npm - agent-skills-cli - Versions diffs - 1.0.8 → 1.1.0 - Mend

agent-skills-cli 1.0.8 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (178) hide show

package/README.md +44 -19
package/dist/adapters/adapter.d.ts +51 -0
package/dist/adapters/adapter.d.ts.map +1 -0
package/dist/adapters/adapter.js +51 -0
package/dist/adapters/adapter.js.map +1 -0
package/dist/adapters/claude.d.ts +16 -0
package/dist/adapters/claude.d.ts.map +1 -0
package/dist/adapters/claude.js +30 -0
package/dist/adapters/claude.js.map +1 -0
package/dist/adapters/copilot.d.ts +16 -0
package/dist/adapters/copilot.d.ts.map +1 -0
package/dist/adapters/copilot.js +32 -0
package/dist/adapters/copilot.js.map +1 -0
package/dist/adapters/cursor.d.ts +17 -0
package/dist/adapters/cursor.d.ts.map +1 -0
package/dist/adapters/cursor.js +34 -0
package/dist/adapters/cursor.js.map +1 -0
package/dist/adapters/index.d.ts +11 -0
package/dist/adapters/index.d.ts.map +1 -0
package/dist/adapters/index.js +10 -0
package/dist/adapters/index.js.map +1 -0
package/dist/adapters/universal.d.ts +12 -0
package/dist/adapters/universal.d.ts.map +1 -0
package/dist/adapters/universal.js +16 -0
package/dist/adapters/universal.js.map +1 -0
package/dist/cli/agents.d.ts +21 -0
package/dist/cli/agents.d.ts.map +1 -0
package/dist/cli/agents.js +317 -0
package/dist/cli/agents.js.map +1 -0
package/dist/cli/commands/audit.d.ts +11 -0
package/dist/cli/commands/audit.d.ts.map +1 -0
package/dist/cli/commands/audit.js +168 -0
package/dist/cli/commands/audit.js.map +1 -0
package/dist/cli/commands/blueprint.d.ts +11 -0
package/dist/cli/commands/blueprint.d.ts.map +1 -0
package/dist/cli/commands/blueprint.js +210 -0
package/dist/cli/commands/blueprint.js.map +1 -0
package/dist/cli/commands/bootstrap.d.ts +11 -0
package/dist/cli/commands/bootstrap.d.ts.map +1 -0
package/dist/cli/commands/bootstrap.js +267 -0
package/dist/cli/commands/bootstrap.js.map +1 -0
package/dist/cli/commands/capture.d.ts +11 -0
package/dist/cli/commands/capture.d.ts.map +1 -0
package/dist/cli/commands/capture.js +109 -0
package/dist/cli/commands/capture.js.map +1 -0
package/dist/cli/commands/ci.d.ts +11 -0
package/dist/cli/commands/ci.d.ts.map +1 -0
package/dist/cli/commands/ci.js +144 -0
package/dist/cli/commands/ci.js.map +1 -0
package/dist/cli/commands/collab.d.ts +11 -0
package/dist/cli/commands/collab.d.ts.map +1 -0
package/dist/cli/commands/collab.js +196 -0
package/dist/cli/commands/collab.js.map +1 -0
package/dist/cli/commands/convert.d.ts +11 -0
package/dist/cli/commands/convert.d.ts.map +1 -0
package/dist/cli/commands/convert.js +170 -0
package/dist/cli/commands/convert.js.map +1 -0
package/dist/cli/commands/craft.d.ts +18 -0
package/dist/cli/commands/craft.d.ts.map +1 -0
package/dist/cli/commands/craft.js +205 -0
package/dist/cli/commands/craft.js.map +1 -0
package/dist/cli/commands/export.d.ts +9 -0
package/dist/cli/commands/export.d.ts.map +1 -0
package/dist/cli/commands/export.js +111 -0
package/dist/cli/commands/export.js.map +1 -0
package/dist/cli/commands/forge.d.ts +11 -0
package/dist/cli/commands/forge.d.ts.map +1 -0
package/dist/cli/commands/forge.js +152 -0
package/dist/cli/commands/forge.js.map +1 -0
package/dist/cli/commands/grid.d.ts +11 -0
package/dist/cli/commands/grid.d.ts.map +1 -0
package/dist/cli/commands/grid.js +217 -0
package/dist/cli/commands/grid.js.map +1 -0
package/dist/cli/commands/insight.d.ts +7 -0
package/dist/cli/commands/insight.d.ts.map +1 -0
package/dist/cli/commands/insight.js +71 -0
package/dist/cli/commands/insight.js.map +1 -0
package/dist/cli/commands/install.d.ts +6 -0
package/dist/cli/commands/install.d.ts.map +1 -0
package/dist/cli/commands/install.js +359 -0
package/dist/cli/commands/install.js.map +1 -0
package/dist/cli/commands/interactive.d.ts +7 -0
package/dist/cli/commands/interactive.d.ts.map +1 -0
package/dist/cli/commands/interactive.js +535 -0
package/dist/cli/commands/interactive.js.map +1 -0
package/dist/cli/commands/list.d.ts +6 -0
package/dist/cli/commands/list.d.ts.map +1 -0
package/dist/cli/commands/list.js +77 -0
package/dist/cli/commands/list.js.map +1 -0
package/dist/cli/commands/lockspec.d.ts +11 -0
package/dist/cli/commands/lockspec.d.ts.map +1 -0
package/dist/cli/commands/lockspec.js +179 -0
package/dist/cli/commands/lockspec.js.map +1 -0
package/dist/cli/commands/marketplace.d.ts +7 -0
package/dist/cli/commands/marketplace.d.ts.map +1 -0
package/dist/cli/commands/marketplace.js +417 -0
package/dist/cli/commands/marketplace.js.map +1 -0
package/dist/cli/commands/method.d.ts +7 -0
package/dist/cli/commands/method.d.ts.map +1 -0
package/dist/cli/commands/method.js +140 -0
package/dist/cli/commands/method.js.map +1 -0
package/dist/cli/commands/mine.d.ts +11 -0
package/dist/cli/commands/mine.d.ts.map +1 -0
package/dist/cli/commands/mine.js +254 -0
package/dist/cli/commands/mine.js.map +1 -0
package/dist/cli/commands/recall.d.ts +11 -0
package/dist/cli/commands/recall.d.ts.map +1 -0
package/dist/cli/commands/recall.js +201 -0
package/dist/cli/commands/recall.js.map +1 -0
package/dist/cli/commands/rule.d.ts +11 -0
package/dist/cli/commands/rule.d.ts.map +1 -0
package/dist/cli/commands/rule.js +230 -0
package/dist/cli/commands/rule.js.map +1 -0
package/dist/cli/commands/score.d.ts +10 -0
package/dist/cli/commands/score.d.ts.map +1 -0
package/dist/cli/commands/score.js +91 -0
package/dist/cli/commands/score.js.map +1 -0
package/dist/cli/commands/search.d.ts +6 -0
package/dist/cli/commands/search.d.ts.map +1 -0
package/dist/cli/commands/search.js +173 -0
package/dist/cli/commands/search.js.map +1 -0
package/dist/cli/commands/show.d.ts +6 -0
package/dist/cli/commands/show.d.ts.map +1 -0
package/dist/cli/commands/show.js +158 -0
package/dist/cli/commands/show.js.map +1 -0
package/dist/cli/commands/submit-repo.d.ts +11 -0
package/dist/cli/commands/submit-repo.d.ts.map +1 -0
package/dist/cli/commands/submit-repo.js +133 -0
package/dist/cli/commands/submit-repo.js.map +1 -0
package/dist/cli/commands/submit.d.ts +15 -0
package/dist/cli/commands/submit.d.ts.map +1 -0
package/dist/cli/commands/submit.js +161 -0
package/dist/cli/commands/submit.js.map +1 -0
package/dist/cli/commands/suggest.d.ts +11 -0
package/dist/cli/commands/suggest.d.ts.map +1 -0
package/dist/cli/commands/suggest.js +164 -0
package/dist/cli/commands/suggest.js.map +1 -0
package/dist/cli/commands/track.d.ts +11 -0
package/dist/cli/commands/track.d.ts.map +1 -0
package/dist/cli/commands/track.js +199 -0
package/dist/cli/commands/track.js.map +1 -0
package/dist/cli/commands/trigger.d.ts +11 -0
package/dist/cli/commands/trigger.d.ts.map +1 -0
package/dist/cli/commands/trigger.js +157 -0
package/dist/cli/commands/trigger.js.map +1 -0
package/dist/cli/commands/utils-commands.d.ts +9 -0
package/dist/cli/commands/utils-commands.d.ts.map +1 -0
package/dist/cli/commands/utils-commands.js +389 -0
package/dist/cli/commands/utils-commands.js.map +1 -0
package/dist/cli/commands/validate.d.ts +6 -0
package/dist/cli/commands/validate.d.ts.map +1 -0
package/dist/cli/commands/validate.js +40 -0
package/dist/cli/commands/validate.js.map +1 -0
package/dist/cli/index.d.ts +3 -0
package/dist/cli/index.d.ts.map +1 -1
package/dist/cli/index.js +88 -2743
package/dist/cli/index.js.map +1 -1
package/dist/core/audit.d.ts +24 -0
package/dist/core/audit.d.ts.map +1 -0
package/dist/core/audit.js +195 -0
package/dist/core/audit.js.map +1 -0
package/dist/core/index.d.ts +8 -0
package/dist/core/index.d.ts.map +1 -1
package/dist/core/index.js +8 -0
package/dist/core/index.js.map +1 -1
package/dist/core/quality.d.ts +48 -0
package/dist/core/quality.d.ts.map +1 -0
package/dist/core/quality.js +241 -0
package/dist/core/quality.js.map +1 -0
package/dist/core/scanner-rules.d.ts +58 -0
package/dist/core/scanner-rules.d.ts.map +1 -0
package/dist/core/scanner-rules.js +335 -0
package/dist/core/scanner-rules.js.map +1 -0
package/dist/core/suggest.d.ts +51 -0
package/dist/core/suggest.d.ts.map +1 -0
package/dist/core/suggest.js +241 -0
package/dist/core/suggest.js.map +1 -0
package/package.json +1 -1

package/dist/core/quality.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"quality.d.ts","sourceRoot":"","sources":["../../src/core/quality.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAQH,MAAM,WAAW,YAAY;IACzB,mCAAmC;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,kCAAkC;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,+BAA+B;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,+BAA+B;IAC/B,OAAO,EAAE,WAAW,EAAE,CAAC;IACvB,2BAA2B;IAC3B,KAAK,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IACxB,SAAS,EAAE,WAAW,GAAG,SAAS,GAAG,aAAa,GAAG,UAAU,CAAC;IAChE,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;CAChB;AAaD;;;GAGG;AACH,wBAAsB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CA4C5E;AA0MD;;GAEG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,GAAE,MAAW,GAAG,MAAM,CAKxE;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,KAAK,CAIvE"}

package/dist/core/quality.js ADDED Viewed

@@ -0,0 +1,241 @@
+/**
+ * Skill Quality Scoring Module
+ * 4-dimension quality assessment for skills
+ *
+ * Dimensions:
+ *   Structure    (30%) — frontmatter, required fields, directory layout
+ *   Clarity      (30%) — description quality, headings, examples, "when to use"
+ *   Specificity  (30%) — actionable steps, code examples, numbered instructions
+ *   Advanced     (10%) — scripts, references, assets, anti-patterns, changelog
+ */
+import { readFile, stat } from 'fs/promises';
+import { existsSync } from 'fs';
+import { join, resolve } from 'path';
+// ── Weights ──────────────────────────────────────────────────────────────
+const WEIGHTS = {
+    structure: 0.30,
+    clarity: 0.30,
+    specificity: 0.30,
+    advanced: 0.10,
+};
+// ── Main Entry ───────────────────────────────────────────────────────────
+/**
+ * Assess the quality of a skill at the given path.
+ * @param skillPath — path to skill directory or SKILL.md file
+ */
+export async function assessQuality(skillPath) {
+    const resolved = resolve(skillPath);
+    const pathStat = await stat(resolved).catch(() => null);
+    let dir;
+    let skillMdPath;
+    if (pathStat?.isDirectory()) {
+        dir = resolved;
+        skillMdPath = join(resolved, 'SKILL.md');
+    }
+    else {
+        dir = resolve(resolved, '..');
+        skillMdPath = resolved;
+    }
+    let content = '';
+    if (existsSync(skillMdPath)) {
+        content = await readFile(skillMdPath, 'utf-8');
+    }
+    const details = [];
+    // Run all dimension checks
+    const structureScore = scoreStructure(content, dir, details);
+    const clarityScore = scoreClarity(content, details);
+    const specificityScore = scoreSpecificity(content, details);
+    const advancedScore = await scoreAdvanced(content, dir, details);
+    const overall = Math.round(structureScore * WEIGHTS.structure +
+        clarityScore * WEIGHTS.clarity +
+        specificityScore * WEIGHTS.specificity +
+        advancedScore * WEIGHTS.advanced);
+    return {
+        overall,
+        structure: structureScore,
+        clarity: clarityScore,
+        specificity: specificityScore,
+        advanced: advancedScore,
+        details,
+        grade: toGrade(overall),
+    };
+}
+// ── Dimension 1: Structure (30%) ─────────────────────────────────────────
+function scoreStructure(content, dir, details) {
+    let score = 0;
+    const max = 100;
+    // Check 1: SKILL.md exists (25 pts)
+    const hasMd = content.length > 0;
+    addDetail(details, 'structure', 'SKILL.md file exists', hasMd, 25, 25, hasMd ? undefined : 'Create a SKILL.md file in your skill directory');
+    if (hasMd)
+        score += 25;
+    // Check 2: YAML frontmatter present (25 pts)
+    const hasFrontmatter = /^---\n[\s\S]*?\n---/m.test(content);
+    addDetail(details, 'structure', 'YAML frontmatter present', hasFrontmatter, hasFrontmatter ? 25 : 0, 25, hasFrontmatter ? undefined : 'Add YAML frontmatter with --- delimiters at the top');
+    if (hasFrontmatter)
+        score += 25;
+    // Check 3: Name field in frontmatter (20 pts)
+    const hasName = /^name:\s*.+/m.test(content);
+    addDetail(details, 'structure', 'name field in frontmatter', hasName, hasName ? 20 : 0, 20, hasName ? undefined : 'Add a "name:" field to your frontmatter');
+    if (hasName)
+        score += 20;
+    // Check 4: Description field in frontmatter (20 pts)
+    const hasDesc = /^description:\s*.+/m.test(content);
+    addDetail(details, 'structure', 'description field in frontmatter', hasDesc, hasDesc ? 20 : 0, 20, hasDesc ? undefined : 'Add a "description:" field to your frontmatter');
+    if (hasDesc)
+        score += 20;
+    // Check 5: Proper directory structure (10 pts)
+    const hasProperDir = existsSync(join(dir, 'SKILL.md'));
+    addDetail(details, 'structure', 'Proper directory structure (skillname/SKILL.md)', hasProperDir, hasProperDir ? 10 : 0, 10, hasProperDir ? undefined : 'Place SKILL.md inside a named directory');
+    if (hasProperDir)
+        score += 10;
+    return Math.min(score, max);
+}
+// ── Dimension 2: Clarity (30%) ───────────────────────────────────────────
+function scoreClarity(content, details) {
+    let score = 0;
+    const max = 100;
+    // Check 1: Description is meaningful (>50 chars) (20 pts)
+    const descMatch = content.match(/^description:\s*(.+)/m);
+    const descLen = descMatch?.[1]?.trim().length ?? 0;
+    const goodDesc = descLen >= 50;
+    addDetail(details, 'clarity', 'Description is meaningful (≥50 chars)', goodDesc, goodDesc ? 20 : 0, 20, goodDesc ? undefined : `Description is ${descLen} chars — aim for 50+ to explain when/why to use this skill`);
+    if (goodDesc)
+        score += 20;
+    // Check 2: Has section headings (## or ###) (20 pts)
+    const headings = content.match(/^#{2,3}\s+.+/gm) || [];
+    const hasHeadings = headings.length >= 2;
+    addDetail(details, 'clarity', 'Has section headings (≥2)', hasHeadings, hasHeadings ? 20 : 0, 20, hasHeadings ? undefined : 'Add ## headings to organize your skill into logical sections');
+    if (hasHeadings)
+        score += 20;
+    // Check 3: "When to use" or "Usage" section (15 pts)
+    const hasUsage = /when\s+to\s+use|usage|use\s+cases?/i.test(content);
+    addDetail(details, 'clarity', '"When to use" or "Usage" section', hasUsage, hasUsage ? 15 : 0, 15, hasUsage ? undefined : 'Add a "When to Use" section so agents know when to activate this skill');
+    if (hasUsage)
+        score += 15;
+    // Check 4: Has examples section (15 pts)
+    const hasExamples = /example|demo|sample/i.test(content);
+    addDetail(details, 'clarity', 'Has examples or demos', hasExamples, hasExamples ? 15 : 0, 15, hasExamples ? undefined : 'Include examples to show expected behavior');
+    if (hasExamples)
+        score += 15;
+    // Check 5: Body is substantial (>100 lines → 15 pts, >50 → 10, >20 → 5)
+    const lines = content.split('\n').length;
+    const bodyPts = lines > 100 ? 15 : lines > 50 ? 10 : lines > 20 ? 5 : 0;
+    addDetail(details, 'clarity', `Substantial body content (${lines} lines)`, bodyPts > 0, bodyPts, 15, bodyPts > 0 ? undefined : 'Add more content — skills under 20 lines are rarely comprehensive');
+    score += bodyPts;
+    // Check 6: No excessive blank lines (15 pts)
+    const blankRatio = (content.match(/\n\n\n+/g) || []).length;
+    const cleanFormat = blankRatio <= 3;
+    addDetail(details, 'clarity', 'Clean formatting (no excessive blank lines)', cleanFormat, cleanFormat ? 15 : 0, 15, cleanFormat ? undefined : 'Remove excessive blank lines for better readability');
+    if (cleanFormat)
+        score += 15;
+    return Math.min(score, max);
+}
+// ── Dimension 3: Specificity (30%) ───────────────────────────────────────
+function scoreSpecificity(content, details) {
+    let score = 0;
+    const max = 100;
+    // Check 1: Has code blocks (25 pts)
+    const codeBlocks = content.match(/```[\s\S]*?```/g) || [];
+    const hasCode = codeBlocks.length >= 1;
+    addDetail(details, 'specificity', 'Contains code blocks', hasCode, hasCode ? 25 : 0, 25, hasCode ? undefined : 'Add code blocks with concrete examples agents can follow');
+    if (hasCode)
+        score += 25;
+    // Check 2: Has numbered/ordered steps (20 pts)
+    const hasSteps = /^\d+\.\s+/m.test(content) || /^-\s+\*\*Step/m.test(content);
+    addDetail(details, 'specificity', 'Has numbered/ordered steps', hasSteps, hasSteps ? 20 : 0, 20, hasSteps ? undefined : 'Use numbered steps (1. 2. 3.) for step-by-step instructions');
+    if (hasSteps)
+        score += 20;
+    // Check 3: References specific tools or commands (15 pts)
+    const hasToolRefs = /`[a-z]+\s+[a-z]+`|npm\s+|npx\s+|git\s+|docker\s+|curl\s+/i.test(content);
+    addDetail(details, 'specificity', 'References specific tools or commands', hasToolRefs, hasToolRefs ? 15 : 0, 15, hasToolRefs ? undefined : 'Reference specific CLI commands or tools the agent should use');
+    if (hasToolRefs)
+        score += 15;
+    // Check 4: File path references (15 pts)
+    const hasFilePaths = /`[^\s`]*\/[^\s`]*`|`\.[a-z]+`/i.test(content);
+    addDetail(details, 'specificity', 'References file paths or extensions', hasFilePaths, hasFilePaths ? 15 : 0, 15, hasFilePaths ? undefined : 'Include file paths or extensions the skill targets');
+    if (hasFilePaths)
+        score += 15;
+    // Check 5: Conditional logic / decision trees (10 pts)
+    const hasConditional = /\bif\b.*\bthen\b|when\s+.*\bdo\b|in\s+case/i.test(content)
+        || /\bIF\b|\bWHEN\b|\bUNLESS\b/m.test(content);
+    addDetail(details, 'specificity', 'Has conditional logic or decision rules', hasConditional, hasConditional ? 10 : 0, 10, hasConditional ? undefined : 'Add conditional rules (IF...THEN) for nuanced agent behavior');
+    if (hasConditional)
+        score += 10;
+    // Check 6: Constraints / "Do NOT" rules (15 pts)
+    const hasConstraints = /\bdo\s+not\b|\bdon't\b|\bnever\b|\bavoid\b|\bmust\s+not\b/i.test(content);
+    addDetail(details, 'specificity', 'Has constraints or "Do NOT" rules', hasConstraints, hasConstraints ? 15 : 0, 15, hasConstraints ? undefined : 'Add "Do NOT" or "Avoid" constraints to prevent common mistakes');
+    if (hasConstraints)
+        score += 15;
+    return Math.min(score, max);
+}
+// ── Dimension 4: Advanced (10%) ──────────────────────────────────────────
+async function scoreAdvanced(content, dir, details) {
+    let score = 0;
+    const max = 100;
+    // Check 1: Has scripts/ directory (25 pts)
+    const hasScripts = existsSync(join(dir, 'scripts'));
+    addDetail(details, 'advanced', 'Has scripts/ directory', hasScripts, hasScripts ? 25 : 0, 25, hasScripts ? undefined : 'Add a scripts/ directory for automation hooks');
+    if (hasScripts)
+        score += 25;
+    // Check 2: Has references/ or resources/ directory (20 pts)
+    const hasRefs = existsSync(join(dir, 'references')) || existsSync(join(dir, 'resources'));
+    addDetail(details, 'advanced', 'Has references/ or resources/ directory', hasRefs, hasRefs ? 20 : 0, 20, hasRefs ? undefined : 'Add a references/ directory for supporting documentation');
+    if (hasRefs)
+        score += 20;
+    // Check 3: Has anti-patterns section (20 pts)
+    const hasAntiPatterns = /anti.?pattern|common\s+mistake|pitfall|gotcha/i.test(content);
+    addDetail(details, 'advanced', 'Has anti-patterns or pitfalls section', hasAntiPatterns, hasAntiPatterns ? 20 : 0, 20, hasAntiPatterns ? undefined : 'Document anti-patterns or common mistakes to help agents avoid errors');
+    if (hasAntiPatterns)
+        score += 20;
+    // Check 4: Has changelog or version history (15 pts)
+    const hasChangelog = /changelog|version\s+history|what'?s\s+new/i.test(content)
+        || existsSync(join(dir, 'CHANGELOG.md'));
+    addDetail(details, 'advanced', 'Has changelog or version history', hasChangelog, hasChangelog ? 15 : 0, 15, hasChangelog ? undefined : 'Add a version history to track skill evolution');
+    if (hasChangelog)
+        score += 15;
+    // Check 5: Has tests or testing section (20 pts)
+    const hasTests = existsSync(join(dir, 'tests')) || existsSync(join(dir, '__tests__'))
+        || /testing|test\s+cases?|validation/i.test(content);
+    addDetail(details, 'advanced', 'Has tests or testing instructions', hasTests, hasTests ? 20 : 0, 20, hasTests ? undefined : 'Add testing instructions or a tests/ directory');
+    if (hasTests)
+        score += 20;
+    return Math.min(score, max);
+}
+// ── Helpers ──────────────────────────────────────────────────────────────
+function addDetail(details, dimension, check, passed, points, maxPoints, tip) {
+    details.push({ dimension, check, passed, points, maxPoints, tip });
+}
+function toGrade(score) {
+    if (score >= 90)
+        return 'A+';
+    if (score >= 80)
+        return 'A';
+    if (score >= 70)
+        return 'B';
+    if (score >= 60)
+        return 'C';
+    if (score >= 50)
+        return 'D';
+    return 'F';
+}
+/**
+ * Format a quality score as a colored bar string (for terminal output).
+ */
+export function formatScoreBar(score, width = 20) {
+    const filled = Math.round((score / 100) * width);
+    const empty = width - filled;
+    const bar = '█'.repeat(filled) + '░'.repeat(empty);
+    return `${bar} ${score}/100`;
+}
+/**
+ * Get color name for a score (for chalk usage).
+ */
+export function getScoreColor(score) {
+    if (score >= 70)
+        return 'green';
+    if (score >= 50)
+        return 'yellow';
+    return 'red';
+}
+//# sourceMappingURL=quality.js.map

package/dist/core/quality.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"quality.js","sourceRoot":"","sources":["../../src/core/quality.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAW,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAChC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AA8BrC,4EAA4E;AAE5E,MAAM,OAAO,GAAG;IACZ,SAAS,EAAE,IAAI;IACf,OAAO,EAAE,IAAI;IACb,WAAW,EAAE,IAAI;IACjB,QAAQ,EAAE,IAAI;CACR,CAAC;AAEX,4EAA4E;AAE5E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,SAAiB;IACjD,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IAExD,IAAI,GAAW,CAAC;IAChB,IAAI,WAAmB,CAAC;IAExB,IAAI,QAAQ,EAAE,WAAW,EAAE,EAAE,CAAC;QAC1B,GAAG,GAAG,QAAQ,CAAC;QACf,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC7C,CAAC;SAAM,CAAC;QACJ,GAAG,GAAG,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC9B,WAAW,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC1B,OAAO,GAAG,MAAM,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,2BAA2B;IAC3B,MAAM,cAAc,GAAG,cAAc,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IAC7D,MAAM,YAAY,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC5D,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IAEjE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CACtB,cAAc,GAAG,OAAO,CAAC,SAAS;QAClC,YAAY,GAAG,OAAO,CAAC,OAAO;QAC9B,gBAAgB,GAAG,OAAO,CAAC,WAAW;QACtC,aAAa,GAAG,OAAO,CAAC,QAAQ,CACnC,CAAC;IAEF,OAAO;QACH,OAAO;QACP,SAAS,EAAE,cAAc;QACzB,OAAO,EAAE,YAAY;QACrB,WAAW,EAAE,gBAAgB;QAC7B,QAAQ,EAAE,aAAa;QACvB,OAAO;QACP,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC;KAC1B,CAAC;AACN,CAAC;AAED,4EAA4E;AAE5E,SAAS,cAAc,CAAC,OAAe,EAAE,GAAW,EAAE,OAAsB;IACxE,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,MAAM,GAAG,GAAG,GAAG,CAAC;IAEhB,oCAAoC;IACpC,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;IACjC,SAAS,CAAC,OAAO,EAAE,WAAW,EAAE,sBAAsB,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,EACjE,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gDAAgD,CAAC,CAAC;IAC1E,IAAI,KAAK;QAAE,KAAK,IAAI,EAAE,CAAC;IAEvB,6CAA6C;IAC7C,MAAM,cAAc,GAAG,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC5D,SAAS,CAAC,OAAO,EAAE,WAAW,EAAE,0BAA0B,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACnG,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,qDAAqD,CAAC,CAAC;IACxF,IAAI,cAAc;QAAE,KAAK,IAAI,EAAE,CAAC;IAEhC,8CAA8C;IAC9C,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC7C,SAAS,CAAC,OAAO,EAAE,WAAW,EAAE,2BAA2B,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACtF,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,yCAAyC,CAAC,CAAC;IACrE,IAAI,OAAO;QAAE,KAAK,IAAI,EAAE,CAAC;IAEzB,qDAAqD;IACrD,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpD,SAAS,CAAC,OAAO,EAAE,WAAW,EAAE,kCAAkC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC7F,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gDAAgD,CAAC,CAAC;IAC5E,IAAI,OAAO;QAAE,KAAK,IAAI,EAAE,CAAC;IAEzB,+CAA+C;IAC/C,MAAM,YAAY,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,CAAC;IACvD,SAAS,CAAC,OAAO,EAAE,WAAW,EAAE,iDAAiD,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACtH,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,yCAAyC,CAAC,CAAC;IAC1E,IAAI,YAAY;QAAE,KAAK,IAAI,EAAE,CAAC;IAE9B,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,4EAA4E;AAE5E,SAAS,YAAY,CAAC,OAAe,EAAE,OAAsB;IACzD,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,MAAM,GAAG,GAAG,GAAG,CAAC;IAEhB,0DAA0D;IAC1D,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IACzD,MAAM,OAAO,GAAG,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,MAAM,IAAI,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,OAAO,IAAI,EAAE,CAAC;IAC/B,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,uCAAuC,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAClG,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,kBAAkB,OAAO,4DAA4D,CAAC,CAAC;IAClH,IAAI,QAAQ;QAAE,KAAK,IAAI,EAAE,CAAC;IAE1B,qDAAqD;IACrD,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;IACvD,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,IAAI,CAAC,CAAC;IACzC,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,2BAA2B,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC5F,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,8DAA8D,CAAC,CAAC;IAC9F,IAAI,WAAW;QAAE,KAAK,IAAI,EAAE,CAAC;IAE7B,qDAAqD;IACrD,MAAM,QAAQ,GAAG,qCAAqC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACrE,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,kCAAkC,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC7F,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,wEAAwE,CAAC,CAAC;IACrG,IAAI,QAAQ;QAAE,KAAK,IAAI,EAAE,CAAC;IAE1B,yCAAyC;IACzC,MAAM,WAAW,GAAG,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzD,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,uBAAuB,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACxF,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,4CAA4C,CAAC,CAAC;IAC5E,IAAI,WAAW;QAAE,KAAK,IAAI,EAAE,CAAC;IAE7B,wEAAwE;IACxE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;IACzC,MAAM,OAAO,GAAG,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACxE,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,6BAA6B,KAAK,SAAS,EAAE,OAAO,GAAG,CAAC,EAAE,OAAO,EAAE,EAAE,EAC/F,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,mEAAmE,CAAC,CAAC;IACnG,KAAK,IAAI,OAAO,CAAC;IAEjB,6CAA6C;IAC7C,MAAM,UAAU,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IAC5D,MAAM,WAAW,GAAG,UAAU,IAAI,CAAC,CAAC;IACpC,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,6CAA6C,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC9G,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,qDAAqD,CAAC,CAAC;IACrF,IAAI,WAAW;QAAE,KAAK,IAAI,EAAE,CAAC;IAE7B,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,4EAA4E;AAE5E,SAAS,gBAAgB,CAAC,OAAe,EAAE,OAAsB;IAC7D,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,MAAM,GAAG,GAAG,GAAG,CAAC;IAEhB,oCAAoC;IACpC,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,IAAI,CAAC,CAAC;IACvC,SAAS,CAAC,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACnF,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,0DAA0D,CAAC,CAAC;IACtF,IAAI,OAAO;QAAE,KAAK,IAAI,EAAE,CAAC;IAEzB,+CAA+C;IAC/C,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC9E,SAAS,CAAC,OAAO,EAAE,aAAa,EAAE,4BAA4B,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC3F,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,6DAA6D,CAAC,CAAC;IAC1F,IAAI,QAAQ;QAAE,KAAK,IAAI,EAAE,CAAC;IAE1B,0DAA0D;IAC1D,MAAM,WAAW,GAAG,2DAA2D,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC9F,SAAS,CAAC,OAAO,EAAE,aAAa,EAAE,uCAAuC,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC5G,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,+DAA+D,CAAC,CAAC;IAC/F,IAAI,WAAW;QAAE,KAAK,IAAI,EAAE,CAAC;IAE7B,yCAAyC;IACzC,MAAM,YAAY,GAAG,gCAAgC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpE,SAAS,CAAC,OAAO,EAAE,aAAa,EAAE,qCAAqC,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC5G,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,oDAAoD,CAAC,CAAC;IACrF,IAAI,YAAY;QAAE,KAAK,IAAI,EAAE,CAAC;IAE9B,uDAAuD;IACvD,MAAM,cAAc,GAAG,6CAA6C,CAAC,IAAI,CAAC,OAAO,CAAC;WAC3E,6BAA6B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnD,SAAS,CAAC,OAAO,EAAE,aAAa,EAAE,yCAAyC,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACpH,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,8DAA8D,CAAC,CAAC;IACjG,IAAI,cAAc;QAAE,KAAK,IAAI,EAAE,CAAC;IAEhC,iDAAiD;IACjD,MAAM,cAAc,GAAG,4DAA4D,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAClG,SAAS,CAAC,OAAO,EAAE,aAAa,EAAE,mCAAmC,EAAE,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC9G,cAAc,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gEAAgE,CAAC,CAAC;IACnG,IAAI,cAAc;QAAE,KAAK,IAAI,EAAE,CAAC;IAEhC,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,4EAA4E;AAE5E,KAAK,UAAU,aAAa,CAAC,OAAe,EAAE,GAAW,EAAE,OAAsB;IAC7E,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,MAAM,GAAG,GAAG,GAAG,CAAC;IAEhB,2CAA2C;IAC3C,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC,CAAC;IACpD,SAAS,CAAC,OAAO,EAAE,UAAU,EAAE,wBAAwB,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACxF,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,+CAA+C,CAAC,CAAC;IAC9E,IAAI,UAAU;QAAE,KAAK,IAAI,EAAE,CAAC;IAE5B,4DAA4D;IAC5D,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;IAC1F,SAAS,CAAC,OAAO,EAAE,UAAU,EAAE,yCAAyC,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACnG,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,0DAA0D,CAAC,CAAC;IACtF,IAAI,OAAO;QAAE,KAAK,IAAI,EAAE,CAAC;IAEzB,8CAA8C;IAC9C,MAAM,eAAe,GAAG,gDAAgD,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvF,SAAS,CAAC,OAAO,EAAE,UAAU,EAAE,uCAAuC,EAAE,eAAe,EAAE,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACjH,eAAe,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,uEAAuE,CAAC,CAAC;IAC3G,IAAI,eAAe;QAAE,KAAK,IAAI,EAAE,CAAC;IAEjC,qDAAqD;IACrD,MAAM,YAAY,GAAG,4CAA4C,CAAC,IAAI,CAAC,OAAO,CAAC;WACxE,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC,CAAC;IAC7C,SAAS,CAAC,OAAO,EAAE,UAAU,EAAE,kCAAkC,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EACtG,YAAY,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gDAAgD,CAAC,CAAC;IACjF,IAAI,YAAY;QAAE,KAAK,IAAI,EAAE,CAAC;IAE9B,iDAAiD;IACjD,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;WAC9E,mCAAmC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzD,SAAS,CAAC,OAAO,EAAE,UAAU,EAAE,mCAAmC,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,EAC/F,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gDAAgD,CAAC,CAAC;IAC7E,IAAI,QAAQ;QAAE,KAAK,IAAI,EAAE,CAAC;IAE1B,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,4EAA4E;AAE5E,SAAS,SAAS,CACd,OAAsB,EACtB,SAAmC,EACnC,KAAa,EACb,MAAe,EACf,MAAc,EACd,SAAiB,EACjB,GAAY;IAEZ,OAAO,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;AACvE,CAAC;AAED,SAAS,OAAO,CAAC,KAAa;IAC1B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,IAAI,CAAC;IAC7B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,OAAO,GAAG,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,KAAa,EAAE,QAAgB,EAAE;IAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,KAAK,GAAG,MAAM,CAAC;IAC7B,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACnD,OAAO,GAAG,GAAG,IAAI,KAAK,MAAM,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAa;IACvC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,OAAO,CAAC;IAChC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,QAAQ,CAAC;IACjC,OAAO,KAAK,CAAC;AACjB,CAAC"}

package/dist/core/scanner-rules.d.ts ADDED Viewed

@@ -0,0 +1,58 @@
+/**
+ * Scanner Rules - Security vulnerability detection rules
+ * Used by the audit command to scan skills for potential threats
+ */
+export type Severity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export interface ScannerRule {
+    id: string;
+    category: string;
+    severity: Severity;
+    title: string;
+    description: string;
+    pattern: RegExp;
+    falsePositiveCheck?: (line: string, context: string[]) => boolean;
+}
+export interface ScanFinding {
+    ruleId: string;
+    category: string;
+    severity: Severity;
+    title: string;
+    description: string;
+    file: string;
+    line: number;
+    lineContent: string;
+    column?: number;
+}
+export interface ScanResult {
+    findings: ScanFinding[];
+    filesScanned: number;
+    summary: {
+        critical: number;
+        high: number;
+        medium: number;
+        low: number;
+        info: number;
+        total: number;
+    };
+}
+/**
+ * All scanner rules organized by category
+ */
+export declare const SCANNER_RULES: ScannerRule[];
+/**
+ * Get rules by category
+ */
+export declare function getRulesByCategory(category: string): ScannerRule[];
+/**
+ * Get rule by ID
+ */
+export declare function getRuleById(id: string): ScannerRule | undefined;
+/**
+ * Get all categories
+ */
+export declare function getCategories(): string[];
+/**
+ * Create empty scan result
+ */
+export declare function createEmptyScanResult(): ScanResult;
+//# sourceMappingURL=scanner-rules.d.ts.map

package/dist/core/scanner-rules.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"scanner-rules.d.ts","sourceRoot":"","sources":["../../src/core/scanner-rules.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,WAAW,WAAW;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC;CACrE;AAED,MAAM,WAAW,WAAW;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACvB,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE;QACL,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;KACjB,CAAC;CACL;AAED;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE,WAAW,EAwStC,CAAC;AAEF;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,WAAW,EAAE,CAElE;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,WAAW,GAAG,SAAS,CAE/D;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,MAAM,EAAE,CAExC;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,UAAU,CAalD"}

package/dist/core/scanner-rules.js ADDED Viewed

@@ -0,0 +1,335 @@
+/**
+ * Scanner Rules - Security vulnerability detection rules
+ * Used by the audit command to scan skills for potential threats
+ */
+/**
+ * All scanner rules organized by category
+ */
+export const SCANNER_RULES = [
+    // ═══════════════════════════════════════════
+    // PROMPT INJECTION (PI001-PI010)
+    // ═══════════════════════════════════════════
+    {
+        id: 'PI001',
+        category: 'prompt-injection',
+        severity: 'critical',
+        title: 'Direct prompt override attempt',
+        description: 'Attempts to override or ignore previous instructions',
+        pattern: /ignore\s+(all\s+)?previous\s+instructions/i,
+    },
+    {
+        id: 'PI002',
+        category: 'prompt-injection',
+        severity: 'critical',
+        title: 'System prompt override',
+        description: 'Attempts to set a new system prompt or role',
+        pattern: /you\s+are\s+now\s+(a|an|the)\s+/i,
+    },
+    {
+        id: 'PI003',
+        category: 'prompt-injection',
+        severity: 'high',
+        title: 'Role manipulation',
+        description: 'Attempts to change the AI agent\'s role or behavior',
+        pattern: /(act|behave|pretend|roleplay)\s+(as|like)\s+(a|an|the)\s+/i,
+    },
+    {
+        id: 'PI004',
+        category: 'prompt-injection',
+        severity: 'high',
+        title: 'Instruction bypass',
+        description: 'Attempts to bypass safety restrictions',
+        pattern: /(bypass|circumvent|override|disable)\s+(safety|restrictions?|filters?|guardrails?)/i,
+    },
+    {
+        id: 'PI005',
+        category: 'prompt-injection',
+        severity: 'medium',
+        title: 'Jailbreak attempt',
+        description: 'Known jailbreak patterns detected',
+        pattern: /(DAN|do\s+anything\s+now|STAN|jailbreak)/i,
+    },
+    {
+        id: 'PI006',
+        category: 'prompt-injection',
+        severity: 'medium',
+        title: 'Prompt leak request',
+        description: 'Attempts to extract system prompts or instructions',
+        pattern: /(reveal|show|print|output|display)\s+(your|the|system)\s+(prompt|instructions|rules)/i,
+    },
+    {
+        id: 'PI007',
+        category: 'prompt-injection',
+        severity: 'high',
+        title: 'Encoding-based injection',
+        description: 'Using base64 or hex encoding to hide instructions',
+        pattern: /(atob|btoa|Buffer\.from)\s*\(\s*['"`]/,
+    },
+    {
+        id: 'PI008',
+        category: 'prompt-injection',
+        severity: 'medium',
+        title: 'Delimiter manipulation',
+        description: 'Using special delimiters to break prompt boundaries',
+        pattern: /(```system|<\|im_start\|>|<\|endoftext\|>|<\/system>)/i,
+    },
+    // ═══════════════════════════════════════════
+    // COMMAND INJECTION (CI001-CI008)
+    // ═══════════════════════════════════════════
+    {
+        id: 'CI001',
+        category: 'command-injection',
+        severity: 'critical',
+        title: 'Destructive command',
+        description: 'Potentially destructive shell command',
+        pattern: /\b(rm\s+-rf\s+[\/~]|rmdir\s+\/s|del\s+\/f\s+\/s|format\s+[a-z]:)/i,
+    },
+    {
+        id: 'CI002',
+        category: 'command-injection',
+        severity: 'critical',
+        title: 'Remote code execution',
+        description: 'Piping remote content to shell execution',
+        pattern: /\b(curl|wget)\s+.*\|\s*(bash|sh|zsh|python|node|eval)/i,
+    },
+    {
+        id: 'CI003',
+        category: 'command-injection',
+        severity: 'high',
+        title: 'Shell eval usage',
+        description: 'Dynamic code evaluation which could execute arbitrary code',
+        pattern: /\b(eval|exec|execSync|spawnSync|child_process)\s*\(/,
+    },
+    {
+        id: 'CI004',
+        category: 'command-injection',
+        severity: 'high',
+        title: 'Dangerous chmod',
+        description: 'Setting overly permissive file permissions',
+        pattern: /chmod\s+(777|666|a\+[rwx])/,
+    },
+    {
+        id: 'CI005',
+        category: 'command-injection',
+        severity: 'medium',
+        title: 'Sudo usage',
+        description: 'Privilege escalation via sudo',
+        pattern: /\bsudo\s+/,
+    },
+    {
+        id: 'CI006',
+        category: 'command-injection',
+        severity: 'medium',
+        title: 'Network download',
+        description: 'Downloading content from external sources',
+        pattern: /\b(curl|wget|fetch)\s+https?:\/\//i,
+    },
+    {
+        id: 'CI007',
+        category: 'command-injection',
+        severity: 'high',
+        title: 'Shell script generation',
+        description: 'Dynamically creating and executing shell scripts',
+        pattern: />\s*\/tmp\/.*\.sh|echo\s+.*>\s+.*\.sh\s*&&\s*(bash|sh|chmod)/,
+    },
+    // ═══════════════════════════════════════════
+    // DATA EXFILTRATION (DE001-DE006)
+    // ═══════════════════════════════════════════
+    {
+        id: 'DE001',
+        category: 'data-exfiltration',
+        severity: 'critical',
+        title: 'Data exfiltration via webhook',
+        description: 'Sending data to external webhook or API endpoint',
+        pattern: /(fetch|axios|got|request)\s*\(\s*['"`](https?:\/\/[^'"]*?(webhook|exfil|ngrok|burp|requestbin))/i,
+    },
+    {
+        id: 'DE002',
+        category: 'data-exfiltration',
+        severity: 'high',
+        title: 'DNS exfiltration',
+        description: 'Using DNS queries to exfiltrate data',
+        pattern: /dns\.(resolve|lookup)\s*\(.*\$\{/,
+    },
+    {
+        id: 'DE003',
+        category: 'data-exfiltration',
+        severity: 'high',
+        title: 'Environment variable access',
+        description: 'Reading sensitive environment variables',
+        pattern: /process\.env\[(.*?(KEY|SECRET|TOKEN|PASSWORD|CREDENTIAL))/i,
+    },
+    {
+        id: 'DE004',
+        category: 'data-exfiltration',
+        severity: 'medium',
+        title: 'File read of sensitive paths',
+        description: 'Reading from sensitive system paths',
+        pattern: /readFile(Sync)?\s*\(\s*['"`](\/etc\/(passwd|shadow|ssh)|~\/\.ssh|~\/\.aws)/,
+    },
+    {
+        id: 'DE005',
+        category: 'data-exfiltration',
+        severity: 'high',
+        title: 'Base64 encoding of data',
+        description: 'Encoding data to base64 before transmission',
+        pattern: /Buffer\.from\(.*\)\.toString\(['"`]base64['"`]\)/,
+    },
+    // ═══════════════════════════════════════════
+    // TOOL ABUSE (TA001-TA008)
+    // ═══════════════════════════════════════════
+    {
+        id: 'TA001',
+        category: 'tool-abuse',
+        severity: 'high',
+        title: 'Filesystem traversal',
+        description: 'Accessing files outside project directory',
+        pattern: /\.\.\/(\.\.\/){2,}|path\.(join|resolve)\s*\(.*\.\.\//,
+    },
+    {
+        id: 'TA002',
+        category: 'tool-abuse',
+        severity: 'medium',
+        title: 'Unrestricted file write',
+        description: 'Writing to system or home directories',
+        pattern: /writeFile(Sync)?\s*\(\s*['"`](\/usr|\/etc|\/var|\/home|\/root)/,
+    },
+    {
+        id: 'TA003',
+        category: 'tool-abuse',
+        severity: 'medium',
+        title: 'Process spawning',
+        description: 'Spawning new processes from skill code',
+        pattern: /\b(spawn|fork|exec)\s*\(\s*['"`]/,
+    },
+    {
+        id: 'TA004',
+        category: 'tool-abuse',
+        severity: 'low',
+        title: 'Global npm install',
+        description: 'Installing packages globally',
+        pattern: /npm\s+install\s+(-g|--global)/,
+    },
+    // ═══════════════════════════════════════════
+    // HARDCODED SECRETS (HS001-HS008)
+    // ═══════════════════════════════════════════
+    {
+        id: 'HS001',
+        category: 'hardcoded-secrets',
+        severity: 'critical',
+        title: 'AWS access key',
+        description: 'Hardcoded AWS access key ID',
+        pattern: /AKIA[0-9A-Z]{16}/,
+    },
+    {
+        id: 'HS002',
+        category: 'hardcoded-secrets',
+        severity: 'critical',
+        title: 'API key pattern',
+        description: 'Possible hardcoded API key',
+        pattern: /(sk-[a-zA-Z0-9]{20,}|sk-proj-[a-zA-Z0-9]{20,}|ghp_[a-zA-Z0-9]{36}|gho_[a-zA-Z0-9]{36})/,
+    },
+    {
+        id: 'HS003',
+        category: 'hardcoded-secrets',
+        severity: 'high',
+        title: 'Generic secret assignment',
+        description: 'Variable named secret/password/token with hardcoded value',
+        pattern: /(password|secret|token|api_key|apikey|api[-_]?secret)\s*[:=]\s*['"`][A-Za-z0-9+/=]{8,}/i,
+    },
+    {
+        id: 'HS004',
+        category: 'hardcoded-secrets',
+        severity: 'high',
+        title: 'Private key block',
+        description: 'Embedded private key',
+        pattern: /-----BEGIN\s+(RSA\s+)?PRIVATE\s+KEY-----/,
+    },
+    {
+        id: 'HS005',
+        category: 'hardcoded-secrets',
+        severity: 'high',
+        title: 'JWT token',
+        description: 'Hardcoded JWT token',
+        pattern: /eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}/,
+    },
+    {
+        id: 'HS006',
+        category: 'hardcoded-secrets',
+        severity: 'medium',
+        title: 'Database connection string',
+        description: 'Hardcoded database URL with credentials',
+        pattern: /(postgres|mysql|mongodb|redis):\/\/[^:]+:[^@]+@/,
+    },
+    // ═══════════════════════════════════════════
+    // UNICODE STEGANOGRAPHY (UC001-UC006)
+    // ═══════════════════════════════════════════
+    {
+        id: 'UC001',
+        category: 'unicode-steganography',
+        severity: 'high',
+        title: 'Zero-width characters',
+        description: 'Hidden zero-width characters that may contain embedded instructions',
+        pattern: /[\u200B\u200C\u200D\uFEFF\u200E\u200F]/,
+    },
+    {
+        id: 'UC002',
+        category: 'unicode-steganography',
+        severity: 'medium',
+        title: 'Right-to-left override',
+        description: 'Unicode RTL override that can disguise code direction',
+        pattern: /[\u202A\u202B\u202C\u202D\u202E\u2066\u2067\u2068\u2069]/,
+    },
+    {
+        id: 'UC003',
+        category: 'unicode-steganography',
+        severity: 'medium',
+        title: 'Homoglyph characters',
+        description: 'Characters that look like ASCII but are different Unicode codepoints',
+        pattern: /[\u0410\u0412\u0415\u041A\u041C\u041D\u041E\u0420\u0421\u0422\u0425]/,
+    },
+    {
+        id: 'UC004',
+        category: 'unicode-steganography',
+        severity: 'low',
+        title: 'Invisible separator characters',
+        description: 'Unicode separator characters that may hide content',
+        pattern: /[\u2028\u2029\u00A0\u2000-\u200A]/,
+    },
+];
+/**
+ * Get rules by category
+ */
+export function getRulesByCategory(category) {
+    return SCANNER_RULES.filter(r => r.category === category);
+}
+/**
+ * Get rule by ID
+ */
+export function getRuleById(id) {
+    return SCANNER_RULES.find(r => r.id === id);
+}
+/**
+ * Get all categories
+ */
+export function getCategories() {
+    return [...new Set(SCANNER_RULES.map(r => r.category))];
+}
+/**
+ * Create empty scan result
+ */
+export function createEmptyScanResult() {
+    return {
+        findings: [],
+        filesScanned: 0,
+        summary: {
+            critical: 0,
+            high: 0,
+            medium: 0,
+            low: 0,
+            info: 0,
+            total: 0,
+        },
+    };
+}
+//# sourceMappingURL=scanner-rules.js.map