 'utf-8');
|
|
13
|
+
res.send(content);
|
|
14
|
+
});
|
|
15
|
+
|
|
16
|
+
app.get('/eval', (req, res) => {
|
|
17
|
+
// Code injection vulnerability
|
|
18
|
+
const result = eval(req.query.code);
|
|
19
|
+
res.json({ result });
|
|
20
|
+
});
|
|
21
|
+
|
|
22
|
+
app.listen(PORT, () => {
|
|
23
|
+
console.log(`Server running on port ${PORT}`);
|
|
24
|
+
});
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
#!/usr/bin/env python3
|
|
2
|
+
# Simple Flask application without SKILL.md
|
|
3
|
+
import os
|
|
4
|
+
import subprocess
|
|
5
|
+
from flask import Flask, request
|
|
6
|
+
|
|
7
|
+
app = Flask(__name__)
|
|
8
|
+
|
|
9
|
+
@app.route('/exec')
|
|
10
|
+
def execute_command():
|
|
11
|
+
# Shell execution vulnerability
|
|
12
|
+
cmd = request.args.get('cmd')
|
|
13
|
+
result = subprocess.check_output(cmd, shell=True)
|
|
14
|
+
return result
|
|
15
|
+
|
|
16
|
+
@app.route('/env')
|
|
17
|
+
def get_env():
|
|
18
|
+
# Access environment variables
|
|
19
|
+
api_key = os.environ.get('API_KEY')
|
|
20
|
+
secret = os.environ.get('SECRET_TOKEN')
|
|
21
|
+
return {'api_key': api_key, 'secret': secret}
|
|
22
|
+
|
|
23
|
+
if __name__ == '__main__':
|
|
24
|
+
app.run(debug=True)
|