agent-threat-rules 0.1.0 → 0.2.1

package/dist/layer-integration.js

@@ -0,0 +1,185 @@
+/**
+ * Layer Integration Helpers
+ *
+ * Bridges the ATREngine (Layer 1 regex) with:
+ * - SkillFingerprintStore (Layer 2 behavioral fingerprinting)
+ * - SemanticModule (Layer 3 LLM-as-judge)
+ *
+ * Extracted from engine.ts to keep file sizes manageable.
+ *
+ * @module agent-threat-rules/layer-integration
+ */
+// ---------------------------------------------------------------------------
+// Layer 2: Skill Fingerprinting
+// ---------------------------------------------------------------------------
+/** Severity mapping for anomaly types */
+const ANOMALY_SEVERITY_MAP = {
+    critical: 'critical',
+    high: 'high',
+    medium: 'medium',
+    low: 'low',
+};
+/**
+ * Resolve the skill identifier from an agent event.
+ * Returns undefined if no skill identifier is present.
+ */
+export function resolveSkillId(event) {
+    const fromMetadata = event.metadata?.['skill_id'];
+    if (typeof fromMetadata === 'string' && fromMetadata.length > 0) {
+        return fromMetadata;
+    }
+    const fromFields = event.fields?.['tool_name'];
+    if (typeof fromFields === 'string' && fromFields.length > 0) {
+        return fromFields;
+    }
+    return undefined;
+}
+/**
+ * Create a synthetic ATRRule for a behavioral anomaly detected by Layer 2.
+ * These rules are not loaded from YAML -- they are generated at runtime.
+ */
+function buildAnomalyRule(anomaly) {
+    return {
+        title: `Skill Behavior Drift: ${anomaly.anomalyType}`,
+        id: `layer2-fingerprint-${anomaly.anomalyType}-${anomaly.skillName}`,
+        status: 'experimental',
+        description: anomaly.description,
+        author: 'atr-engine/layer2',
+        date: new Date(anomaly.timestamp).toISOString().slice(0, 10),
+        severity: ANOMALY_SEVERITY_MAP[anomaly.severity] ?? 'medium',
+        tags: {
+            category: 'skill-compromise',
+            subcategory: 'behavioral-drift',
+            confidence: anomaly.severity === 'critical' ? 'high' : 'medium',
+        },
+        agent_source: { type: 'skill_lifecycle' },
+        detection: {
+            conditions: [],
+            condition: 'layer2-runtime',
+        },
+        response: {
+            actions: anomaly.severity === 'critical' ? ['alert', 'block_tool'] : ['alert'],
+        },
+    };
+}
+/**
+ * Run Layer 2 fingerprint analysis on an event.
+ * Returns additional ATRMatch entries for any detected anomalies.
+ */
+export function runFingerprintLayer(store, event, skillId) {
+    const anomalies = store.recordInvocation(skillId, event);
+    if (anomalies.length === 0) {
+        return [];
+    }
+    const matches = [];
+    for (const anomaly of anomalies) {
+        const rule = buildAnomalyRule(anomaly);
+        const confidence = anomaly.severity === 'critical'
+            ? 0.95
+            : anomaly.severity === 'high'
+                ? 0.85
+                : 0.7;
+        matches.push({
+            rule,
+            matchedConditions: [anomaly.anomalyType],
+            matchedPatterns: [anomaly.newValue],
+            confidence,
+            timestamp: new Date(anomaly.timestamp).toISOString(),
+        });
+    }
+    return matches;
+}
+// ---------------------------------------------------------------------------
+// Layer 3: Semantic Analysis
+// ---------------------------------------------------------------------------
+/** Minimum severity rank that triggers Layer 3 analysis */
+const SEMANTIC_TRIGGER_SEVERITIES = new Set([
+    'medium',
+    'high',
+    'critical',
+]);
+/**
+ * Determine whether Layer 3 semantic analysis should run.
+ *
+ * Triggers when:
+ * - Any Layer 1/2 match has medium or higher severity
+ * - The event explicitly requests deep analysis via metadata
+ */
+export function shouldRunSemanticLayer(layer1Matches, event) {
+    // Explicit opt-in via metadata
+    if (event.metadata?.['force_semantic'] === true) {
+        return true;
+    }
+    // Check if any existing matches have medium+ severity
+    for (const match of layer1Matches) {
+        if (SEMANTIC_TRIGGER_SEVERITIES.has(match.rule.severity)) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Create a SemanticModule instance from simplified config.
+ * Returns undefined if the semantic module cannot be imported.
+ */
+export function createSemanticModuleFromConfig(config) {
+    return {
+        apiUrl: config.baseUrl ?? 'https://api.openai.com',
+        apiKey: config.apiKey,
+        model: config.model ?? 'gpt-4o-mini',
+    };
+}
+/**
+ * Run Layer 3 semantic analysis and return upgraded/new matches.
+ *
+ * The semantic module is called with `analyze_threat` to get a threat score.
+ * If the score is >= 0.7, a synthetic high-severity match is produced.
+ * If the score is 0.4-0.7, existing matches may have confidence boosted.
+ */
+export async function runSemanticLayer(semanticModule, event, existingMatches) {
+    const result = await semanticModule.evaluate(event, {
+        module: 'semantic',
+        function: 'analyze_threat',
+        args: { field: 'content' },
+        operator: 'gte',
+        threshold: 0.4,
+    });
+    if (!result.matched) {
+        return [];
+    }
+    const additionalMatches = [];
+    // High threat score: create a new synthetic match
+    if (result.value >= 0.7) {
+        const syntheticRule = {
+            title: 'Semantic Threat Detected (Layer 3)',
+            id: 'layer3-semantic-threat',
+            status: 'experimental',
+            description: result.description,
+            author: 'atr-engine/layer3',
+            date: new Date().toISOString().slice(0, 10),
+            severity: result.value >= 0.9 ? 'critical' : 'high',
+            tags: {
+                category: 'prompt-injection',
+                subcategory: 'semantic-detection',
+                confidence: 'high',
+            },
+            agent_source: { type: 'llm_io' },
+            detection: {
+                conditions: [],
+                condition: 'layer3-runtime',
+            },
+            response: {
+                actions: result.value >= 0.9 ? ['block_input', 'alert'] : ['alert'],
+            },
+        };
+        additionalMatches.push({
+            rule: syntheticRule,
+            matchedConditions: ['semantic_analysis'],
+            matchedPatterns: [`threat_score=${result.value.toFixed(2)}`],
+            confidence: result.value,
+            timestamp: new Date().toISOString(),
+        });
+    }
+    return additionalMatches;
+}
+//# sourceMappingURL=layer-integration.js.map

package/dist/layer-integration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"layer-integration.js","sourceRoot":"","sources":["../src/layer-integration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAoBH,8EAA8E;AAC9E,gCAAgC;AAChC,8EAA8E;AAE9E,yCAAyC;AACzC,MAAM,oBAAoB,GAA0C;IAClE,QAAQ,EAAE,UAAU;IACpB,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,QAAQ;IAChB,GAAG,EAAE,KAAK;CACX,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,KAAiB;IAC9C,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChE,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC;IAC/C,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,OAAwB;IAChD,OAAO;QACL,KAAK,EAAE,yBAAyB,OAAO,CAAC,WAAW,EAAE;QACrD,EAAE,EAAE,sBAAsB,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,SAAS,EAAE;QACpE,MAAM,EAAE,cAAc;QACtB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,MAAM,EAAE,mBAAmB;QAC3B,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAC5D,QAAQ,EAAE,oBAAoB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ;QAC5D,IAAI,EAAE;YACJ,QAAQ,EAAE,kBAAkB;YAC5B,WAAW,EAAE,kBAAkB;YAC/B,UAAU,EAAE,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;SAChE;QACD,YAAY,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE;QACzC,SAAS,EAAE;YACT,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,gBAAgB;SAC5B;QACD,QAAQ,EAAE;YACR,OAAO,EAAE,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;SAC/E;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,KAA4B,EAC5B,KAAiB,EACjB,OAAe;IAEf,MAAM,SAAS,GAAG,KAAK,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAEzD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,OAAO,GAAe,EAAE,CAAC;IAC/B,KAAK,MAAM,OAAO,IAAI,SAAS,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,KAAK,UAAU;YAChD,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,MAAM;gBAC3B,CAAC,CAAC,IAAI;gBACN,CAAC,CAAC,GAAG,CAAC;QAEV,OAAO,CAAC,IAAI,CAAC;YACX,IAAI;YACJ,iBAAiB,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC;YACxC,eAAe,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC;YACnC,UAAU;YACV,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;SACrD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,8EAA8E;AAC9E,6BAA6B;AAC7B,8EAA8E;AAE9E,2DAA2D;AAC3D,MAAM,2BAA2B,GAA6B,IAAI,GAAG,CAAC;IACpE,QAAQ;IACR,MAAM;IACN,UAAU;CACX,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,aAAkC,EAClC,KAAiB;IAEjB,+BAA+B;IAC/B,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,gBAAgB,CAAC,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sDAAsD;IACtD,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;QAClC,IAAI,2BAA2B,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAC5C,MAA2B;IAE3B,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,OAAO,IAAI,wBAAwB;QAClD,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,aAAa;KACrC,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,cAA8B,EAC9B,KAAiB,EACjB,eAAoC;IAEpC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,QAAQ,CAAC,KAAK,EAAE;QAClD,MAAM,EAAE,UAAU;QAClB,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1B,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,GAAG;KACf,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,iBAAiB,GAAe,EAAE,CAAC;IAEzC,kDAAkD;IAClD,IAAI,MAAM,CAAC,KAAK,IAAI,GAAG,EAAE,CAAC;QACxB,MAAM,aAAa,GAAY;YAC7B,KAAK,EAAE,oCAAoC;YAC3C,EAAE,EAAE,wBAAwB;YAC5B,MAAM,EAAE,cAAc;YACtB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,MAAM,EAAE,mBAAmB;YAC3B,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC3C,QAAQ,EAAE,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;YACnD,IAAI,EAAE;gBACJ,QAAQ,EAAE,kBAAkB;gBAC5B,WAAW,EAAE,oBAAoB;gBACjC,UAAU,EAAE,MAAM;aACnB;YACD,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YAChC,SAAS,EAAE;gBACT,UAAU,EAAE,EAAE;gBACd,SAAS,EAAE,gBAAgB;aAC5B;YACD,QAAQ,EAAE;gBACR,OAAO,EAAE,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;aACpE;SACF,CAAC;QAEF,iBAAiB,CAAC,IAAI,CAAC;YACrB,IAAI,EAAE,aAAa;YACnB,iBAAiB,EAAE,CAAC,mBAAmB,CAAC;YACxC,eAAe,EAAE,CAAC,gBAAgB,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5D,UAAU,EAAE,MAAM,CAAC,KAAK;YACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,iBAAiB,CAAC;AAC3B,CAAC"}

package/dist/loader.js

@@ -32,8 +32,8 @@ export function loadRulesFromDirectory(dirPath) {
             try {
                 rules.push(loadRuleFile(fullPath));
             }
-            catch {
-                // Skip invalid rule files — logged at caller level
+            catch (err) {
+                console.warn(`[ATR] Failed to load rule file ${fullPath}: ${err instanceof Error ? err.message : String(err)}`);
             }
         }
     }

package/dist/loader.js.map

@@ -1 +1 @@
-{"version":3,"file":"loader.js","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,IAAI,MAAM,SAAS,CAAC;AAG3B;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAY,CAAC;IAE7C,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,kDAAkD,CAAC,CAAC;IACrG,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAc,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACrC,CAAC;YAAC,MAAM,CAAC;gBACP,mDAAmD;YACrD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;IAE1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;IACzI,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACvE,CAAC;IAED,cAAc;IACd,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACxE,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;IAC/E,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAwC,CAAC;IAC9D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,eAAe,GAAG;YACtB,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;YAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;YAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;SACpD,CAAC;QACF,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACxF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,CAAC,cAAc,CAAwC,CAAC;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB;YACvD,kBAAkB,EAAE,gBAAgB,EAAE,eAAe;YACrD,iBAAiB,EAAE,kBAAkB,EAAE,aAAa;SACrD,CAAC;QACF,IAAI,OAAO,WAAW,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzF,MAAM,CAAC,IAAI,CAAC,8BAA8B,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAwC,CAAC;IACxE,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAwC,CAAC;IACtE,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,CAAC,CAAC,YAAY,CAAwC,CAAC;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}
+{"version":3,"file":"loader.js","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,IAAI,MAAM,SAAS,CAAC;AAG3B;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAY,CAAC;IAE7C,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,kDAAkD,CAAC,CAAC;IACrG,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAc,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;IAE1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;IACzI,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACvE,CAAC;IAED,cAAc;IACd,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACxE,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;IAC/E,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAwC,CAAC;IAC9D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,eAAe,GAAG;YACtB,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;YAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;YAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;SACpD,CAAC;QACF,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACxF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,CAAC,cAAc,CAAwC,CAAC;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB;YACvD,kBAAkB,EAAE,gBAAgB,EAAE,eAAe;YACrD,iBAAiB,EAAE,kBAAkB,EAAE,aAAa;SACrD,CAAC;QACF,IAAI,OAAO,WAAW,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzF,MAAM,CAAC,IAAI,CAAC,8BAA8B,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAwC,CAAC;IACxE,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAwC,CAAC;IACtE,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,CAAC,CAAC,YAAY,CAAwC,CAAC;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}

package/dist/mcp-server.d.ts

@@ -0,0 +1,13 @@
+#!/usr/bin/env node
+/**
+ * ATR MCP Server - Model Context Protocol server for Agent Threat Rules
+ *
+ * Exposes ATR functionality as MCP tools for AI agents and IDEs.
+ * Start with: atr mcp (stdio transport)
+ *
+ * @module agent-threat-rules/mcp-server
+ */
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+export declare function createMCPServer(): Promise<Server>;
+export declare function startMCPServer(): Promise<void>;
+//# sourceMappingURL=mcp-server.d.ts.map

package/dist/mcp-server.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-server.d.ts","sourceRoot":"","sources":["../src/mcp-server.ts"],"names":[],"mappings":";AACA;;;;;;;GAOG;AAIH,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AAsKnE,wBAAsB,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC,CAoDvD;AAED,wBAAsB,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,CAIpD"}

package/dist/mcp-server.js

@@ -0,0 +1,220 @@
+#!/usr/bin/env node
+/**
+ * ATR MCP Server - Model Context Protocol server for Agent Threat Rules
+ *
+ * Exposes ATR functionality as MCP tools for AI agents and IDEs.
+ * Start with: atr mcp (stdio transport)
+ *
+ * @module agent-threat-rules/mcp-server
+ */
+import { resolve, dirname } from 'node:path';
+import { fileURLToPath } from 'node:url';
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { ListToolsRequestSchema, CallToolRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
+import { ATREngine } from './engine.js';
+import { handleScan } from './mcp-tools/scan.js';
+import { handleListRules } from './mcp-tools/list-rules.js';
+import { handleValidate } from './mcp-tools/validate.js';
+import { handleSubmitProposal } from './mcp-tools/submit-proposal.js';
+import { handleCoverageGaps } from './mcp-tools/coverage-gaps.js';
+import { handleThreatSummary } from './mcp-tools/threat-summary.js';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+const RULES_DIR = resolve(__dirname, '..', 'rules');
+const TOOLS = [
+    {
+        name: 'atr_scan',
+        description: 'Scan text content for AI agent security threats using ATR detection rules. Returns matched rules with severity, confidence, and recommended actions.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                content: {
+                    type: 'string',
+                    description: 'The text content to scan for threats (prompt, tool response, agent output, etc.)',
+                },
+                event_type: {
+                    type: 'string',
+                    enum: ['llm_input', 'llm_output', 'tool_call', 'tool_response', 'agent_behavior', 'multi_agent_message'],
+                    description: 'Type of agent event being scanned. Defaults to "llm_input".',
+                },
+                min_severity: {
+                    type: 'string',
+                    enum: ['informational', 'low', 'medium', 'high', 'critical'],
+                    description: 'Minimum severity level to include in results. Defaults to "informational".',
+                },
+            },
+            required: ['content'],
+        },
+    },
+    {
+        name: 'atr_list_rules',
+        description: 'List and filter available ATR detection rules. Search by category, severity, or keyword.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                category: {
+                    type: 'string',
+                    enum: [
+                        'prompt-injection', 'tool-poisoning', 'context-exfiltration',
+                        'agent-manipulation', 'privilege-escalation', 'excessive-autonomy',
+                        'data-poisoning', 'model-abuse', 'skill-compromise',
+                    ],
+                    description: 'Filter rules by threat category.',
+                },
+                severity: {
+                    type: 'string',
+                    enum: ['informational', 'low', 'medium', 'high', 'critical'],
+                    description: 'Filter rules by severity level.',
+                },
+                search: {
+                    type: 'string',
+                    description: 'Search rules by keyword in title, description, or ID.',
+                },
+            },
+        },
+    },
+    {
+        name: 'atr_validate_rule',
+        description: 'Validate an ATR rule written in YAML format. Checks required fields, enum values, and structural correctness.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                yaml_content: {
+                    type: 'string',
+                    description: 'The ATR rule YAML content to validate.',
+                },
+            },
+            required: ['yaml_content'],
+        },
+    },
+    {
+        name: 'atr_submit_proposal',
+        description: 'Generate a draft ATR rule from a threat description. Produces YAML with detection patterns derived from example payloads.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                title: {
+                    type: 'string',
+                    description: 'Title for the new rule (e.g., "Multi-turn Context Hijacking").',
+                },
+                category: {
+                    type: 'string',
+                    enum: [
+                        'prompt-injection', 'tool-poisoning', 'context-exfiltration',
+                        'agent-manipulation', 'privilege-escalation', 'excessive-autonomy',
+                        'data-poisoning', 'model-abuse', 'skill-compromise',
+                    ],
+                    description: 'Threat category for the rule.',
+                },
+                attack_description: {
+                    type: 'string',
+                    description: 'Detailed description of the attack this rule detects.',
+                },
+                example_payloads: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'Example attack payloads to generate detection patterns from.',
+                },
+                severity: {
+                    type: 'string',
+                    enum: ['informational', 'low', 'medium', 'high', 'critical'],
+                    description: 'Severity level. Defaults to "medium".',
+                },
+                mitre_refs: {
+                    type: 'array',
+                    items: { type: 'string' },
+                    description: 'Optional MITRE ATLAS reference IDs (e.g., "AML.T0051").',
+                },
+            },
+            required: ['title', 'category', 'attack_description', 'example_payloads'],
+        },
+    },
+    {
+        name: 'atr_coverage_gaps',
+        description: 'Analyze ATR rule coverage against security frameworks (OWASP Agentic AI, MITRE ATLAS). Identifies uncovered threat categories.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                framework: {
+                    type: 'string',
+                    enum: ['owasp_agentic', 'mitre_atlas', 'all'],
+                    description: 'Security framework to analyze against. Defaults to "all".',
+                },
+            },
+        },
+    },
+    {
+        name: 'atr_threat_summary',
+        description: 'Get aggregated statistics about loaded ATR rules. Shows distribution by category, severity, status, and test coverage.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                category: {
+                    type: 'string',
+                    enum: [
+                        'prompt-injection', 'tool-poisoning', 'context-exfiltration',
+                        'agent-manipulation', 'privilege-escalation', 'excessive-autonomy',
+                        'data-poisoning', 'model-abuse', 'skill-compromise',
+                    ],
+                    description: 'Optional: filter statistics to a single threat category.',
+                },
+            },
+        },
+    },
+];
+export async function createMCPServer() {
+    const engine = new ATREngine({ rulesDir: RULES_DIR });
+    const ruleCount = await engine.loadRules();
+    const server = new Server({
+        name: 'atr-mcp-server',
+        version: '0.2.0',
+    }, {
+        capabilities: {
+            tools: {},
+        },
+    });
+    server.setRequestHandler(ListToolsRequestSchema, async () => ({
+        tools: TOOLS,
+    }));
+    server.setRequestHandler(CallToolRequestSchema, async (request) => {
+        const { name, arguments: args } = request.params;
+        const toolArgs = (args ?? {});
+        switch (name) {
+            case 'atr_scan':
+                return await handleScan(engine, toolArgs);
+            case 'atr_list_rules':
+                return handleListRules(engine, toolArgs);
+            case 'atr_validate_rule':
+                return handleValidate(toolArgs);
+            case 'atr_submit_proposal':
+                return handleSubmitProposal(toolArgs);
+            case 'atr_coverage_gaps':
+                return handleCoverageGaps(engine, toolArgs);
+            case 'atr_threat_summary':
+                return handleThreatSummary(engine, toolArgs);
+            default:
+                return {
+                    content: [{ type: 'text', text: `Error: Unknown tool "${name}".` }],
+                    isError: true,
+                };
+        }
+    });
+    return server;
+}
+export async function startMCPServer() {
+    const server = await createMCPServer();
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+}
+// Auto-start when run directly
+const isDirectExecution = process.argv[1] &&
+    (process.argv[1].endsWith('mcp-server.js') ||
+        process.argv[1].endsWith('mcp-server.ts'));
+if (isDirectExecution) {
+    startMCPServer().catch((err) => {
+        process.stderr.write(`ATR MCP Server error: ${err instanceof Error ? err.message : String(err)}\n`);
+        process.exit(1);
+    });
+}
+//# sourceMappingURL=mcp-server.js.map

package/dist/mcp-server.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp-server.js","sourceRoot":"","sources":["../src/mcp-server.ts"],"names":[],"mappings":";AACA;;;;;;;GAOG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;AAEpD,MAAM,KAAK,GAAG;IACZ;QACE,IAAI,EAAE,UAAU;QAChB,WAAW,EACT,sJAAsJ;QACxJ,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,kFAAkF;iBAChG;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,CAAC;oBACxG,WAAW,EAAE,6DAA6D;iBAC3E;gBACD,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,4EAA4E;iBAC1F;aACF;YACD,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EACT,0FAA0F;QAC5F,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,kCAAkC;iBAChD;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,iCAAiC;iBAC/C;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,+GAA+G;QACjH,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,wCAAwC;iBACtD;aACF;YACD,QAAQ,EAAE,CAAC,cAAc,CAAC;SAC3B;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EACT,2HAA2H;QAC7H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,gEAAgE;iBAC9E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,+BAA+B;iBAC7C;gBACD,kBAAkB,EAAE;oBAClB,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;gBACD,gBAAgB,EAAE;oBAChB,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,8DAA8D;iBAC5E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,uCAAuC;iBACrD;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,yDAAyD;iBACvE;aACF;YACD,QAAQ,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,kBAAkB,CAAC;SAC1E;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,gIAAgI;QAClI,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,CAAC;oBAC7C,WAAW,EAAE,2DAA2D;iBACzE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EACT,wHAAwH;QAC1H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,0DAA0D;iBACxE;aACF;SACF;KACF;CACF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;IAE3C,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;KACjB,EACD;QACE,YAAY,EAAE;YACZ,KAAK,EAAE,EAAE;SACV;KACF,CACF,CAAC;IAEF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QAC5D,KAAK,EAAE,KAAK;KACb,CAAC,CAAC,CAAC;IAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QACjD,MAAM,QAAQ,GAAG,CAAC,IAAI,IAAI,EAAE,CAA4B,CAAC;QAEzD,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,UAAU;gBACb,OAAO,MAAM,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE5C,KAAK,gBAAgB;gBACnB,OAAO,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE3C,KAAK,mBAAmB;gBACtB,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC;YAElC,KAAK,qBAAqB;gBACxB,OAAO,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YAExC,KAAK,mBAAmB;gBACtB,OAAO,kBAAkB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE9C,KAAK,oBAAoB;gBACvB,OAAO,mBAAmB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE/C;gBACE,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,IAAI,IAAI,EAAE,CAAC;oBACnE,OAAO,EAAE,IAAI;iBACd,CAAC;QACN,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,+BAA+B;AAC/B,MAAM,iBAAiB,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IACf,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;QACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;AAE9C,IAAI,iBAAiB,EAAE,CAAC;IACtB,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/mcp-tools/coverage-gaps.d.ts

@@ -0,0 +1,13 @@
+/**
+ * atr_coverage_gaps MCP tool - Analyze coverage gaps against security frameworks
+ * @module agent-threat-rules/mcp-tools/coverage-gaps
+ */
+import type { ATREngine } from '../engine.js';
+export declare function handleCoverageGaps(engine: ATREngine, args: Record<string, unknown>): {
+    content: Array<{
+        type: string;
+        text: string;
+    }>;
+    isError?: boolean;
+};
+//# sourceMappingURL=coverage-gaps.d.ts.map

package/dist/mcp-tools/coverage-gaps.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"coverage-gaps.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/coverage-gaps.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG;IACpF,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAkDA"}

package/dist/mcp-tools/coverage-gaps.js

@@ -0,0 +1,55 @@
+/**
+ * atr_coverage_gaps MCP tool - Analyze coverage gaps against security frameworks
+ * @module agent-threat-rules/mcp-tools/coverage-gaps
+ */
+import { CoverageAnalyzer } from '../coverage-analyzer.js';
+export function handleCoverageGaps(engine, args) {
+    const framework = (args['framework'] ?? 'all').toLowerCase();
+    const validFrameworks = ['owasp_agentic', 'mitre_atlas', 'all'];
+    if (!validFrameworks.includes(framework)) {
+        return {
+            content: [{ type: 'text', text: `Error: "framework" must be one of: ${validFrameworks.join(', ')}` }],
+            isError: true,
+        };
+    }
+    const analyzer = new CoverageAnalyzer(engine.getRules());
+    const report = analyzer.analyze();
+    // Filter gaps by requested framework
+    const filteredGaps = framework === 'all'
+        ? report.gaps
+        : report.gaps.filter((g) => {
+            if (framework === 'owasp_agentic')
+                return g.framework === 'OWASP Agentic Top 10';
+            if (framework === 'mitre_atlas')
+                return g.framework === 'MITRE ATLAS';
+            return true;
+        });
+    const filteredSuggestions = framework === 'all'
+        ? report.suggestions
+        : report.suggestions.filter((s) => {
+            if (framework === 'owasp_agentic')
+                return s.includes('OWASP') || s.includes('ASI');
+            if (framework === 'mitre_atlas')
+                return s.includes('MITRE') || s.includes('AML');
+            return true;
+        });
+    const result = {
+        analysis_timestamp: new Date().toISOString(),
+        total_rules_loaded: engine.getRuleCount(),
+        total_active_rules: report.totalRules,
+        framework_filter: framework,
+        gaps: filteredGaps.map((g) => ({
+            framework: g.framework,
+            risk_id: g.riskId,
+            risk_name: g.riskName,
+            current_rule_count: g.currentRuleCount,
+            recommended_min: g.recommendedMin,
+        })),
+        category_distribution: report.categoryDistribution,
+        suggestions: filteredSuggestions,
+    };
+    return {
+        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+    };
+}
+//# sourceMappingURL=coverage-gaps.js.map

package/dist/mcp-tools/coverage-gaps.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"coverage-gaps.js","sourceRoot":"","sources":["../../src/mcp-tools/coverage-gaps.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAI3D,MAAM,UAAU,kBAAkB,CAAC,MAAiB,EAAE,IAA6B;IAIjF,MAAM,SAAS,GAAG,CAAE,IAAI,CAAC,WAAW,CAAY,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IAEzE,MAAM,eAAe,GAAG,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,CAAC,CAAC;IAChE,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACzC,OAAO;YACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,sCAAsC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACrG,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,gBAAgB,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IACzD,MAAM,MAAM,GAAmB,QAAQ,CAAC,OAAO,EAAE,CAAC;IAElD,qCAAqC;IACrC,MAAM,YAAY,GAAG,SAAS,KAAK,KAAK;QACtC,CAAC,CAAC,MAAM,CAAC,IAAI;QACb,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACvB,IAAI,SAAS,KAAK,eAAe;gBAAE,OAAO,CAAC,CAAC,SAAS,KAAK,sBAAsB,CAAC;YACjF,IAAI,SAAS,KAAK,aAAa;gBAAE,OAAO,CAAC,CAAC,SAAS,KAAK,aAAa,CAAC;YACtE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IAEP,MAAM,mBAAmB,GAAG,SAAS,KAAK,KAAK;QAC7C,CAAC,CAAC,MAAM,CAAC,WAAW;QACpB,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YAC9B,IAAI,SAAS,KAAK,eAAe;gBAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACnF,IAAI,SAAS,KAAK,aAAa;gBAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACjF,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,CAAC;IAEP,MAAM,MAAM,GAAG;QACb,kBAAkB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC5C,kBAAkB,EAAE,MAAM,CAAC,YAAY,EAAE;QACzC,kBAAkB,EAAE,MAAM,CAAC,UAAU;QACrC,gBAAgB,EAAE,SAAS;QAC3B,IAAI,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7B,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,OAAO,EAAE,CAAC,CAAC,MAAM;YACjB,SAAS,EAAE,CAAC,CAAC,QAAQ;YACrB,kBAAkB,EAAE,CAAC,CAAC,gBAAgB;YACtC,eAAe,EAAE,CAAC,CAAC,cAAc;SAClC,CAAC,CAAC;QACH,qBAAqB,EAAE,MAAM,CAAC,oBAAoB;QAClD,WAAW,EAAE,mBAAmB;KACjC,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC"}

package/dist/mcp-tools/list-rules.d.ts

@@ -0,0 +1,17 @@
+/**
+ * atr_list_rules MCP tool - List and filter ATR rules
+ * @module agent-threat-rules/mcp-tools/list-rules
+ */
+import type { ATREngine } from '../engine.js';
+export interface ListRulesInput {
+    category?: string;
+    severity?: string;
+    search?: string;
+}
+export declare function handleListRules(engine: ATREngine, args: Record<string, unknown>): {
+    content: Array<{
+        type: string;
+        text: string;
+    }>;
+};
+//# sourceMappingURL=list-rules.d.ts.map

package/dist/mcp-tools/list-rules.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-rules.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/list-rules.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG;IACjF,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAChD,CAgDA"}

package/dist/mcp-tools/list-rules.js

@@ -0,0 +1,45 @@
+/**
+ * atr_list_rules MCP tool - List and filter ATR rules
+ * @module agent-threat-rules/mcp-tools/list-rules
+ */
+export function handleListRules(engine, args) {
+    const category = args['category'];
+    const severity = args['severity'];
+    const search = args['search'];
+    let rules = [...engine.getRules()];
+    if (category) {
+        rules = rules.filter((r) => r.tags.category === category);
+    }
+    if (severity) {
+        rules = rules.filter((r) => r.severity === severity.toLowerCase());
+    }
+    if (search) {
+        const term = search.toLowerCase();
+        rules = rules.filter((r) => r.title.toLowerCase().includes(term) ||
+            r.description.toLowerCase().includes(term) ||
+            r.id.toLowerCase().includes(term) ||
+            r.tags.category.toLowerCase().includes(term));
+    }
+    const result = {
+        total: rules.length,
+        filters_applied: {
+            ...(category ? { category } : {}),
+            ...(severity ? { severity } : {}),
+            ...(search ? { search } : {}),
+        },
+        rules: rules.map((r) => ({
+            id: r.id,
+            title: r.title,
+            severity: r.severity,
+            status: r.status,
+            category: r.tags.category,
+            source_type: r.agent_source.type,
+            description: r.description,
+            actions: r.response.actions,
+        })),
+    };
+    return {
+        content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+    };
+}
+//# sourceMappingURL=list-rules.js.map

package/dist/mcp-tools/list-rules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-rules.js","sourceRoot":"","sources":["../../src/mcp-tools/list-rules.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAUH,MAAM,UAAU,eAAe,CAAC,MAAiB,EAAE,IAA6B;IAG9E,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAuB,CAAC;IACxD,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAuB,CAAC;IACxD,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAuB,CAAC;IAEpD,IAAI,KAAK,GAAG,CAAC,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEnC,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QAClC,KAAK,GAAG,KAAK,CAAC,MAAM,CAClB,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC;YACpC,CAAC,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC1C,CAAC,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC;YACjC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAC/C,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG;QACb,KAAK,EAAE,KAAK,CAAC,MAAM;QACnB,eAAe,EAAE;YACf,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9B;QACD,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvB,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;YACzB,WAAW,EAAE,CAAC,CAAC,YAAY,CAAC,IAAI;YAChC,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,OAAO;SAC5B,CAAC,CAAC;KACJ,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACnE,CAAC;AACJ,CAAC"}