agent-threat-rules 0.2.0 → 0.2.1

package/dist/hook-handler.js

@@ -0,0 +1,178 @@
+/**
+ * Hook Handler - Bridges Claude Code hooks to the ATR engine.
+ *
+ * Converts HookInput (PreToolUse/PostToolUse) into AgentEvents,
+ * evaluates them, and returns HookOutput for the agent host.
+ *
+ * Supports a stdio JSON-lines loop for use as a Claude Code hook process.
+ *
+ * CRITICAL: Fail-open on all errors -- default to "allow" so a
+ * bug in the guard never blocks legitimate agent operations.
+ *
+ * @module agent-threat-rules/hook-handler
+ */
+import { createInterface } from 'node:readline';
+/** Default evaluation timeout in milliseconds */
+const DEFAULT_TIMEOUT_MS = 5_000;
+/**
+ * Create an "allow" hook output, used as the safe default.
+ */
+function allowOutput(reason) {
+    return Object.freeze({
+        decision: 'allow',
+        reason: reason ?? 'No threat detected.',
+    });
+}
+/**
+ * Convert a HookInput into an AgentEvent for engine evaluation.
+ */
+function hookInputToEvent(input) {
+    const isPreTool = input.hook === 'PreToolUse';
+    const type = isPreTool ? 'tool_call' : 'tool_response';
+    const toolInput = input.tool_input ?? {};
+    const content = typeof toolInput['content'] === 'string'
+        ? toolInput['content']
+        : JSON.stringify(toolInput);
+    const fields = {
+        tool_name: input.tool_name ?? '',
+        tool_args: JSON.stringify(toolInput),
+        content,
+    };
+    // For PostToolUse, include output/response if present
+    if (!isPreTool) {
+        const output = toolInput['output'] ?? toolInput['response'];
+        if (typeof output === 'string') {
+            fields['tool_response'] = output;
+        }
+    }
+    return Object.freeze({
+        type,
+        timestamp: input.timestamp ?? new Date().toISOString(),
+        content,
+        fields: Object.freeze(fields),
+        sessionId: input.session_id,
+    });
+}
+/**
+ * Run a promise with a timeout. Resolves to the promise result
+ * or rejects with a timeout error.
+ */
+function withTimeout(promise, ms) {
+    return new Promise((resolve, reject) => {
+        const timer = setTimeout(() => {
+            reject(new Error(`Evaluation timed out after ${ms}ms`));
+        }, ms);
+        promise.then((value) => { clearTimeout(timer); resolve(value); }, (err) => { clearTimeout(timer); reject(err); });
+    });
+}
+export class HookHandler {
+    engine;
+    executor;
+    timeoutMs;
+    failOpen;
+    constructor(config) {
+        this.engine = config.engine;
+        this.executor = config.executor;
+        this.timeoutMs = config.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+        this.failOpen = config.failOpen ?? true;
+    }
+    /**
+     * Handle a PreToolUse hook event.
+     * Converts input to an AgentEvent, evaluates, and returns a HookOutput.
+     */
+    async handlePreToolUse(input) {
+        try {
+            const event = hookInputToEvent(input);
+            return await this.evaluateAndRespond(event);
+        }
+        catch (err) {
+            return this.handleError(err);
+        }
+    }
+    /**
+     * Handle a PostToolUse hook event.
+     * Scans the tool output for threats.
+     */
+    async handlePostToolUse(input) {
+        try {
+            const event = hookInputToEvent(input);
+            return await this.evaluateAndRespond(event);
+        }
+        catch (err) {
+            return this.handleError(err);
+        }
+    }
+    /**
+     * Start a stdio JSON-lines loop.
+     *
+     * Reads one JSON object per line from stdin, dispatches to the
+     * appropriate handler, and writes one JSON line to stdout.
+     *
+     * Exits cleanly when stdin closes.
+     */
+    async startStdioLoop() {
+        const rl = createInterface({
+            input: process.stdin,
+            crlfDelay: Infinity,
+        });
+        for await (const line of rl) {
+            const trimmed = line.trim();
+            if (!trimmed)
+                continue;
+            let output;
+            try {
+                const input = JSON.parse(trimmed);
+                output = await this.dispatch(input);
+            }
+            catch (err) {
+                output = this.handleError(err);
+            }
+            process.stdout.write(JSON.stringify(output) + '\n');
+        }
+    }
+    /**
+     * Dispatch a HookInput to the appropriate handler.
+     */
+    async dispatch(input) {
+        switch (input.hook) {
+            case 'PreToolUse':
+                return this.handlePreToolUse(input);
+            case 'PostToolUse':
+                return this.handlePostToolUse(input);
+            default:
+                return allowOutput(`Unknown hook type: ${String(input.hook)}`);
+        }
+    }
+    /**
+     * Evaluate an event with timeout and convert the verdict to HookOutput.
+     */
+    async evaluateAndRespond(event) {
+        const { verdict } = await withTimeout(this.engine.evaluateWithVerdict(event, this.executor), this.timeoutMs);
+        const matchedRules = verdict.matches.map((m) => m.rule.id);
+        return Object.freeze({
+            decision: verdict.outcome,
+            reason: verdict.reason,
+            message: verdict.outcome === 'deny'
+                ? `Blocked: ${verdict.reason}`
+                : undefined,
+            matched_rules: matchedRules.length > 0
+                ? Object.freeze(matchedRules)
+                : undefined,
+        });
+    }
+    /**
+     * Handle errors with fail-open or fail-closed behavior.
+     */
+    handleError(err) {
+        const message = err instanceof Error ? err.message : String(err);
+        process.stderr.write(`[atr-guard] Error: ${message}\n`);
+        if (this.failOpen) {
+            return allowOutput(`Guard error (fail-open): ${message}`);
+        }
+        return Object.freeze({
+            decision: 'deny',
+            reason: `Guard error (fail-closed): ${message}`,
+        });
+    }
+}
+//# sourceMappingURL=hook-handler.js.map

package/dist/hook-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hook-handler.js","sourceRoot":"","sources":["../src/hook-handler.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAUhD,iDAAiD;AACjD,MAAM,kBAAkB,GAAG,KAAK,CAAC;AASjC;;GAEG;AACH,SAAS,WAAW,CAAC,MAAe;IAClC,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,QAAQ,EAAE,OAAyB;QACnC,MAAM,EAAE,MAAM,IAAI,qBAAqB;KACxC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,KAAgB;IACxC,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC;IAC9C,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,eAAe,CAAC;IAEvD,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;IACzC,MAAM,OAAO,GAAG,OAAO,SAAS,CAAC,SAAS,CAAC,KAAK,QAAQ;QACtD,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC;QACtB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAE9B,MAAM,MAAM,GAA2B;QACrC,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,EAAE;QAChC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;QACpC,OAAO;KACR,CAAC;IAEF,sDAAsD;IACtD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,UAAU,CAAC,CAAC;QAC5D,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,CAAC,eAAe,CAAC,GAAG,MAAM,CAAC;QACnC,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,MAAM,CAAC;QACnB,IAAI;QACJ,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtD,OAAO;QACP,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;QAC7B,SAAS,EAAE,KAAK,CAAC,UAAU;KAC5B,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAClB,OAAmB,EACnB,EAAU;IAEV,OAAO,IAAI,OAAO,CAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACxC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,MAAM,CAAC,IAAI,KAAK,CAAC,8BAA8B,EAAE,IAAI,CAAC,CAAC,CAAC;QAC1D,CAAC,EAAE,EAAE,CAAC,CAAC;QAEP,OAAO,CAAC,IAAI,CACV,CAAC,KAAK,EAAE,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACnD,CAAC,GAAG,EAAE,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAC/C,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,OAAO,WAAW;IACL,MAAM,CAAY;IAClB,QAAQ,CAAiB;IACzB,SAAS,CAAS;IAClB,QAAQ,CAAU;IAEnC,YAAY,MAAyB;QACnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC5B,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QAChC,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,kBAAkB,CAAC;QACxD,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC;IAC1C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,gBAAgB,CAAC,KAAgB;QACrC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACtC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAgB;QACtC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACtC,OAAO,MAAM,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;QAC9C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,cAAc;QAClB,MAAM,EAAE,GAAG,eAAe,CAAC;YACzB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;QAEH,IAAI,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,CAAC,OAAO;gBAAE,SAAS;YAEvB,IAAI,MAAkB,CAAC;YAEvB,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAc,CAAC;gBAC/C,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YACtC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACjC,CAAC;YAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,QAAQ,CAAC,KAAgB;QACrC,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;YACnB,KAAK,YAAY;gBACf,OAAO,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YACtC,KAAK,aAAa;gBAChB,OAAO,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;YACvC;gBACE,OAAO,WAAW,CAAC,sBAAsB,MAAM,CAAE,KAA4C,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3G,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,kBAAkB,CAAC,KAAiB;QAChD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,WAAW,CACnC,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,EACrD,IAAI,CAAC,SAAS,CACf,CAAC;QAEF,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAE3D,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,QAAQ,EAAE,OAAO,CAAC,OAAO;YACzB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,OAAO,EAAE,OAAO,CAAC,OAAO,KAAK,MAAM;gBACjC,CAAC,CAAC,YAAY,OAAO,CAAC,MAAM,EAAE;gBAC9B,CAAC,CAAC,SAAS;YACb,aAAa,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC;gBACpC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC;gBAC7B,CAAC,CAAC,SAAS;SACd,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,GAAY;QAC9B,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,OAAO,IAAI,CAAC,CAAC;QAExD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,OAAO,WAAW,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,QAAQ,EAAE,MAAwB;YAClC,MAAM,EAAE,8BAA8B,OAAO,EAAE;SAChD,CAAC,CAAC;IACL,CAAC;CACF"}

package/dist/index.d.ts

@@ -20,9 +20,17 @@ export type { SemanticModuleConfig } from './modules/semantic.js';
 /** @beta - Experimental, not production-tested */
 export { SkillFingerprintStore } from './skill-fingerprint.js';
 export type { SkillFingerprint, BehaviorAnomaly, SkillFingerprintConfig, } from './skill-fingerprint.js';
+export type { SemanticLayerConfig } from './layer-integration.js';
 export { RuleScaffolder } from './rule-scaffolder.js';
 export type { ScaffoldInput, ScaffoldResult, ScaffoldOptions } from './rule-scaffolder.js';
 export { CoverageAnalyzer } from './coverage-analyzer.js';
 export type { CoverageGap, CoverageReport } from './coverage-analyzer.js';
-export type { ATRRule, ATRMatch, AgentEvent, AgentEventType, ATRAction, ATRCategory, ATRSeverity, ATRStatus, ATRConfidence, ATRSourceType, ATRMatchType, ATROperator, ATRReferences, ATRTags, ATRAgentSource, ATRDetection, ATRResponse, ATRTestCases, ATRTestCase, ATRPatternCondition, ATRBehavioralCondition, ATRSequenceCondition, ATRSequenceStep, } from './types.js';
+export { computeVerdict, SEVERITY_RANK, isAutoResponseEnabled } from './verdict.js';
+export { ActionExecutor } from './action-executor.js';
+export type { ActionExecutorConfig } from './action-executor.js';
+export { DefaultAdapter } from './adapters/default-adapter.js';
+export { StdioAdapter } from './adapters/stdio-adapter.js';
+export { HookHandler } from './hook-handler.js';
+export type { HookHandlerConfig } from './hook-handler.js';
+export type { ATRRule, ATRMatch, AgentEvent, AgentEventType, ATRAction, ATRCategory, ATRSeverity, ATRStatus, ATRConfidence, ATRSourceType, ATRMatchType, ATROperator, ATRReferences, ATRTags, ATRAgentSource, ATRDetection, ATRResponse, ATRTestCases, ATRTestCase, ATRPatternCondition, ATRBehavioralCondition, ATRSequenceCondition, ATRSequenceStep, VerdictOutcome, ATRVerdict, ActionResult, ExecutionContext, PlatformAdapter, HookInput, HookOutput, } from './types.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,YAAY,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AACnF,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,kDAAkD;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,YAAY,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAClE,kDAAkD;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAC/D,YAAY,EACV,gBAAgB,EAChB,eAAe,EACf,sBAAsB,GACvB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAC3F,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC1E,YAAY,EACV,OAAO,EACP,QAAQ,EACR,UAAU,EACV,cAAc,EACd,SAAS,EACT,WAAW,EACX,WAAW,EACX,SAAS,EACT,aAAa,EACb,aAAa,EACb,YAAY,EACZ,WAAW,EACX,aAAa,EACb,OAAO,EACP,cAAc,EACd,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,EACpB,eAAe,GAChB,MAAM,YAAY,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,YAAY,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,YAAY,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AACnF,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,kDAAkD;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,YAAY,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAClE,kDAAkD;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAC/D,YAAY,EACV,gBAAgB,EAChB,eAAe,EACf,sBAAsB,GACvB,MAAM,wBAAwB,CAAC;AAChC,YAAY,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAC3F,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACpF,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,YAAY,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,YAAY,EACV,OAAO,EACP,QAAQ,EACR,UAAU,EACV,cAAc,EACd,SAAS,EACT,WAAW,EACX,WAAW,EACX,SAAS,EACT,aAAa,EACb,aAAa,EACb,YAAY,EACZ,WAAW,EACX,aAAa,EACb,OAAO,EACP,cAAc,EACd,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,WAAW,EACX,mBAAmB,EACnB,sBAAsB,EACtB,oBAAoB,EACpB,eAAe,EACf,cAAc,EACd,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,eAAe,EACf,SAAS,EACT,UAAU,GACX,MAAM,YAAY,CAAC"}

package/dist/index.js

@@ -17,4 +17,9 @@ export { SemanticModule } from './modules/semantic.js';
 export { SkillFingerprintStore } from './skill-fingerprint.js';
 export { RuleScaffolder } from './rule-scaffolder.js';
 export { CoverageAnalyzer } from './coverage-analyzer.js';
+export { computeVerdict, SEVERITY_RANK, isAutoResponseEnabled } from './verdict.js';
+export { ActionExecutor } from './action-executor.js';
+export { DefaultAdapter } from './adapters/default-adapter.js';
+export { StdioAdapter } from './adapters/stdio-adapter.js';
+export { HookHandler } from './hook-handler.js';
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEpD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,kDAAkD;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,kDAAkD;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAM/D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEpD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,kDAAkD;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,kDAAkD;AAClD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAO/D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,cAAc,CAAC;AACpF,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC"}

package/dist/layer-integration.d.ts

@@ -0,0 +1,55 @@
+/**
+ * Layer Integration Helpers
+ *
+ * Bridges the ATREngine (Layer 1 regex) with:
+ * - SkillFingerprintStore (Layer 2 behavioral fingerprinting)
+ * - SemanticModule (Layer 3 LLM-as-judge)
+ *
+ * Extracted from engine.ts to keep file sizes manageable.
+ *
+ * @module agent-threat-rules/layer-integration
+ */
+import type { AgentEvent, ATRMatch } from './types.js';
+import type { SkillFingerprintStore } from './skill-fingerprint.js';
+import type { SemanticModule, SemanticModuleConfig } from './modules/semantic.js';
+/** Configuration for Layer 3 semantic analysis */
+export interface SemanticLayerConfig {
+    /** OpenAI-compatible API key */
+    readonly apiKey: string;
+    /** API base URL (default: https://api.openai.com) */
+    readonly baseUrl?: string;
+    /** Model identifier (default: gpt-4o-mini) */
+    readonly model?: string;
+}
+/**
+ * Resolve the skill identifier from an agent event.
+ * Returns undefined if no skill identifier is present.
+ */
+export declare function resolveSkillId(event: AgentEvent): string | undefined;
+/**
+ * Run Layer 2 fingerprint analysis on an event.
+ * Returns additional ATRMatch entries for any detected anomalies.
+ */
+export declare function runFingerprintLayer(store: SkillFingerprintStore, event: AgentEvent, skillId: string): readonly ATRMatch[];
+/**
+ * Determine whether Layer 3 semantic analysis should run.
+ *
+ * Triggers when:
+ * - Any Layer 1/2 match has medium or higher severity
+ * - The event explicitly requests deep analysis via metadata
+ */
+export declare function shouldRunSemanticLayer(layer1Matches: readonly ATRMatch[], event: AgentEvent): boolean;
+/**
+ * Create a SemanticModule instance from simplified config.
+ * Returns undefined if the semantic module cannot be imported.
+ */
+export declare function createSemanticModuleFromConfig(config: SemanticLayerConfig): SemanticModuleConfig;
+/**
+ * Run Layer 3 semantic analysis and return upgraded/new matches.
+ *
+ * The semantic module is called with `analyze_threat` to get a threat score.
+ * If the score is >= 0.7, a synthetic high-severity match is produced.
+ * If the score is 0.4-0.7, existing matches may have confidence boosted.
+ */
+export declare function runSemanticLayer(semanticModule: SemanticModule, event: AgentEvent, existingMatches: readonly ATRMatch[]): Promise<readonly ATRMatch[]>;
+//# sourceMappingURL=layer-integration.d.ts.map

package/dist/layer-integration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"layer-integration.d.ts","sourceRoot":"","sources":["../src/layer-integration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAwB,MAAM,YAAY,CAAC;AAC7E,OAAO,KAAK,EAAE,qBAAqB,EAAmB,MAAM,wBAAwB,CAAC;AACrF,OAAO,KAAK,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,uBAAuB,CAAC;AAMlF,kDAAkD;AAClD,MAAM,WAAW,mBAAmB;IAClC,gCAAgC;IAChC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,qDAAqD;IACrD,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,8CAA8C;IAC9C,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;CACzB;AAcD;;;GAGG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,GAAG,SAAS,CAYpE;AA+BD;;;GAGG;AACH,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,qBAAqB,EAC5B,KAAK,EAAE,UAAU,EACjB,OAAO,EAAE,MAAM,GACd,SAAS,QAAQ,EAAE,CA0BrB;AAaD;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CACpC,aAAa,EAAE,SAAS,QAAQ,EAAE,EAClC,KAAK,EAAE,UAAU,GAChB,OAAO,CAcT;AAED;;;GAGG;AACH,wBAAgB,8BAA8B,CAC5C,MAAM,EAAE,mBAAmB,GAC1B,oBAAoB,CAMtB;AAED;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CACpC,cAAc,EAAE,cAAc,EAC9B,KAAK,EAAE,UAAU,EACjB,eAAe,EAAE,SAAS,QAAQ,EAAE,GACnC,OAAO,CAAC,SAAS,QAAQ,EAAE,CAAC,CAkD9B"}

package/dist/layer-integration.js

@@ -0,0 +1,185 @@
+/**
+ * Layer Integration Helpers
+ *
+ * Bridges the ATREngine (Layer 1 regex) with:
+ * - SkillFingerprintStore (Layer 2 behavioral fingerprinting)
+ * - SemanticModule (Layer 3 LLM-as-judge)
+ *
+ * Extracted from engine.ts to keep file sizes manageable.
+ *
+ * @module agent-threat-rules/layer-integration
+ */
+// ---------------------------------------------------------------------------
+// Layer 2: Skill Fingerprinting
+// ---------------------------------------------------------------------------
+/** Severity mapping for anomaly types */
+const ANOMALY_SEVERITY_MAP = {
+    critical: 'critical',
+    high: 'high',
+    medium: 'medium',
+    low: 'low',
+};
+/**
+ * Resolve the skill identifier from an agent event.
+ * Returns undefined if no skill identifier is present.
+ */
+export function resolveSkillId(event) {
+    const fromMetadata = event.metadata?.['skill_id'];
+    if (typeof fromMetadata === 'string' && fromMetadata.length > 0) {
+        return fromMetadata;
+    }
+    const fromFields = event.fields?.['tool_name'];
+    if (typeof fromFields === 'string' && fromFields.length > 0) {
+        return fromFields;
+    }
+    return undefined;
+}
+/**
+ * Create a synthetic ATRRule for a behavioral anomaly detected by Layer 2.
+ * These rules are not loaded from YAML -- they are generated at runtime.
+ */
+function buildAnomalyRule(anomaly) {
+    return {
+        title: `Skill Behavior Drift: ${anomaly.anomalyType}`,
+        id: `layer2-fingerprint-${anomaly.anomalyType}-${anomaly.skillName}`,
+        status: 'experimental',
+        description: anomaly.description,
+        author: 'atr-engine/layer2',
+        date: new Date(anomaly.timestamp).toISOString().slice(0, 10),
+        severity: ANOMALY_SEVERITY_MAP[anomaly.severity] ?? 'medium',
+        tags: {
+            category: 'skill-compromise',
+            subcategory: 'behavioral-drift',
+            confidence: anomaly.severity === 'critical' ? 'high' : 'medium',
+        },
+        agent_source: { type: 'skill_lifecycle' },
+        detection: {
+            conditions: [],
+            condition: 'layer2-runtime',
+        },
+        response: {
+            actions: anomaly.severity === 'critical' ? ['alert', 'block_tool'] : ['alert'],
+        },
+    };
+}
+/**
+ * Run Layer 2 fingerprint analysis on an event.
+ * Returns additional ATRMatch entries for any detected anomalies.
+ */
+export function runFingerprintLayer(store, event, skillId) {
+    const anomalies = store.recordInvocation(skillId, event);
+    if (anomalies.length === 0) {
+        return [];
+    }
+    const matches = [];
+    for (const anomaly of anomalies) {
+        const rule = buildAnomalyRule(anomaly);
+        const confidence = anomaly.severity === 'critical'
+            ? 0.95
+            : anomaly.severity === 'high'
+                ? 0.85
+                : 0.7;
+        matches.push({
+            rule,
+            matchedConditions: [anomaly.anomalyType],
+            matchedPatterns: [anomaly.newValue],
+            confidence,
+            timestamp: new Date(anomaly.timestamp).toISOString(),
+        });
+    }
+    return matches;
+}
+// ---------------------------------------------------------------------------
+// Layer 3: Semantic Analysis
+// ---------------------------------------------------------------------------
+/** Minimum severity rank that triggers Layer 3 analysis */
+const SEMANTIC_TRIGGER_SEVERITIES = new Set([
+    'medium',
+    'high',
+    'critical',
+]);
+/**
+ * Determine whether Layer 3 semantic analysis should run.
+ *
+ * Triggers when:
+ * - Any Layer 1/2 match has medium or higher severity
+ * - The event explicitly requests deep analysis via metadata
+ */
+export function shouldRunSemanticLayer(layer1Matches, event) {
+    // Explicit opt-in via metadata
+    if (event.metadata?.['force_semantic'] === true) {
+        return true;
+    }
+    // Check if any existing matches have medium+ severity
+    for (const match of layer1Matches) {
+        if (SEMANTIC_TRIGGER_SEVERITIES.has(match.rule.severity)) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Create a SemanticModule instance from simplified config.
+ * Returns undefined if the semantic module cannot be imported.
+ */
+export function createSemanticModuleFromConfig(config) {
+    return {
+        apiUrl: config.baseUrl ?? 'https://api.openai.com',
+        apiKey: config.apiKey,
+        model: config.model ?? 'gpt-4o-mini',
+    };
+}
+/**
+ * Run Layer 3 semantic analysis and return upgraded/new matches.
+ *
+ * The semantic module is called with `analyze_threat` to get a threat score.
+ * If the score is >= 0.7, a synthetic high-severity match is produced.
+ * If the score is 0.4-0.7, existing matches may have confidence boosted.
+ */
+export async function runSemanticLayer(semanticModule, event, existingMatches) {
+    const result = await semanticModule.evaluate(event, {
+        module: 'semantic',
+        function: 'analyze_threat',
+        args: { field: 'content' },
+        operator: 'gte',
+        threshold: 0.4,
+    });
+    if (!result.matched) {
+        return [];
+    }
+    const additionalMatches = [];
+    // High threat score: create a new synthetic match
+    if (result.value >= 0.7) {
+        const syntheticRule = {
+            title: 'Semantic Threat Detected (Layer 3)',
+            id: 'layer3-semantic-threat',
+            status: 'experimental',
+            description: result.description,
+            author: 'atr-engine/layer3',
+            date: new Date().toISOString().slice(0, 10),
+            severity: result.value >= 0.9 ? 'critical' : 'high',
+            tags: {
+                category: 'prompt-injection',
+                subcategory: 'semantic-detection',
+                confidence: 'high',
+            },
+            agent_source: { type: 'llm_io' },
+            detection: {
+                conditions: [],
+                condition: 'layer3-runtime',
+            },
+            response: {
+                actions: result.value >= 0.9 ? ['block_input', 'alert'] : ['alert'],
+            },
+        };
+        additionalMatches.push({
+            rule: syntheticRule,
+            matchedConditions: ['semantic_analysis'],
+            matchedPatterns: [`threat_score=${result.value.toFixed(2)}`],
+            confidence: result.value,
+            timestamp: new Date().toISOString(),
+        });
+    }
+    return additionalMatches;
+}
+//# sourceMappingURL=layer-integration.js.map

package/dist/layer-integration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"layer-integration.js","sourceRoot":"","sources":["../src/layer-integration.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAoBH,8EAA8E;AAC9E,gCAAgC;AAChC,8EAA8E;AAE9E,yCAAyC;AACzC,MAAM,oBAAoB,GAA0C;IAClE,QAAQ,EAAE,UAAU;IACpB,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,QAAQ;IAChB,GAAG,EAAE,KAAK;CACX,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,KAAiB;IAC9C,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChE,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,WAAW,CAAC,CAAC;IAC/C,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,OAAwB;IAChD,OAAO;QACL,KAAK,EAAE,yBAAyB,OAAO,CAAC,WAAW,EAAE;QACrD,EAAE,EAAE,sBAAsB,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,SAAS,EAAE;QACpE,MAAM,EAAE,cAAc;QACtB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,MAAM,EAAE,mBAAmB;QAC3B,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QAC5D,QAAQ,EAAE,oBAAoB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ;QAC5D,IAAI,EAAE;YACJ,QAAQ,EAAE,kBAAkB;YAC5B,WAAW,EAAE,kBAAkB;YAC/B,UAAU,EAAE,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;SAChE;QACD,YAAY,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE;QACzC,SAAS,EAAE;YACT,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,gBAAgB;SAC5B;QACD,QAAQ,EAAE;YACR,OAAO,EAAE,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;SAC/E;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,KAA4B,EAC5B,KAAiB,EACjB,OAAe;IAEf,MAAM,SAAS,GAAG,KAAK,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAEzD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,OAAO,GAAe,EAAE,CAAC;IAC/B,KAAK,MAAM,OAAO,IAAI,SAAS,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,KAAK,UAAU;YAChD,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,MAAM;gBAC3B,CAAC,CAAC,IAAI;gBACN,CAAC,CAAC,GAAG,CAAC;QAEV,OAAO,CAAC,IAAI,CAAC;YACX,IAAI;YACJ,iBAAiB,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC;YACxC,eAAe,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC;YACnC,UAAU;YACV,SAAS,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;SACrD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,8EAA8E;AAC9E,6BAA6B;AAC7B,8EAA8E;AAE9E,2DAA2D;AAC3D,MAAM,2BAA2B,GAA6B,IAAI,GAAG,CAAC;IACpE,QAAQ;IACR,MAAM;IACN,UAAU;CACX,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,aAAkC,EAClC,KAAiB;IAEjB,+BAA+B;IAC/B,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,gBAAgB,CAAC,KAAK,IAAI,EAAE,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sDAAsD;IACtD,KAAK,MAAM,KAAK,IAAI,aAAa,EAAE,CAAC;QAClC,IAAI,2BAA2B,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAC5C,MAA2B;IAE3B,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,OAAO,IAAI,wBAAwB;QAClD,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,aAAa;KACrC,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,cAA8B,EAC9B,KAAiB,EACjB,eAAoC;IAEpC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,QAAQ,CAAC,KAAK,EAAE;QAClD,MAAM,EAAE,UAAU;QAClB,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1B,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,GAAG;KACf,CAAC,CAAC;IAEH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,iBAAiB,GAAe,EAAE,CAAC;IAEzC,kDAAkD;IAClD,IAAI,MAAM,CAAC,KAAK,IAAI,GAAG,EAAE,CAAC;QACxB,MAAM,aAAa,GAAY;YAC7B,KAAK,EAAE,oCAAoC;YAC3C,EAAE,EAAE,wBAAwB;YAC5B,MAAM,EAAE,cAAc;YACtB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,MAAM,EAAE,mBAAmB;YAC3B,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC3C,QAAQ,EAAE,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;YACnD,IAAI,EAAE;gBACJ,QAAQ,EAAE,kBAAkB;gBAC5B,WAAW,EAAE,oBAAoB;gBACjC,UAAU,EAAE,MAAM;aACnB;YACD,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;YAChC,SAAS,EAAE;gBACT,UAAU,EAAE,EAAE;gBACd,SAAS,EAAE,gBAAgB;aAC5B;YACD,QAAQ,EAAE;gBACR,OAAO,EAAE,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;aACpE;SACF,CAAC;QAEF,iBAAiB,CAAC,IAAI,CAAC;YACrB,IAAI,EAAE,aAAa;YACnB,iBAAiB,EAAE,CAAC,mBAAmB,CAAC;YACxC,eAAe,EAAE,CAAC,gBAAgB,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5D,UAAU,EAAE,MAAM,CAAC,KAAK;YACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,iBAAiB,CAAC;AAC3B,CAAC"}

package/dist/loader.js

@@ -32,8 +32,8 @@ export function loadRulesFromDirectory(dirPath) {
             try {
                 rules.push(loadRuleFile(fullPath));
             }
-            catch {
-                // Skip invalid rule files — logged at caller level
+            catch (err) {
+                console.warn(`[ATR] Failed to load rule file ${fullPath}: ${err instanceof Error ? err.message : String(err)}`);
             }
         }
     }

package/dist/loader.js.map

@@ -1 +1 @@
-{"version":3,"file":"loader.js","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,IAAI,MAAM,SAAS,CAAC;AAG3B;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAY,CAAC;IAE7C,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,kDAAkD,CAAC,CAAC;IACrG,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAc,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACrC,CAAC;YAAC,MAAM,CAAC;gBACP,mDAAmD;YACrD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;IAE1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;IACzI,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACvE,CAAC;IAED,cAAc;IACd,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACxE,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;IAC/E,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAwC,CAAC;IAC9D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,eAAe,GAAG;YACtB,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;YAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;YAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;SACpD,CAAC;QACF,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACxF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,CAAC,cAAc,CAAwC,CAAC;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB;YACvD,kBAAkB,EAAE,gBAAgB,EAAE,eAAe;YACrD,iBAAiB,EAAE,kBAAkB,EAAE,aAAa;SACrD,CAAC;QACF,IAAI,OAAO,WAAW,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzF,MAAM,CAAC,IAAI,CAAC,8BAA8B,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAwC,CAAC;IACxE,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAwC,CAAC;IACtE,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,CAAC,CAAC,YAAY,CAAwC,CAAC;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}
+{"version":3,"file":"loader.js","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,IAAI,MAAM,SAAS,CAAC;AAG3B;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAY,CAAC;IAE7C,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,kDAAkD,CAAC,CAAC;IACrG,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAc,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;IAE1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;IACzI,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACvE,CAAC;IAED,cAAc;IACd,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACxE,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;IAC/E,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAwC,CAAC;IAC9D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,eAAe,GAAG;YACtB,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;YAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;YAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;SACpD,CAAC;QACF,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACxF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,CAAC,cAAc,CAAwC,CAAC;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB;YACvD,kBAAkB,EAAE,gBAAgB,EAAE,eAAe;YACrD,iBAAiB,EAAE,kBAAkB,EAAE,aAAa;SACrD,CAAC;QACF,IAAI,OAAO,WAAW,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzF,MAAM,CAAC,IAAI,CAAC,8BAA8B,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAwC,CAAC;IACxE,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAwC,CAAC;IACtE,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,CAAC,CAAC,YAAY,CAAwC,CAAC;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}

package/dist/mcp-server.js

@@ -168,7 +168,7 @@ export async function createMCPServer() {
     const ruleCount = await engine.loadRules();
     const server = new Server({
         name: 'atr-mcp-server',
-        version: '0.1.0',
+        version: '0.2.0',
     }, {
         capabilities: {
             tools: {},
@@ -182,7 +182,7 @@ export async function createMCPServer() {
         const toolArgs = (args ?? {});
         switch (name) {
             case 'atr_scan':
-                return handleScan(engine, toolArgs);
+                return await handleScan(engine, toolArgs);
             case 'atr_list_rules':
                 return handleListRules(engine, toolArgs);
             case 'atr_validate_rule':

package/dist/mcp-server.js.map

@@ -1 +1 @@
-{"version":3,"file":"mcp-server.js","sourceRoot":"","sources":["../src/mcp-server.ts"],"names":[],"mappings":";AACA;;;;;;;GAOG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;AAEpD,MAAM,KAAK,GAAG;IACZ;QACE,IAAI,EAAE,UAAU;QAChB,WAAW,EACT,sJAAsJ;QACxJ,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,kFAAkF;iBAChG;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,CAAC;oBACxG,WAAW,EAAE,6DAA6D;iBAC3E;gBACD,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,4EAA4E;iBAC1F;aACF;YACD,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EACT,0FAA0F;QAC5F,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,kCAAkC;iBAChD;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,iCAAiC;iBAC/C;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,+GAA+G;QACjH,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,wCAAwC;iBACtD;aACF;YACD,QAAQ,EAAE,CAAC,cAAc,CAAC;SAC3B;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EACT,2HAA2H;QAC7H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,gEAAgE;iBAC9E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,+BAA+B;iBAC7C;gBACD,kBAAkB,EAAE;oBAClB,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;gBACD,gBAAgB,EAAE;oBAChB,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,8DAA8D;iBAC5E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,uCAAuC;iBACrD;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,yDAAyD;iBACvE;aACF;YACD,QAAQ,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,kBAAkB,CAAC;SAC1E;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,gIAAgI;QAClI,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,CAAC;oBAC7C,WAAW,EAAE,2DAA2D;iBACzE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EACT,wHAAwH;QAC1H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,0DAA0D;iBACxE;aACF;SACF;KACF;CACF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;IAE3C,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;KACjB,EACD;QACE,YAAY,EAAE;YACZ,KAAK,EAAE,EAAE;SACV;KACF,CACF,CAAC;IAEF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QAC5D,KAAK,EAAE,KAAK;KACb,CAAC,CAAC,CAAC;IAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QACjD,MAAM,QAAQ,GAAG,CAAC,IAAI,IAAI,EAAE,CAA4B,CAAC;QAEzD,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,UAAU;gBACb,OAAO,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAEtC,KAAK,gBAAgB;gBACnB,OAAO,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE3C,KAAK,mBAAmB;gBACtB,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC;YAElC,KAAK,qBAAqB;gBACxB,OAAO,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YAExC,KAAK,mBAAmB;gBACtB,OAAO,kBAAkB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE9C,KAAK,oBAAoB;gBACvB,OAAO,mBAAmB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE/C;gBACE,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,IAAI,IAAI,EAAE,CAAC;oBACnE,OAAO,EAAE,IAAI;iBACd,CAAC;QACN,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,+BAA+B;AAC/B,MAAM,iBAAiB,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IACf,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;QACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;AAE9C,IAAI,iBAAiB,EAAE,CAAC;IACtB,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"mcp-server.js","sourceRoot":"","sources":["../src/mcp-server.ts"],"names":[],"mappings":";AACA;;;;;;;GAOG;AAEH,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,sBAAsB,EACtB,qBAAqB,GACtB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAEpE,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;AAEpD,MAAM,KAAK,GAAG;IACZ;QACE,IAAI,EAAE,UAAU;QAChB,WAAW,EACT,sJAAsJ;QACxJ,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,kFAAkF;iBAChG;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,gBAAgB,EAAE,qBAAqB,CAAC;oBACxG,WAAW,EAAE,6DAA6D;iBAC3E;gBACD,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,4EAA4E;iBAC1F;aACF;YACD,QAAQ,EAAE,CAAC,SAAS,CAAC;SACtB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EACT,0FAA0F;QAC5F,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,kCAAkC;iBAChD;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,iCAAiC;iBAC/C;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,+GAA+G;QACjH,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,YAAY,EAAE;oBACZ,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,wCAAwC;iBACtD;aACF;YACD,QAAQ,EAAE,CAAC,cAAc,CAAC;SAC3B;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EACT,2HAA2H;QAC7H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,gEAAgE;iBAC9E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,+BAA+B;iBAC7C;gBACD,kBAAkB,EAAE;oBAClB,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,uDAAuD;iBACrE;gBACD,gBAAgB,EAAE;oBAChB,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,8DAA8D;iBAC5E;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;oBAC5D,WAAW,EAAE,uCAAuC;iBACrD;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBACzB,WAAW,EAAE,yDAAyD;iBACvE;aACF;YACD,QAAQ,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,oBAAoB,EAAE,kBAAkB,CAAC;SAC1E;KACF;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EACT,gIAAgI;QAClI,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,KAAK,CAAC;oBAC7C,WAAW,EAAE,2DAA2D;iBACzE;aACF;SACF;KACF;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EACT,wHAAwH;QAC1H,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE;wBACJ,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;wBAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;wBAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;qBACpD;oBACD,WAAW,EAAE,0DAA0D;iBACxE;aACF;SACF;KACF;CACF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,eAAe;IACnC,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,SAAS,EAAE,CAAC;IAE3C,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;KACjB,EACD;QACE,YAAY,EAAE;YACZ,KAAK,EAAE,EAAE;SACV;KACF,CACF,CAAC;IAEF,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QAC5D,KAAK,EAAE,KAAK;KACb,CAAC,CAAC,CAAC;IAEJ,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QACjD,MAAM,QAAQ,GAAG,CAAC,IAAI,IAAI,EAAE,CAA4B,CAAC;QAEzD,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,UAAU;gBACb,OAAO,MAAM,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE5C,KAAK,gBAAgB;gBACnB,OAAO,eAAe,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE3C,KAAK,mBAAmB;gBACtB,OAAO,cAAc,CAAC,QAAQ,CAAC,CAAC;YAElC,KAAK,qBAAqB;gBACxB,OAAO,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YAExC,KAAK,mBAAmB;gBACtB,OAAO,kBAAkB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE9C,KAAK,oBAAoB;gBACvB,OAAO,mBAAmB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAE/C;gBACE,OAAO;oBACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,wBAAwB,IAAI,IAAI,EAAE,CAAC;oBACnE,OAAO,EAAE,IAAI;iBACd,CAAC;QACN,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,MAAM,GAAG,MAAM,eAAe,EAAE,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,+BAA+B;AAC/B,MAAM,iBAAiB,GACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;IACf,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;QACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;AAE9C,IAAI,iBAAiB,EAAE,CAAC;IACtB,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;QAC7B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACpG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/mcp-tools/scan.d.ts

@@ -1,5 +1,11 @@
 /**
  * atr_scan MCP tool - Scan content for agent threats
+ *
+ * Runs all configured detection layers:
+ * - Layer 1: Regex pattern matching (always)
+ * - Layer 2: Skill behavioral fingerprinting (if configured)
+ * - Layer 3: Semantic LLM-as-judge (if configured and triggered)
+ *
  * @module agent-threat-rules/mcp-tools/scan
  */
 import type { ATREngine } from '../engine.js';
@@ -8,11 +14,11 @@ export interface ScanInput {
     event_type?: string;
     min_severity?: string;
 }
-export declare function handleScan(engine: ATREngine, args: Record<string, unknown>): {
+export declare function handleScan(engine: ATREngine, args: Record<string, unknown>): Promise<{
     content: Array<{
         type: string;
         text: string;
     }>;
     isError?: boolean;
-};
+}>;
 //# sourceMappingURL=scan.d.ts.map

package/dist/mcp-tools/scan.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/scan.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAG9C,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAmBD,wBAAgB,UAAU,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG;IAC5E,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CA+DA"}
+{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../src/mcp-tools/scan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAG9C,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAmBD,wBAAsB,UAAU,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,OAAO,CAAC;IAC1F,OAAO,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAC,CAsED"}

package/dist/mcp-tools/scan.js

@@ -1,5 +1,11 @@
 /**
  * atr_scan MCP tool - Scan content for agent threats
+ *
+ * Runs all configured detection layers:
+ * - Layer 1: Regex pattern matching (always)
+ * - Layer 2: Skill behavioral fingerprinting (if configured)
+ * - Layer 3: Semantic LLM-as-judge (if configured and triggered)
+ *
  * @module agent-threat-rules/mcp-tools/scan
  */
 const SEVERITY_ORDER = {
@@ -17,7 +23,7 @@ const VALID_EVENT_TYPES = new Set([
     'agent_behavior',
     'multi_agent_message',
 ]);
-export function handleScan(engine, args) {
+export async function handleScan(engine, args) {
     const content = args['content'];
     if (typeof content !== 'string' || content.trim().length === 0) {
         return {
@@ -51,12 +57,18 @@ export function handleScan(engine, args) {
             content: content,
         },
     };
-    const matches = engine.evaluate(event);
-    const filtered = matches.filter((m) => (SEVERITY_ORDER[m.rule.severity] ?? 0) >= minIdx);
+    // Use evaluateWithVerdict() to run all configured layers
+    const { verdict, layersUsed } = await engine.evaluateWithVerdict(event);
+    const filtered = verdict.matches.filter((m) => (SEVERITY_ORDER[m.rule.severity] ?? 0) >= minIdx);
     const result = {
         threats_found: filtered.length,
         scan_timestamp: event.timestamp,
         event_type: eventTypeRaw,
+        layers_used: layersUsed,
+        verdict: {
+            outcome: verdict.outcome,
+            reason: verdict.reason,
+        },
         matches: filtered.map((m) => ({
             rule_id: m.rule.id,
             title: m.rule.title,