agent-threat-rules 0.2.2 → 0.3.1

package/dist/converters/splunk.d.ts

@@ -0,0 +1,19 @@
+/**
+ * ATR-to-Splunk SPL Converter
+ *
+ * Converts ATR YAML rules into Splunk Search Processing Language (SPL) queries
+ * that a SOC analyst can use as a starting point for threat hunting.
+ *
+ * @module agent-threat-rules/converters/splunk
+ */
+import type { ATRRule } from '../types.js';
+/**
+ * Convert an ATR rule to a Splunk SPL query string.
+ *
+ * The generated query includes:
+ * - Comment header with rule metadata
+ * - Index/sourcetype base search (generic, analyst should customize)
+ * - Condition clauses joined with appropriate logic
+ */
+export declare function ruleToSPL(rule: ATRRule): string;
+//# sourceMappingURL=splunk.d.ts.map

package/dist/converters/splunk.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"splunk.d.ts","sourceRoot":"","sources":["../../src/converters/splunk.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAqB,MAAM,aAAa,CAAC;AAoD9D;;;;;;;GAOG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM,CAqG/C"}

package/dist/converters/splunk.js

@@ -0,0 +1,148 @@
+/**
+ * ATR-to-Splunk SPL Converter
+ *
+ * Converts ATR YAML rules into Splunk Search Processing Language (SPL) queries
+ * that a SOC analyst can use as a starting point for threat hunting.
+ *
+ * @module agent-threat-rules/converters/splunk
+ */
+/**
+ * Escape a string for use in Splunk SPL double-quoted values.
+ */
+function escapeForSPL(value) {
+    return value.replace(/\\/g, '\\\\').replace(/"/g, '\\"');
+}
+/**
+ * Convert a single ATR array condition to an SPL clause.
+ *
+ * Supports operators: regex, contains, exact, starts_with, gt, lt, gte, lte, eq
+ */
+function conditionToSPL(cond) {
+    const field = cond.field;
+    const value = cond.value;
+    switch (cond.operator) {
+        case 'regex':
+            return `| regex ${field}="${escapeForSPL(value)}"`;
+        case 'contains':
+            return `${field}="*${escapeForSPL(value)}*"`;
+        case 'exact':
+            return `${field}="${escapeForSPL(value)}"`;
+        case 'starts_with':
+            return `${field}="${escapeForSPL(value)}*"`;
+        case 'gt':
+            return `| where ${field} > ${Number(value)}`;
+        case 'lt':
+            return `| where ${field} < ${Number(value)}`;
+        case 'gte':
+            return `| where ${field} >= ${Number(value)}`;
+        case 'lte':
+            return `| where ${field} <= ${Number(value)}`;
+        case 'eq':
+            return `| where ${field} == ${Number(value)}`;
+        default:
+            // Fallback: treat unknown operators as a contains search
+            return `${field}="*${escapeForSPL(value)}*"`;
+    }
+}
+/**
+ * Convert an ATR rule to a Splunk SPL query string.
+ *
+ * The generated query includes:
+ * - Comment header with rule metadata
+ * - Index/sourcetype base search (generic, analyst should customize)
+ * - Condition clauses joined with appropriate logic
+ */
+export function ruleToSPL(rule) {
+    const conditions = rule.detection.conditions;
+    const logic = rule.detection.condition; // "any" or "all"
+    const lines = [];
+    // Comment header with rule metadata
+    lines.push(`\`\`\` ATR Rule: ${rule.id} \`\`\``);
+    lines.push(`\`\`\` Title: ${rule.title} \`\`\``);
+    lines.push(`\`\`\` Severity: ${rule.severity} | Category: ${rule.tags.category} \`\`\``);
+    lines.push(`\`\`\` Source: ${rule.agent_source.type} | Condition logic: ${logic} \`\`\``);
+    lines.push('');
+    // Base search -- analyst should adjust index and sourcetype
+    lines.push('index=ai_agent_logs sourcetype=agent_events');
+    if (!Array.isArray(conditions)) {
+        // Named-map format: not common in current rules, emit a placeholder
+        lines.push('```` Warning: Named-map conditions not fully supported. Review manually. ````');
+        return lines.join('\n');
+    }
+    const arrayConditions = conditions;
+    if (arrayConditions.length === 0) {
+        return lines.join('\n');
+    }
+    // For "any" logic with regex conditions, we can combine them using
+    // a single regex with OR (|) alternation where possible, or use
+    // multiple search branches.
+    // For clarity and analyst usability, we emit each condition separately.
+    if (logic === 'all') {
+        // AND logic: chain all conditions sequentially
+        for (const cond of arrayConditions) {
+            lines.push(conditionToSPL(cond));
+        }
+    }
+    else {
+        // OR logic ("any"): use Splunk's multisearch or OR-joined search
+        // For regex conditions, wrap in a single eval+match approach
+        // For simplicity and readability, use OR-joined subsearches
+        const regexConditions = arrayConditions.filter(c => c.operator === 'regex');
+        const otherConditions = arrayConditions.filter(c => c.operator !== 'regex');
+        if (regexConditions.length > 0 && otherConditions.length === 0) {
+            // All regex: combine with OR in eval/match
+            lines.push('| where (');
+            const regexClauses = regexConditions.map((cond, i) => {
+                const prefix = i === 0 ? '    ' : '    OR ';
+                return `${prefix}match(${cond.field}, "${escapeForSPL(cond.value)}")`;
+            });
+            lines.push(...regexClauses);
+            lines.push(')');
+        }
+        else {
+            // Mixed operators: emit each as separate OR clause
+            lines.push('| where (');
+            const clauses = [];
+            for (const cond of arrayConditions) {
+                switch (cond.operator) {
+                    case 'regex':
+                        clauses.push(`match(${cond.field}, "${escapeForSPL(cond.value)}")`);
+                        break;
+                    case 'contains':
+                        clauses.push(`like(${cond.field}, "%${escapeForSPL(cond.value)}%")`);
+                        break;
+                    case 'exact':
+                        clauses.push(`${cond.field}="${escapeForSPL(cond.value)}"`);
+                        break;
+                    case 'starts_with':
+                        clauses.push(`like(${cond.field}, "${escapeForSPL(cond.value)}%")`);
+                        break;
+                    case 'gt':
+                        clauses.push(`${cond.field} > ${Number(cond.value)}`);
+                        break;
+                    case 'lt':
+                        clauses.push(`${cond.field} < ${Number(cond.value)}`);
+                        break;
+                    case 'gte':
+                        clauses.push(`${cond.field} >= ${Number(cond.value)}`);
+                        break;
+                    case 'lte':
+                        clauses.push(`${cond.field} <= ${Number(cond.value)}`);
+                        break;
+                    case 'eq':
+                        clauses.push(`${cond.field} == ${Number(cond.value)}`);
+                        break;
+                    default:
+                        clauses.push(`like(${cond.field}, "%${escapeForSPL(cond.value)}%")`);
+                }
+            }
+            lines.push(clauses.map((c, i) => (i === 0 ? `    ${c}` : `    OR ${c}`)).join('\n'));
+            lines.push(')');
+        }
+    }
+    // Add a table output for the analyst
+    const fields = [...new Set(arrayConditions.map(c => c.field))];
+    lines.push(`| table _time ${fields.join(' ')} source`);
+    return lines.join('\n');
+}
+//# sourceMappingURL=splunk.js.map

package/dist/converters/splunk.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"splunk.js","sourceRoot":"","sources":["../../src/converters/splunk.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,SAAS,YAAY,CAAC,KAAa;IACjC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AAC3D,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,IAAuB;IAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;IACzB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;IAEzB,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;QACtB,KAAK,OAAO;YACV,OAAO,WAAW,KAAK,KAAK,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC;QAErD,KAAK,UAAU;YACb,OAAO,GAAG,KAAK,MAAM,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC;QAE/C,KAAK,OAAO;YACV,OAAO,GAAG,KAAK,KAAK,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC;QAE7C,KAAK,aAAa;YAChB,OAAO,GAAG,KAAK,KAAK,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC;QAE9C,KAAK,IAAI;YACP,OAAO,WAAW,KAAK,MAAM,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QAE/C,KAAK,IAAI;YACP,OAAO,WAAW,KAAK,MAAM,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QAE/C,KAAK,KAAK;YACR,OAAO,WAAW,KAAK,OAAO,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QAEhD,KAAK,KAAK;YACR,OAAO,WAAW,KAAK,OAAO,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QAEhD,KAAK,IAAI;YACP,OAAO,WAAW,KAAK,OAAO,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QAEhD;YACE,yDAAyD;YACzD,OAAO,GAAG,KAAK,MAAM,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC;IACjD,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CAAC,IAAa;IACrC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC;IAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,iBAAiB;IAEzD,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,oCAAoC;IACpC,KAAK,CAAC,IAAI,CAAC,oBAAoB,IAAI,CAAC,EAAE,SAAS,CAAC,CAAC;IACjD,KAAK,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,KAAK,SAAS,CAAC,CAAC;IACjD,KAAK,CAAC,IAAI,CAAC,oBAAoB,IAAI,CAAC,QAAQ,gBAAgB,IAAI,CAAC,IAAI,CAAC,QAAQ,SAAS,CAAC,CAAC;IACzF,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,YAAY,CAAC,IAAI,uBAAuB,KAAK,SAAS,CAAC,CAAC;IAC1F,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,4DAA4D;IAC5D,KAAK,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAE1D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,oEAAoE;QACpE,KAAK,CAAC,IAAI,CAAC,+EAA+E,CAAC,CAAC;QAC5F,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,eAAe,GAAG,UAAiC,CAAC;IAE1D,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,mEAAmE;IACnE,gEAAgE;IAChE,4BAA4B;IAC5B,wEAAwE;IAExE,IAAI,KAAK,KAAK,KAAK,EAAE,CAAC;QACpB,+CAA+C;QAC/C,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,iEAAiE;QACjE,6DAA6D;QAC7D,4DAA4D;QAC5D,MAAM,eAAe,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;QAC5E,MAAM,eAAe,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;QAE5E,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/D,2CAA2C;YAC3C,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACxB,MAAM,YAAY,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;gBACnD,MAAM,MAAM,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC5C,OAAO,GAAG,MAAM,SAAS,IAAI,CAAC,KAAK,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;YACxE,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClB,CAAC;aAAM,CAAC;YACN,mDAAmD;YACnD,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACxB,MAAM,OAAO,GAAa,EAAE,CAAC;YAC7B,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;gBACnC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACtB,KAAK,OAAO;wBACV,OAAO,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,KAAK,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;wBACpE,MAAM;oBACR,KAAK,UAAU;wBACb,OAAO,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,OAAO,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;wBACrE,MAAM;oBACR,KAAK,OAAO;wBACV,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,KAAK,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBAC5D,MAAM;oBACR,KAAK,aAAa;wBAChB,OAAO,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,MAAM,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;wBACpE,MAAM;oBACR,KAAK,IAAI;wBACP,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,MAAM,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;wBACtD,MAAM;oBACR,KAAK,IAAI;wBACP,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,MAAM,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;wBACtD,MAAM;oBACR,KAAK,KAAK;wBACR,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;wBACvD,MAAM;oBACR,KAAK,KAAK;wBACR,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;wBACvD,MAAM;oBACR,KAAK,IAAI;wBACP,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;wBACvD,MAAM;oBACR;wBACE,OAAO,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,OAAO,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBACzE,CAAC;YACH,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YACrF,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,MAAM,MAAM,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/D,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAEvD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/embedding/build-corpus.d.ts

@@ -0,0 +1,15 @@
+#!/usr/bin/env npx tsx
+/**
+ * Build attack embedding corpus from ATR rule test cases.
+ *
+ * Reads all stable ATR rules, extracts true_positive test cases,
+ * encodes them through all-MiniLM-L6-v2, and saves as JSON.
+ *
+ * Usage:
+ *   npx tsx src/embedding/build-corpus.ts
+ *
+ * Output:
+ *   data/attack-embeddings.json
+ */
+export {};
+//# sourceMappingURL=build-corpus.d.ts.map

package/dist/embedding/build-corpus.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"build-corpus.d.ts","sourceRoot":"","sources":["../../src/embedding/build-corpus.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;GAWG"}

package/dist/embedding/build-corpus.js

@@ -0,0 +1,105 @@
+#!/usr/bin/env npx tsx
+/**
+ * Build attack embedding corpus from ATR rule test cases.
+ *
+ * Reads all stable ATR rules, extracts true_positive test cases,
+ * encodes them through all-MiniLM-L6-v2, and saves as JSON.
+ *
+ * Usage:
+ *   npx tsx src/embedding/build-corpus.ts
+ *
+ * Output:
+ *   data/attack-embeddings.json
+ */
+import { readFileSync, writeFileSync, mkdirSync, readdirSync } from 'node:fs';
+import { join, resolve } from 'node:path';
+import * as yaml from 'js-yaml';
+const RULES_DIR = resolve(join(import.meta.dirname ?? '.', '..', '..', 'rules'));
+const OUTPUT_PATH = resolve(join(import.meta.dirname ?? '.', '..', '..', 'data', 'attack-embeddings.json'));
+async function main() {
+    console.log('Building attack embedding corpus...');
+    console.log(`Rules dir: ${RULES_DIR}`);
+    // Load model
+    console.log('Loading embedding model (first run downloads ~22MB)...');
+    const { TransformersJSModel } = await import('./model-loader.js');
+    const model = new TransformersJSModel();
+    await model.initialize();
+    console.log('Model loaded.');
+    // Collect all true_positive texts from rules
+    const attacks = [];
+    function walkDir(dir) {
+        const files = [];
+        for (const entry of readdirSync(dir, { withFileTypes: true })) {
+            const fullPath = join(dir, entry.name);
+            if (entry.isDirectory()) {
+                files.push(...walkDir(fullPath));
+            }
+            else if (entry.name.endsWith('.yaml') || entry.name.endsWith('.yml')) {
+                files.push(fullPath);
+            }
+        }
+        return files;
+    }
+    const ruleFiles = walkDir(RULES_DIR);
+    console.log(`Found ${ruleFiles.length} rule files.`);
+    for (const file of ruleFiles) {
+        try {
+            const content = readFileSync(file, 'utf-8');
+            const rule = yaml.load(content);
+            if (!rule?.id || !rule?.test_cases?.true_positives)
+                continue;
+            for (const tp of rule.test_cases.true_positives) {
+                const text = tp.input ?? tp.content ?? tp.user_input ?? tp.tool_response ?? tp.tool_description ?? tp.tool_args;
+                if (!text || text.length < 10)
+                    continue;
+                attacks.push({
+                    id: rule.id,
+                    text: text.slice(0, 512),
+                    category: rule.tags?.category ?? 'unknown',
+                    severity: rule.severity ?? 'medium',
+                    ruleTitle: rule.title ?? rule.id,
+                });
+            }
+        }
+        catch {
+            // Skip unparseable rules
+        }
+    }
+    console.log(`Extracted ${attacks.length} attack payloads from ${ruleFiles.length} rules.`);
+    // Deduplicate by text
+    const seen = new Set();
+    const unique = attacks.filter((a) => {
+        if (seen.has(a.text))
+            return false;
+        seen.add(a.text);
+        return true;
+    });
+    console.log(`Unique payloads: ${unique.length}`);
+    // Encode all payloads
+    console.log('Encoding payloads...');
+    const output = [];
+    for (let i = 0; i < unique.length; i++) {
+        const a = unique[i];
+        process.stdout.write(`\r  [${i + 1}/${unique.length}] ${a.id}`);
+        const vec = await model.encode(a.text);
+        output.push({
+            id: `${a.id}-tp${i}`,
+            text: a.text,
+            vector: Array.from(vec),
+            label: `${a.ruleTitle}: ${a.text.slice(0, 80)}`,
+            category: a.category,
+            severity: a.severity,
+        });
+    }
+    console.log('\n');
+    // Save
+    mkdirSync(join(OUTPUT_PATH, '..'), { recursive: true });
+    writeFileSync(OUTPUT_PATH, JSON.stringify(output, null, 2));
+    console.log(`Saved ${output.length} embeddings to ${OUTPUT_PATH}`);
+    console.log(`File size: ${(readFileSync(OUTPUT_PATH).length / 1024).toFixed(0)} KB`);
+}
+main().catch((err) => {
+    console.error('Fatal:', err);
+    process.exit(1);
+});
+//# sourceMappingURL=build-corpus.js.map

package/dist/embedding/build-corpus.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"build-corpus.js","sourceRoot":"","sources":["../../src/embedding/build-corpus.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,WAAW,EAAc,MAAM,SAAS,CAAC;AAC1F,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,KAAK,IAAI,MAAM,SAAS,CAAC;AAEhC,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;AACjF,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,wBAAwB,CAAC,CAAC,CAAC;AAuB5G,KAAK,UAAU,IAAI;IACjB,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;IACnD,OAAO,CAAC,GAAG,CAAC,cAAc,SAAS,EAAE,CAAC,CAAC;IAEvC,aAAa;IACb,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;IACtE,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;IAClE,MAAM,KAAK,GAAG,IAAI,mBAAmB,EAAE,CAAC;IACxC,MAAM,KAAK,CAAC,UAAU,EAAE,CAAC;IACzB,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAE7B,6CAA6C;IAC7C,MAAM,OAAO,GAA+F,EAAE,CAAC;IAE/G,SAAS,OAAO,CAAC,GAAW;QAC1B,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YACvC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACxB,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;YACnC,CAAC;iBAAM,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACvE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,SAAS,SAAS,CAAC,MAAM,cAAc,CAAC,CAAC;IAErD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAgB,CAAC;YAC/C,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,cAAc;gBAAE,SAAS;YAE7D,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,OAAO,IAAI,EAAE,CAAC,UAAU,IAAI,EAAE,CAAC,aAAa,IAAI,EAAE,CAAC,gBAAgB,IAAI,EAAE,CAAC,SAAS,CAAC;gBAChH,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,GAAG,EAAE;oBAAE,SAAS;gBAExC,OAAO,CAAC,IAAI,CAAC;oBACX,EAAE,EAAE,IAAI,CAAC,EAAE;oBACX,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACxB,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,QAAQ,IAAI,SAAS;oBAC1C,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,QAAQ;oBACnC,SAAS,EAAE,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,EAAE;iBACjC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,yBAAyB;QAC3B,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,MAAM,yBAAyB,SAAS,CAAC,MAAM,SAAS,CAAC,CAAC;IAE3F,sBAAsB;IACtB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAClC,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC;QACnC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IACH,OAAO,CAAC,GAAG,CAAC,oBAAoB,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IAEjD,sBAAsB;IACtB,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACpC,MAAM,MAAM,GAOP,EAAE,CAAC;IAER,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,CAAE,CAAC;QACrB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAChE,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;YACvB,KAAK,EAAE,GAAG,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;YAC/C,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;SACrB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAElB,OAAO;IACP,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACxD,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,SAAS,MAAM,CAAC,MAAM,kBAAkB,WAAW,EAAE,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;AACvF,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAC7B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/embedding/model-loader.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Embedding model loader.
+ *
+ * Lazy-loads all-MiniLM-L6-v2 via @xenova/transformers (optional dep).
+ * Model is ~22MB, cached to disk after first download.
+ * Runs in pure JS/WASM -- no native bindings needed.
+ *
+ * @module agent-threat-rules/embedding/model-loader
+ */
+export interface EmbeddingModel {
+    /** Encode text to embedding vector */
+    encode(text: string): Promise<Float32Array>;
+    /** Encode multiple texts (batched) */
+    encodeBatch(texts: readonly string[]): Promise<Float32Array[]>;
+    /** Initialize / load the model */
+    initialize(): Promise<void>;
+    /** Model output dimension */
+    readonly dimension: number;
+    /** Whether model is loaded */
+    readonly isLoaded: boolean;
+}
+export declare class TransformersJSModel implements EmbeddingModel {
+    readonly dimension = 384;
+    private pipeline;
+    get isLoaded(): boolean;
+    /** Lazy-load the model on first use */
+    initialize(): Promise<void>;
+    encode(text: string): Promise<Float32Array>;
+    encodeBatch(texts: readonly string[]): Promise<Float32Array[]>;
+}
+/** Create a no-op model for testing */
+export declare class MockEmbeddingModel implements EmbeddingModel {
+    readonly dimension = 384;
+    readonly isLoaded = true;
+    private readonly mockVectors;
+    constructor(mockVectors?: Map<string, Float32Array>);
+    initialize(): Promise<void>;
+    encode(text: string): Promise<Float32Array>;
+    encodeBatch(texts: readonly string[]): Promise<Float32Array[]>;
+}
+//# sourceMappingURL=model-loader.d.ts.map

package/dist/embedding/model-loader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-loader.d.ts","sourceRoot":"","sources":["../../src/embedding/model-loader.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,WAAW,cAAc;IAC7B,sCAAsC;IACtC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAC5C,sCAAsC;IACtC,WAAW,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC;IAC/D,kCAAkC;IAClC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,6BAA6B;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,8BAA8B;IAC9B,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;CAC5B;AAKD,qBAAa,mBAAoB,YAAW,cAAc;IACxD,QAAQ,CAAC,SAAS,OAAa;IAC/B,OAAO,CAAC,QAAQ,CAAiB;IAEjC,IAAI,QAAQ,IAAI,OAAO,CAEtB;IAED,uCAAuC;IACjC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAoB3B,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAQ3C,WAAW,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;CAYrE;AAED,uCAAuC;AACvC,qBAAa,kBAAmB,YAAW,cAAc;IACvD,QAAQ,CAAC,SAAS,OAAa;IAC/B,QAAQ,CAAC,QAAQ,QAAQ;IACzB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA4B;gBAE5C,WAAW,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,YAAY,CAAC;IAI7C,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3B,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC;IAgB3C,WAAW,CAAC,KAAK,EAAE,SAAS,MAAM,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;CAGrE"}

package/dist/embedding/model-loader.js

@@ -0,0 +1,90 @@
+/**
+ * Embedding model loader.
+ *
+ * Lazy-loads all-MiniLM-L6-v2 via @xenova/transformers (optional dep).
+ * Model is ~22MB, cached to disk after first download.
+ * Runs in pure JS/WASM -- no native bindings needed.
+ *
+ * @module agent-threat-rules/embedding/model-loader
+ */
+const MODEL_NAME = 'Xenova/all-MiniLM-L6-v2';
+const DIMENSION = 384;
+export class TransformersJSModel {
+    dimension = DIMENSION;
+    pipeline = null;
+    get isLoaded() {
+        return this.pipeline !== null;
+    }
+    /** Lazy-load the model on first use */
+    async initialize() {
+        if (this.pipeline)
+            return;
+        try {
+            // Dynamic import to keep @xenova/transformers optional
+            const { pipeline } = await import('@xenova/transformers');
+            this.pipeline = (await pipeline('feature-extraction', MODEL_NAME, {
+                quantized: true,
+            }));
+        }
+        catch (err) {
+            const msg = err instanceof Error ? err.message : String(err);
+            if (msg.includes('Cannot find module') || msg.includes('MODULE_NOT_FOUND')) {
+                throw new Error('Embedding model requires @xenova/transformers. Install: npm install @xenova/transformers');
+            }
+            throw new Error(`Failed to load embedding model: ${msg}`);
+        }
+    }
+    async encode(text) {
+        if (!this.pipeline)
+            await this.initialize();
+        const pipelineFn = this.pipeline;
+        const output = await pipelineFn([text], { pooling: 'mean', normalize: true });
+        return new Float32Array(output.data.slice(0, DIMENSION));
+    }
+    async encodeBatch(texts) {
+        if (!this.pipeline)
+            await this.initialize();
+        const pipelineFn = this.pipeline;
+        const results = [];
+        // Process one at a time to control memory
+        for (const text of texts) {
+            const output = await pipelineFn([text], { pooling: 'mean', normalize: true });
+            results.push(new Float32Array(output.data.slice(0, DIMENSION)));
+        }
+        return results;
+    }
+}
+/** Create a no-op model for testing */
+export class MockEmbeddingModel {
+    dimension = DIMENSION;
+    isLoaded = true;
+    mockVectors;
+    constructor(mockVectors) {
+        this.mockVectors = mockVectors ?? new Map();
+    }
+    async initialize() {
+        // No-op for mock
+    }
+    async encode(text) {
+        const existing = this.mockVectors.get(text);
+        if (existing)
+            return existing;
+        // Generate deterministic vector from text hash
+        const vec = new Float32Array(DIMENSION);
+        for (let i = 0; i < DIMENSION; i++) {
+            vec[i] = Math.sin(text.charCodeAt(i % text.length) * (i + 1) * 0.01);
+        }
+        // Normalize
+        let mag = 0;
+        for (let i = 0; i < DIMENSION; i++)
+            mag += vec[i] * vec[i];
+        mag = Math.sqrt(mag);
+        for (let i = 0; i < DIMENSION; i++)
+            vec[i] /= mag;
+        return vec;
+    }
+    async encodeBatch(texts) {
+        return Promise.all(texts.map((t) => this.encode(t)));
+    }
+}
+//# sourceMappingURL=model-loader.js.map

package/dist/embedding/model-loader.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-loader.js","sourceRoot":"","sources":["../../src/embedding/model-loader.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAeH,MAAM,UAAU,GAAG,yBAAyB,CAAC;AAC7C,MAAM,SAAS,GAAG,GAAG,CAAC;AAEtB,MAAM,OAAO,mBAAmB;IACrB,SAAS,GAAG,SAAS,CAAC;IACvB,QAAQ,GAAY,IAAI,CAAC;IAEjC,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC;IAChC,CAAC;IAED,uCAAuC;IACvC,KAAK,CAAC,UAAU;QACd,IAAI,IAAI,CAAC,QAAQ;YAAE,OAAO;QAE1B,IAAI,CAAC;YACH,uDAAuD;YACvD,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,CAAC;YAC1D,IAAI,CAAC,QAAQ,GAAG,CAAC,MAAM,QAAQ,CAAC,oBAAoB,EAAE,UAAU,EAAE;gBAChE,SAAS,EAAE,IAAI;aAChB,CAAC,CAAyB,CAAC;QAC9B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,IAAI,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC3E,MAAM,IAAI,KAAK,CACb,0FAA0F,CAC3F,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,mCAAmC,GAAG,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAY;QACvB,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,QAAmG,CAAC;QAC5H,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9E,OAAO,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAwB;QACxC,IAAI,CAAC,IAAI,CAAC,QAAQ;YAAE,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,QAAmG,CAAC;QAC5H,MAAM,OAAO,GAAmB,EAAE,CAAC;QACnC,0CAA0C;QAC1C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9E,OAAO,CAAC,IAAI,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;CACF;AAED,uCAAuC;AACvC,MAAM,OAAO,kBAAkB;IACpB,SAAS,GAAG,SAAS,CAAC;IACtB,QAAQ,GAAG,IAAI,CAAC;IACR,WAAW,CAA4B;IAExD,YAAY,WAAuC;QACjD,IAAI,CAAC,WAAW,GAAG,WAAW,IAAI,IAAI,GAAG,EAAE,CAAC;IAC9C,CAAC;IAED,KAAK,CAAC,UAAU;QACd,iBAAiB;IACnB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAY;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5C,IAAI,QAAQ;YAAE,OAAO,QAAQ,CAAC;QAC9B,+CAA+C;QAC/C,MAAM,GAAG,GAAG,IAAI,YAAY,CAAC,SAAS,CAAC,CAAC;QACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;YACnC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACvE,CAAC;QACD,YAAY;QACZ,IAAI,GAAG,GAAG,CAAC,CAAC;QACZ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE;YAAE,GAAG,IAAI,GAAG,CAAC,CAAC,CAAE,GAAG,GAAG,CAAC,CAAC,CAAE,CAAC;QAC7D,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACrB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE;YAAE,GAAG,CAAC,CAAC,CAAE,IAAI,GAAG,CAAC;QACnD,OAAO,GAAG,CAAC;IACb,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,KAAwB;QACxC,OAAO,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,CAAC;CACF"}

package/dist/embedding/vector-store.d.ts

@@ -0,0 +1,41 @@
+/**
+ * In-memory vector store with cosine similarity search.
+ *
+ * Stores pre-computed attack embeddings and finds nearest neighbors
+ * for incoming text. Sub-millisecond for ~2000 vectors at 384 dimensions.
+ *
+ * @module agent-threat-rules/embedding/vector-store
+ */
+import type { ATRSeverity } from '../types.js';
+export interface VectorEntry {
+    readonly id: string;
+    readonly vector: Float32Array;
+    readonly label: string;
+    readonly category: string;
+    readonly severity: ATRSeverity;
+}
+export interface SearchResult {
+    readonly entry: VectorEntry;
+    readonly similarity: number;
+}
+export declare class VectorStore {
+    private readonly entries;
+    constructor(entries?: readonly VectorEntry[]);
+    /** Create new store with additional entries (immutable) */
+    withEntries(newEntries: readonly VectorEntry[]): VectorStore;
+    /**
+     * Find top-K nearest neighbors by cosine similarity.
+     * Only returns results above the threshold.
+     */
+    search(query: Float32Array, topK?: number, threshold?: number): readonly SearchResult[];
+    size(): number;
+}
+/** Load pre-computed embeddings from JSON */
+export declare function loadVectorEntries(data: readonly {
+    id: string;
+    vector: number[];
+    label: string;
+    category: string;
+    severity: string;
+}[]): VectorEntry[];
+//# sourceMappingURL=vector-store.d.ts.map

package/dist/embedding/vector-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vector-store.d.ts","sourceRoot":"","sources":["../../src/embedding/vector-store.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE/C,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,WAAW,CAAC;CAChC;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyB;gBAErC,OAAO,CAAC,EAAE,SAAS,WAAW,EAAE;IAI5C,2DAA2D;IAC3D,WAAW,CAAC,UAAU,EAAE,SAAS,WAAW,EAAE,GAAG,WAAW;IAI5D;;;OAGG;IACH,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,IAAI,GAAE,MAAU,EAAE,SAAS,GAAE,MAAa,GAAG,SAAS,YAAY,EAAE;IAiBhG,IAAI,IAAI,MAAM;CAGf;AAyBD,6CAA6C;AAC7C,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,SAAS;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,EAAE,GACnG,WAAW,EAAE,CAQf"}

package/dist/embedding/vector-store.js

@@ -0,0 +1,70 @@
+/**
+ * In-memory vector store with cosine similarity search.
+ *
+ * Stores pre-computed attack embeddings and finds nearest neighbors
+ * for incoming text. Sub-millisecond for ~2000 vectors at 384 dimensions.
+ *
+ * @module agent-threat-rules/embedding/vector-store
+ */
+export class VectorStore {
+    entries;
+    constructor(entries) {
+        this.entries = entries ?? [];
+    }
+    /** Create new store with additional entries (immutable) */
+    withEntries(newEntries) {
+        return new VectorStore([...this.entries, ...newEntries]);
+    }
+    /**
+     * Find top-K nearest neighbors by cosine similarity.
+     * Only returns results above the threshold.
+     */
+    search(query, topK = 3, threshold = 0.82) {
+        if (this.entries.length === 0)
+            return [];
+        const results = [];
+        for (const entry of this.entries) {
+            const sim = cosineSimilarity(query, entry.vector);
+            if (sim >= threshold) {
+                results.push({ entry, similarity: sim });
+            }
+        }
+        // Sort by similarity descending, take top K
+        results.sort((a, b) => b.similarity - a.similarity);
+        return results.slice(0, topK);
+    }
+    size() {
+        return this.entries.length;
+    }
+}
+/**
+ * Cosine similarity between two vectors.
+ * Returns value between -1 and 1 (1 = identical direction).
+ */
+function cosineSimilarity(a, b) {
+    if (a.length !== b.length)
+        return 0;
+    let dot = 0;
+    let magA = 0;
+    let magB = 0;
+    for (let i = 0; i < a.length; i++) {
+        dot += a[i] * b[i];
+        magA += a[i] * a[i];
+        magB += b[i] * b[i];
+    }
+    const denom = Math.sqrt(magA) * Math.sqrt(magB);
+    if (denom === 0)
+        return 0;
+    return dot / denom;
+}
+/** Load pre-computed embeddings from JSON */
+export function loadVectorEntries(data) {
+    return data.map((d) => ({
+        id: d.id,
+        vector: new Float32Array(d.vector),
+        label: d.label,
+        category: d.category,
+        severity: (d.severity || 'medium'),
+    }));
+}
+//# sourceMappingURL=vector-store.js.map

package/dist/embedding/vector-store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vector-store.js","sourceRoot":"","sources":["../../src/embedding/vector-store.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAiBH,MAAM,OAAO,WAAW;IACL,OAAO,CAAyB;IAEjD,YAAY,OAAgC;QAC1C,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;IAC/B,CAAC;IAED,2DAA2D;IAC3D,WAAW,CAAC,UAAkC;QAC5C,OAAO,IAAI,WAAW,CAAC,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,GAAG,UAAU,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,KAAmB,EAAE,OAAe,CAAC,EAAE,YAAoB,IAAI;QACpE,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,CAAC;QAEzC,MAAM,OAAO,GAAmB,EAAE,CAAC;QAEnC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,gBAAgB,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YAClD,IAAI,GAAG,IAAI,SAAS,EAAE,CAAC;gBACrB,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC;QACpD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,IAAI;QACF,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;IAC7B,CAAC;CACF;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,CAAe,EAAE,CAAe;IACxD,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,CAAC,CAAC;IAEpC,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,IAAI,GAAG,CAAC,CAAC;IACb,IAAI,IAAI,GAAG,CAAC,CAAC;IAEb,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC;QACrB,IAAI,IAAI,CAAC,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC;QACtB,IAAI,IAAI,CAAC,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC;IACxB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAE1B,OAAO,GAAG,GAAG,KAAK,CAAC;AACrB,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,iBAAiB,CAC/B,IAAoG;IAEpG,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtB,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,MAAM,EAAE,IAAI,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC;QAClC,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAgB;KAClD,CAAC,CAAC,CAAC;AACN,CAAC"}

package/dist/engine.d.ts

@@ -16,6 +16,9 @@ import type { SessionTracker } from './session-tracker.js';
 import type { ActionExecutor } from './action-executor.js';
 import type { SkillFingerprintStore } from './skill-fingerprint.js';
 import type { SemanticLayerConfig } from './layer-integration.js';
+import type { InvariantChecker } from './tier0-invariant.js';
+import type { BlacklistProvider } from './tier1-blacklist.js';
+import type { EmbeddingModule } from './modules/embedding.js';
 export interface ATREngineConfig {
     /** Directory containing ATR rule YAML files */
     rulesDir?: string;
@@ -23,8 +26,14 @@ export interface ATREngineConfig {
     rules?: ATRRule[];
     /** Optional session tracker for behavioral detection across events */
     sessionTracker?: SessionTracker;
+    /** Optional Tier 0: Invariant enforcement (hard boundaries, pre-check) */
+    invariantChecker?: InvariantChecker;
+    /** Optional Tier 1: Skill blacklist provider (known-bad lookup) */
+    blacklistProvider?: BlacklistProvider;
     /** Optional Layer 2: Skill behavioral fingerprinting (no LLM required) */
     fingerprintStore?: SkillFingerprintStore;
+    /** Optional Tier 2.5: Embedding similarity module (requires @xenova/transformers) */
+    embeddingModule?: EmbeddingModule;
     /** Optional Layer 3: Semantic LLM-as-judge analysis (requires API key) */
     semanticModule?: SemanticLayerConfig;
 }
@@ -97,28 +106,22 @@ export declare class ATREngine {
     /**
      * Evaluate a sequence condition against the current event.
      *
-     * @limitation SINGLE-EVENT ONLY (v0.1)
-     * This implementation is fundamentally limited: it checks whether patterns
-     * from multiple sequence steps co-occur within a SINGLE event's content.
-     *
-     * What it does NOT do (and claims to via the schema):
-     * - Does NOT track ordered execution across separate events
-     * - Does NOT enforce the `within` time window between steps
-     * - Does NOT respect the `ordered` flag (treats all as unordered)
-     * - Does NOT correlate steps across different event types
-     *
-     * As a result, sequence rules only fire when an attacker's multi-step
-     * payload appears in one message. Real multi-turn attack chains that
-     * spread steps across separate events will NOT be detected.
-     *
-     * The `matchCount >= 2` threshold is arbitrary and can produce false
-     * negatives for 2-step sequences (requires both steps in one event)
-     * and false positives for long sequences (only 2 of N steps needed).
-     *
-     * Full session-aware sequence detection is planned for a future version
-     * and will require integration with SessionTracker.
+     * Two modes:
+     * 1. Session-aware (when SessionTracker + sessionId available):
+     *    Checks patterns across historical events in the session.
+     *    Respects `ordered` flag and `within` time window.
+     * 2. Single-event fallback: checks if patterns co-occur in one event.
      */
     private evaluateSequenceCondition;
+    /**
+     * Cross-event sequence detection using SessionTracker.
+     * Checks if step patterns have been seen across events in order.
+     */
+    private evaluateSequenceAcrossSession;
+    /**
+     * Single-event fallback: check if step patterns co-occur in one event.
+     */
+    private evaluateSequenceSingleEvent;
     /**
      * Resolve a field value from an agent event.
      */