agent-threat-rules 0.4.0 → 1.0.0

package/dist/rule-scaffolder.js

@@ -1,301 +0,0 @@
-/**
- * ATR Rule Scaffolder - Generates ATR rule YAML scaffolds from structured input
- * @module agent-threat-rules/rule-scaffolder
- */
-import yaml from 'js-yaml';
-const CATEGORY_TO_SOURCE_TYPE = {
-    'prompt-injection': 'llm_io',
-    'tool-poisoning': 'tool_call',
-    'context-exfiltration': 'context_window',
-    'agent-manipulation': 'multi_agent_comm',
-    'privilege-escalation': 'agent_behavior',
-    'excessive-autonomy': 'agent_behavior',
-    'data-poisoning': 'llm_io',
-    'model-abuse': 'llm_io',
-    'skill-compromise': 'skill_lifecycle',
-};
-const CATEGORY_TO_FIELD = {
-    'prompt-injection': 'user_input',
-    'tool-poisoning': 'tool_response',
-    'context-exfiltration': 'agent_output',
-    'agent-manipulation': 'agent_message',
-    'privilege-escalation': 'agent_action',
-    'excessive-autonomy': 'agent_action',
-    'data-poisoning': 'training_input',
-    'model-abuse': 'user_input',
-    'skill-compromise': 'skill_manifest',
-};
-const SEVERITY_TO_ACTIONS = {
-    critical: ['block_input', 'alert', 'escalate'],
-    high: ['block_input', 'alert'],
-    medium: ['alert', 'snapshot'],
-    low: ['alert'],
-    informational: ['alert'],
-};
-const REGEX_SPECIAL_CHARS = /[.*+?^${}()|[\]\\]/g;
-function escapeRegex(str) {
-    return str.replace(REGEX_SPECIAL_CHARS, '\\$&');
-}
-/**
- * Attack pattern templates by category — reusable regex building blocks
- * that detect BEHAVIOR, not package names.
- */
-export const ATTACK_PATTERN_INDICATORS = [
-    // Shell execution patterns
-    {
-        test: /exec(Sync)?|spawn|child_process|shell|subprocess|popen|os\.system/i,
-        pattern: '(execSync?|spawn|child_process|shell|subprocess|popen|os\\.system)\\s*\\(',
-        description: 'Shell/command execution',
-        categories: ['tool-poisoning', 'skill-compromise', 'privilege-escalation'],
-    },
-    // Dynamic shell with interpolation (RCE)
-    {
-        test: /exec.*\$\{|spawn.*\$\{|`.*\$\{.*`/i,
-        pattern: '(exec|spawn|shell)\\s*\\(.*\\$\\{',
-        description: 'Dynamic shell execution with variable interpolation',
-        categories: ['tool-poisoning', 'skill-compromise'],
-    },
-    // Network exfiltration
-    {
-        test: /fetch|http|request|axios|got|node-fetch|urllib|curl|wget/i,
-        pattern: '(fetch|https?://|request|axios|got|node-fetch|urllib|curl|wget)\\s*\\(?',
-        description: 'Outbound network request',
-        categories: ['context-exfiltration', 'tool-poisoning', 'data-poisoning'],
-    },
-    // Credential/secret access
-    {
-        test: /password|secret|token|credential|api[_\s]?key|auth|cookie/i,
-        pattern: '(password|secret|token|credential|api[_ ]?key|auth_token|cookie)',
-        description: 'Credential/secret access',
-        categories: ['context-exfiltration', 'privilege-escalation', 'tool-poisoning'],
-    },
-    // Environment variable exfiltration
-    {
-        test: /process\.env|os\.environ|getenv|ENV\[/i,
-        pattern: '(process\\.env|os\\.environ|getenv|ENV\\[)',
-        description: 'Environment variable access',
-        categories: ['context-exfiltration', 'tool-poisoning', 'skill-compromise'],
-    },
-    // eval / dynamic code execution
-    {
-        test: /\beval\s*\(|new\s+Function\s*\(|vm\.run/i,
-        pattern: '(\\beval\\s*\\(|new\\s+Function\\s*\\(|vm\\.run)',
-        description: 'Dynamic code execution',
-        categories: ['tool-poisoning', 'skill-compromise'],
-    },
-    // Instruction override (prompt injection)
-    {
-        test: /ignore|disregard|forget|override|overwrite/i,
-        pattern: '(override|overwrite|ignore|disregard|forget)\\s+(previous|prior|above|existing|all|any)\\s+(instructions?|rules?|constraints?|guidelines?|protocols?)',
-        description: 'Instruction override attempt',
-        categories: ['prompt-injection', 'agent-manipulation'],
-    },
-    // Role manipulation
-    {
-        test: /you are now|act as|pretend|new role|system prompt/i,
-        pattern: '(you\\s+are\\s+now|act\\s+as\\s+(a|an|if)|pretend\\s+(to|you)|new\\s+role|system\\s+prompt)',
-        description: 'Role/identity manipulation',
-        categories: ['prompt-injection', 'agent-manipulation'],
-    },
-    // File system destructive operations
-    {
-        test: /rm\s+-rf|rmdir|unlink|deleteFile|fs\.rm/i,
-        pattern: '(rm\\s+-rf|rmdir\\s|unlink\\s*\\(|deleteFile|fs\\.rm)',
-        description: 'Destructive file system operation',
-        categories: ['tool-poisoning', 'excessive-autonomy'],
-    },
-    // Base64/encoding evasion
-    {
-        test: /atob|btoa|base64|Buffer\.from.*encoding|fromCharCode/i,
-        pattern: '(atob|btoa|base64|Buffer\\.from|fromCharCode)\\s*\\(',
-        description: 'Encoding-based payload obfuscation',
-        categories: ['tool-poisoning', 'skill-compromise'],
-    },
-    // Data exfiltration combo (credential + network)
-    {
-        test: /(password|secret|token|key).*(fetch|http|send|post|upload)/i,
-        pattern: '(password|secret|token|api[_ ]?key).*(fetch|https?://|request|send|post|upload)',
-        description: 'Credential access combined with network exfiltration',
-        categories: ['context-exfiltration', 'tool-poisoning'],
-    },
-    // Download + execute combo
-    {
-        test: /(download|fetch|curl|wget).*(exec|eval|spawn)/i,
-        pattern: '(download|fetch|curl|wget).*(exec|eval|spawn|child_process)',
-        description: 'Download and execute pattern',
-        categories: ['tool-poisoning', 'skill-compromise'],
-    },
-];
-/**
- * Build detection regex from a payload string, using category-aware
- * attack pattern templates instead of naive keyword extraction.
- *
- * Priority:
- * 1. Match known attack indicators in the payload -> use behavioral regex
- * 2. Combine multiple indicators with alternation for multi-vector attacks
- * 3. Fall back to keyword extraction only for text that has no code patterns
- */
-function buildRegexPattern(payload, category) {
-    const trimmed = payload.trim();
-    // Step 1: Find all attack indicators present in this payload
-    const matched = ATTACK_PATTERN_INDICATORS.filter((ind) => {
-        const matchesPayload = ind.test.test(trimmed);
-        const matchesCategory = !category || ind.categories.includes(category);
-        return matchesPayload && matchesCategory;
-    });
-    // Step 2: If we found behavioral patterns, use them
-    if (matched.length > 0) {
-        if (matched.length === 1) {
-            return `(?i)${matched[0].pattern}`;
-        }
-        // Combine multiple indicators — detect the most specific one
-        // Sort by pattern length (longer = more specific) and take top 3
-        const sorted = [...matched].sort((a, b) => b.pattern.length - a.pattern.length);
-        const top = sorted.slice(0, 3);
-        if (top.length === 1) {
-            return `(?i)${top[0].pattern}`;
-        }
-        // Use alternation for multi-vector detection
-        return `(?i)(${top.map((t) => t.pattern).join('|')})`;
-    }
-    // Step 3: Fallback — keyword extraction for text-based payloads
-    // (e.g., prompt injection text without code patterns)
-    const words = trimmed.split(/\s+/).filter((w) => w.length > 3);
-    if (words.length === 0) {
-        return `(?i).*${escapeRegex(trimmed)}.*`;
-    }
-    const keywords = words.slice(0, 4);
-    return `(?i)${keywords.map((k) => `(?=.*${escapeRegex(k)})`).join('')}`;
-}
-function generateId(existingIds = new Set()) {
-    const year = new Date().getFullYear();
-    const maxAttempts = 800;
-    for (let attempt = 0; attempt < maxAttempts; attempt++) {
-        const seq = String(Math.floor(Math.random() * 900) + 100);
-        const id = `ATR-${year}-${seq}`;
-        if (!existingIds.has(id)) {
-            return id;
-        }
-    }
-    throw new Error('Unable to generate a unique ATR rule ID after maximum attempts');
-}
-function getCurrentDate() {
-    const d = new Date();
-    const yyyy = d.getFullYear();
-    const mm = String(d.getMonth() + 1).padStart(2, '0');
-    const dd = String(d.getDate()).padStart(2, '0');
-    return `${yyyy}/${mm}/${dd}`;
-}
-export class RuleScaffolder {
-    options;
-    constructor(options = {}) {
-        this.options = {
-            author: options.author ?? 'ATR Community (auto-scaffolded)',
-            schemaVersion: options.schemaVersion ?? '0.1',
-        };
-    }
-    /**
-     * Generate a complete ATR YAML rule from structured input.
-     * Returns a ScaffoldResult with the YAML string, generated ID, and any warnings.
-     */
-    scaffold(input, existingIds = new Set()) {
-        const warnings = this.validateInput(input);
-        const severity = input.severity ?? 'medium';
-        const sourceType = input.agentSourceType ?? CATEGORY_TO_SOURCE_TYPE[input.category];
-        const field = CATEGORY_TO_FIELD[input.category];
-        const id = generateId(existingIds);
-        const date = getCurrentDate();
-        const conditions = input.examplePayloads.map((payload, idx) => ({
-            field,
-            operator: 'regex',
-            value: buildRegexPattern(payload, input.category),
-            description: `Pattern ${idx + 1}: detects "${payload.trim().slice(0, 80)}"`,
-        }));
-        const truePositives = input.examplePayloads.map((payload) => ({
-            input: payload.trim(),
-            expected: 'trigger',
-        }));
-        const trueNegatives = [
-            {
-                input: 'TODO: Add benign input that should not trigger this rule',
-                expected: 'no_trigger',
-            },
-        ];
-        const references = {};
-        if (input.owaspRefs && input.owaspRefs.length > 0) {
-            references.owasp_llm = [...input.owaspRefs];
-        }
-        if (input.mitreRefs && input.mitreRefs.length > 0) {
-            references.mitre_atlas = [...input.mitreRefs];
-        }
-        const conditionExpr = conditions.length > 1 ? 'any' : 'all';
-        const rule = {
-            title: input.title,
-            id,
-            schema_version: this.options.schemaVersion,
-            status: 'draft',
-            description: input.attackDescription,
-            author: this.options.author,
-            date,
-            severity,
-            detection_tier: 'pattern',
-            maturity: 'draft',
-            ...(Object.keys(references).length > 0 ? { references } : {}),
-            tags: {
-                category: input.category,
-                confidence: severity === 'critical' || severity === 'high' ? 'high' : 'medium',
-            },
-            agent_source: {
-                type: sourceType,
-            },
-            detection: {
-                conditions,
-                condition: conditionExpr,
-                false_positives: [
-                    'TODO: Document known false positive scenarios',
-                ],
-            },
-            response: {
-                actions: [...SEVERITY_TO_ACTIONS[severity]],
-                message_template: `Potential ${input.category} detected: {{matched_patterns}}`,
-            },
-            test_cases: {
-                true_positives: truePositives,
-                true_negatives: trueNegatives,
-            },
-        };
-        const yamlStr = yaml.dump(rule, {
-            indent: 2,
-            lineWidth: 120,
-            noRefs: true,
-            sortKeys: false,
-            quotingType: '"',
-            forceQuotes: false,
-        });
-        return { yaml: yamlStr, id, warnings };
-    }
-    /**
-     * Validate scaffold input, throwing on invalid required fields
-     * and returning warnings for non-critical issues.
-     */
-    validateInput(input) {
-        const warnings = [];
-        if (!input.title || input.title.trim().length === 0) {
-            throw new Error('ScaffoldInput.title is required and must be non-empty');
-        }
-        if (!input.category) {
-            throw new Error('ScaffoldInput.category is required');
-        }
-        if (!input.attackDescription || input.attackDescription.trim().length === 0) {
-            throw new Error('ScaffoldInput.attackDescription is required and must be non-empty');
-        }
-        if (!input.examplePayloads || input.examplePayloads.length === 0) {
-            throw new Error('ScaffoldInput.examplePayloads must contain at least one payload');
-        }
-        if (input.examplePayloads.length < 3) {
-            warnings.push('Fewer than 3 example payloads - consider adding more for better pattern coverage.');
-        }
-        return warnings;
-    }
-}
-//# sourceMappingURL=rule-scaffolder.js.map

package/dist/rule-scaffolder.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"rule-scaffolder.js","sourceRoot":"","sources":["../src/rule-scaffolder.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,IAAI,MAAM,SAAS,CAAC;AA+B3B,MAAM,uBAAuB,GAAiD;IAC5E,kBAAkB,EAAE,QAAQ;IAC5B,gBAAgB,EAAE,WAAW;IAC7B,sBAAsB,EAAE,gBAAgB;IACxC,oBAAoB,EAAE,kBAAkB;IACxC,sBAAsB,EAAE,gBAAgB;IACxC,oBAAoB,EAAE,gBAAgB;IACtC,gBAAgB,EAAE,QAAQ;IAC1B,aAAa,EAAE,QAAQ;IACvB,kBAAkB,EAAE,iBAAiB;CACtC,CAAC;AAEF,MAAM,iBAAiB,GAA0C;IAC/D,kBAAkB,EAAE,YAAY;IAChC,gBAAgB,EAAE,eAAe;IACjC,sBAAsB,EAAE,cAAc;IACtC,oBAAoB,EAAE,eAAe;IACrC,sBAAsB,EAAE,cAAc;IACtC,oBAAoB,EAAE,cAAc;IACpC,gBAAgB,EAAE,gBAAgB;IAClC,aAAa,EAAE,YAAY;IAC3B,kBAAkB,EAAE,gBAAgB;CACrC,CAAC;AAEF,MAAM,mBAAmB,GAAwD;IAC/E,QAAQ,EAAE,CAAC,aAAa,EAAE,OAAO,EAAE,UAAU,CAAC;IAC9C,IAAI,EAAE,CAAC,aAAa,EAAE,OAAO,CAAC;IAC9B,MAAM,EAAE,CAAC,OAAO,EAAE,UAAU,CAAC;IAC7B,GAAG,EAAE,CAAC,OAAO,CAAC;IACd,aAAa,EAAE,CAAC,OAAO,CAAC;CACzB,CAAC;AAEF,MAAM,mBAAmB,GAAG,qBAAqB,CAAC;AAElD,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;AAClD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,yBAAyB,GASjC;IACH,2BAA2B;IAC3B;QACE,IAAI,EAAE,oEAAoE;QAC1E,OAAO,EAAE,2EAA2E;QACpF,WAAW,EAAE,yBAAyB;QACtC,UAAU,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,sBAAsB,CAAC;KAC3E;IACD,yCAAyC;IACzC;QACE,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,mCAAmC;QAC5C,WAAW,EAAE,qDAAqD;QAClE,UAAU,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,CAAC;KACnD;IACD,uBAAuB;IACvB;QACE,IAAI,EAAE,2DAA2D;QACjE,OAAO,EAAE,yEAAyE;QAClF,WAAW,EAAE,0BAA0B;QACvC,UAAU,EAAE,CAAC,sBAAsB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC;KACzE;IACD,2BAA2B;IAC3B;QACE,IAAI,EAAE,4DAA4D;QAClE,OAAO,EAAE,kEAAkE;QAC3E,WAAW,EAAE,0BAA0B;QACvC,UAAU,EAAE,CAAC,sBAAsB,EAAE,sBAAsB,EAAE,gBAAgB,CAAC;KAC/E;IACD,oCAAoC;IACpC;QACE,IAAI,EAAE,wCAAwC;QAC9C,OAAO,EAAE,4CAA4C;QACrD,WAAW,EAAE,6BAA6B;QAC1C,UAAU,EAAE,CAAC,sBAAsB,EAAE,gBAAgB,EAAE,kBAAkB,CAAC;KAC3E;IACD,gCAAgC;IAChC;QACE,IAAI,EAAE,0CAA0C;QAChD,OAAO,EAAE,kDAAkD;QAC3D,WAAW,EAAE,wBAAwB;QACrC,UAAU,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,CAAC;KACnD;IACD,0CAA0C;IAC1C;QACE,IAAI,EAAE,6CAA6C;QACnD,OAAO,EAAE,uJAAuJ;QAChK,WAAW,EAAE,8BAA8B;QAC3C,UAAU,EAAE,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KACvD;IACD,oBAAoB;IACpB;QACE,IAAI,EAAE,oDAAoD;QAC1D,OAAO,EAAE,6FAA6F;QACtG,WAAW,EAAE,4BAA4B;QACzC,UAAU,EAAE,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;KACvD;IACD,qCAAqC;IACrC;QACE,IAAI,EAAE,0CAA0C;QAChD,OAAO,EAAE,uDAAuD;QAChE,WAAW,EAAE,mCAAmC;QAChD,UAAU,EAAE,CAAC,gBAAgB,EAAE,oBAAoB,CAAC;KACrD;IACD,0BAA0B;IAC1B;QACE,IAAI,EAAE,uDAAuD;QAC7D,OAAO,EAAE,sDAAsD;QAC/D,WAAW,EAAE,oCAAoC;QACjD,UAAU,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,CAAC;KACnD;IACD,iDAAiD;IACjD;QACE,IAAI,EAAE,6DAA6D;QACnE,OAAO,EAAE,iFAAiF;QAC1F,WAAW,EAAE,sDAAsD;QACnE,UAAU,EAAE,CAAC,sBAAsB,EAAE,gBAAgB,CAAC;KACvD;IACD,2BAA2B;IAC3B;QACE,IAAI,EAAE,gDAAgD;QACtD,OAAO,EAAE,6DAA6D;QACtE,WAAW,EAAE,8BAA8B;QAC3C,UAAU,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,CAAC;KACnD;CACF,CAAC;AAEF;;;;;;;;GAQG;AACH,SAAS,iBAAiB,CAAC,OAAe,EAAE,QAAsB;IAChE,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAE/B,6DAA6D;IAC7D,MAAM,OAAO,GAAG,yBAAyB,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE;QACvD,MAAM,cAAc,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,MAAM,eAAe,GAAG,CAAC,QAAQ,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACvE,OAAO,cAAc,IAAI,eAAe,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,oDAAoD;IACpD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,OAAO,OAAO,CAAC,CAAC,CAAE,CAAC,OAAO,EAAE,CAAC;QACtC,CAAC;QACD,6DAA6D;QAC7D,iEAAiE;QACjE,MAAM,MAAM,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAChF,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC/B,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrB,OAAO,OAAO,GAAG,CAAC,CAAC,CAAE,CAAC,OAAO,EAAE,CAAC;QAClC,CAAC;QACD,6CAA6C;QAC7C,OAAO,QAAQ,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;IACxD,CAAC;IAED,gEAAgE;IAChE,sDAAsD;IACtD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAE/D,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,SAAS,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3C,CAAC;IAED,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnC,OAAO,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;AAC1E,CAAC;AAED,SAAS,UAAU,CAAC,cAAmC,IAAI,GAAG,EAAE;IAC9D,MAAM,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACtC,MAAM,WAAW,GAAG,GAAG,CAAC;IACxB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,WAAW,EAAE,OAAO,EAAE,EAAE,CAAC;QACvD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC;QAC1D,MAAM,EAAE,GAAG,OAAO,IAAI,IAAI,GAAG,EAAE,CAAC;QAChC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;YACzB,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;AACpF,CAAC;AAED,SAAS,cAAc;IACrB,MAAM,CAAC,GAAG,IAAI,IAAI,EAAE,CAAC;IACrB,MAAM,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;IAC7B,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACrD,MAAM,EAAE,GAAG,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAChD,OAAO,GAAG,IAAI,IAAI,EAAE,IAAI,EAAE,EAAE,CAAC;AAC/B,CAAC;AAED,MAAM,OAAO,cAAc;IACR,OAAO,CAA4B;IAEpD,YAAY,UAA2B,EAAE;QACvC,IAAI,CAAC,OAAO,GAAG;YACb,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,iCAAiC;YAC3D,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,KAAK;SAC9C,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,QAAQ,CAAC,KAAoB,EAAE,cAAmC,IAAI,GAAG,EAAE;QACzE,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAE3C,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC5C,MAAM,UAAU,GAAG,KAAK,CAAC,eAAe,IAAI,uBAAuB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACpF,MAAM,KAAK,GAAG,iBAAiB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;QACnC,MAAM,IAAI,GAAG,cAAc,EAAE,CAAC;QAE9B,MAAM,UAAU,GAAwB,KAAK,CAAC,eAAe,CAAC,GAAG,CAC/D,CAAC,OAAO,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;YACjB,KAAK;YACL,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,iBAAiB,CAAC,OAAO,EAAE,KAAK,CAAC,QAAQ,CAAC;YACjD,WAAW,EAAE,WAAW,GAAG,GAAG,CAAC,cAAc,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG;SAC5E,CAAC,CACH,CAAC;QAEF,MAAM,aAAa,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAC5D,KAAK,EAAE,OAAO,CAAC,IAAI,EAAE;YACrB,QAAQ,EAAE,SAAkB;SAC7B,CAAC,CAAC,CAAC;QAEJ,MAAM,aAAa,GAAG;YACpB;gBACE,KAAK,EAAE,0DAA0D;gBACjE,QAAQ,EAAE,YAAqB;aAChC;SACF,CAAC;QAEF,MAAM,UAAU,GAA6B,EAAE,CAAC;QAChD,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClD,UAAU,CAAC,SAAS,GAAG,CAAC,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,KAAK,CAAC,SAAS,IAAI,KAAK,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClD,UAAU,CAAC,WAAW,GAAG,CAAC,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;QAE5D,MAAM,IAAI,GAA4B;YACpC,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,EAAE;YACF,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa;YAC1C,MAAM,EAAE,OAAO;YACf,WAAW,EAAE,KAAK,CAAC,iBAAiB;YACpC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM;YAC3B,IAAI;YACJ,QAAQ;YACR,cAAc,EAAE,SAAS;YACzB,QAAQ,EAAE,OAAO;YACjB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,IAAI,EAAE;gBACJ,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,UAAU,EAAE,QAAQ,KAAK,UAAU,IAAI,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;aAC/E;YACD,YAAY,EAAE;gBACZ,IAAI,EAAE,UAAU;aACjB;YACD,SAAS,EAAE;gBACT,UAAU;gBACV,SAAS,EAAE,aAAa;gBACxB,eAAe,EAAE;oBACf,+CAA+C;iBAChD;aACF;YACD,QAAQ,EAAE;gBACR,OAAO,EAAE,CAAC,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBAC3C,gBAAgB,EAAE,aAAa,KAAK,CAAC,QAAQ,iCAAiC;aAC/E;YACD,UAAU,EAAE;gBACV,cAAc,EAAE,aAAa;gBAC7B,cAAc,EAAE,aAAa;aAC9B;SACF,CAAC;QAEF,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;YAC9B,MAAM,EAAE,CAAC;YACT,SAAS,EAAE,GAAG;YACd,MAAM,EAAE,IAAI;YACZ,QAAQ,EAAE,KAAK;YACf,WAAW,EAAE,GAAG;YAChB,WAAW,EAAE,KAAK;SACnB,CAAC,CAAC;QAEH,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC;IACzC,CAAC;IAED;;;OAGG;IACK,aAAa,CAAC,KAAoB;QACxC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACxD,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,iBAAiB,IAAI,KAAK,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,IAAI,KAAK,CAAC,mEAAmE,CAAC,CAAC;QACvF,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,eAAe,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjE,MAAM,IAAI,KAAK,CAAC,iEAAiE,CAAC,CAAC;QACrF,CAAC;QAED,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,QAAQ,CAAC,IAAI,CACX,mFAAmF,CACpF,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/session-tracker.d.ts

@@ -1,58 +0,0 @@
-/**
- * SessionTracker - Tracks per-session state for behavioral detection operators.
- *
- * Enables multi-turn injection detection, call frequency tracking,
- * and pattern repetition counting. All state is internal; public methods
- * return copies to preserve immutability.
- *
- * @module agent-threat-rules/session-tracker
- */
-import type { AgentEvent } from './types.js';
-/** Snapshot of session state returned to callers (immutable copy) */
-export interface SessionStateSnapshot {
-    readonly sessionId: string;
-    readonly eventCount: number;
-    readonly oldestEventTimestamp: number | undefined;
-    readonly newestEventTimestamp: number | undefined;
-    /** Event history for sequence detection (immutable copies) */
-    readonly events: readonly Readonly<AgentEvent>[];
-}
-export declare class SessionTracker {
-    private readonly sessions;
-    /**
-     * Record an agent event for the given session.
-     * Extracts tool name and patterns from event fields/content.
-     */
-    recordEvent(sessionId: string, event: AgentEvent, patterns?: readonly string[]): void;
-    /**
-     * Get the number of calls to a specific tool within a time window.
-     */
-    getCallFrequency(sessionId: string, toolName: string, windowMs: number): number;
-    /**
-     * Get the number of times a pattern has been observed within a time window.
-     */
-    getPatternFrequency(sessionId: string, pattern: string, windowMs: number): number;
-    /**
-     * Get total event count for a session, optionally within a time window.
-     */
-    getEventCount(sessionId: string, windowMs?: number): number;
-    /**
-     * Get an immutable snapshot of session state. Returns undefined if session does not exist.
-     */
-    getSessionSnapshot(sessionId: string): SessionStateSnapshot | undefined;
-    /**
-     * Evict sessions that have been inactive longer than maxAgeMs.
-     * Returns the number of sessions evicted.
-     */
-    cleanup(maxAgeMs: number): number;
-    /** Get the number of tracked sessions */
-    getSessionCount(): number;
-    /**
-     * Ensure we don't exceed the maximum session count.
-     * Evicts the oldest session if at capacity.
-     */
-    private ensureCapacity;
-    private getOrCreateSession;
-    private extractToolName;
-}
-//# sourceMappingURL=session-tracker.d.ts.map

package/dist/session-tracker.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-tracker.d.ts","sourceRoot":"","sources":["../src/session-tracker.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAgB7C,qEAAqE;AACrE,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,oBAAoB,EAAE,MAAM,GAAG,SAAS,CAAC;IAClD,QAAQ,CAAC,oBAAoB,EAAE,MAAM,GAAG,SAAS,CAAC;IAClD,8DAA8D;IAC9D,QAAQ,CAAC,MAAM,EAAE,SAAS,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;CAClD;AAWD,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAmC;IAE5D;;;OAGG;IACH,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,GAAE,SAAS,MAAM,EAAO,GAAG,IAAI;IAkCzF;;OAEG;IACH,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM;IAc/E;;OAEG;IACH,mBAAmB,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM;IAcjF;;OAEG;IACH,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM;IAkB3D;;OAEG;IACH,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,oBAAoB,GAAG,SAAS;IAgBvE;;;OAGG;IACH,OAAO,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAcjC,yCAAyC;IACzC,eAAe,IAAI,MAAM;IAIzB;;;OAGG;IACH,OAAO,CAAC,cAAc;IAkBtB,OAAO,CAAC,kBAAkB;IAgB1B,OAAO,CAAC,eAAe;CAMxB"}

package/dist/session-tracker.js

@@ -1,176 +0,0 @@
-/**
- * SessionTracker - Tracks per-session state for behavioral detection operators.
- *
- * Enables multi-turn injection detection, call frequency tracking,
- * and pattern repetition counting. All state is internal; public methods
- * return copies to preserve immutability.
- *
- * @module agent-threat-rules/session-tracker
- */
-/** Maximum number of events stored per session */
-const MAX_EVENTS_PER_SESSION = 1000;
-/** Maximum number of tracked sessions */
-const MAX_SESSIONS = 10_000;
-export class SessionTracker {
-    sessions = new Map();
-    /**
-     * Record an agent event for the given session.
-     * Extracts tool name and patterns from event fields/content.
-     */
-    recordEvent(sessionId, event, patterns = []) {
-        this.ensureCapacity();
-        const state = this.getOrCreateSession(sessionId);
-        const toolName = this.extractToolName(event);
-        const now = Date.now();
-        const tracked = {
-            event: Object.freeze({ ...event }),
-            recordedAt: now,
-            toolName,
-            patterns,
-        };
-        // Evict oldest if at capacity
-        if (state.events.length >= MAX_EVENTS_PER_SESSION) {
-            state.events = state.events.slice(1);
-        }
-        state.events = [...state.events, tracked];
-        state.lastActivityAt = now;
-        // Update call counts
-        if (toolName) {
-            const prev = state.callCounts.get(toolName) ?? 0;
-            state.callCounts.set(toolName, prev + 1);
-        }
-        // Update pattern counts
-        for (const p of patterns) {
-            const prev = state.patternCounts.get(p) ?? 0;
-            state.patternCounts.set(p, prev + 1);
-        }
-    }
-    /**
-     * Get the number of calls to a specific tool within a time window.
-     */
-    getCallFrequency(sessionId, toolName, windowMs) {
-        const state = this.sessions.get(sessionId);
-        if (!state)
-            return 0;
-        const cutoff = Date.now() - windowMs;
-        let count = 0;
-        for (const tracked of state.events) {
-            if (tracked.recordedAt >= cutoff && tracked.toolName === toolName) {
-                count++;
-            }
-        }
-        return count;
-    }
-    /**
-     * Get the number of times a pattern has been observed within a time window.
-     */
-    getPatternFrequency(sessionId, pattern, windowMs) {
-        const state = this.sessions.get(sessionId);
-        if (!state)
-            return 0;
-        const cutoff = Date.now() - windowMs;
-        let count = 0;
-        for (const tracked of state.events) {
-            if (tracked.recordedAt >= cutoff && tracked.patterns.includes(pattern)) {
-                count++;
-            }
-        }
-        return count;
-    }
-    /**
-     * Get total event count for a session, optionally within a time window.
-     */
-    getEventCount(sessionId, windowMs) {
-        const state = this.sessions.get(sessionId);
-        if (!state)
-            return 0;
-        if (windowMs === undefined) {
-            return state.events.length;
-        }
-        const cutoff = Date.now() - windowMs;
-        let count = 0;
-        for (const tracked of state.events) {
-            if (tracked.recordedAt >= cutoff) {
-                count++;
-            }
-        }
-        return count;
-    }
-    /**
-     * Get an immutable snapshot of session state. Returns undefined if session does not exist.
-     */
-    getSessionSnapshot(sessionId) {
-        const state = this.sessions.get(sessionId);
-        if (!state)
-            return undefined;
-        const oldest = state.events.length > 0 ? state.events[0].recordedAt : undefined;
-        const newest = state.events.length > 0 ? state.events[state.events.length - 1].recordedAt : undefined;
-        return Object.freeze({
-            sessionId,
-            eventCount: state.events.length,
-            oldestEventTimestamp: oldest,
-            newestEventTimestamp: newest,
-            events: Object.freeze(state.events.map((e) => e.event)),
-        });
-    }
-    /**
-     * Evict sessions that have been inactive longer than maxAgeMs.
-     * Returns the number of sessions evicted.
-     */
-    cleanup(maxAgeMs) {
-        const cutoff = Date.now() - maxAgeMs;
-        let evicted = 0;
-        for (const [id, state] of this.sessions) {
-            if (state.lastActivityAt < cutoff) {
-                this.sessions.delete(id);
-                evicted++;
-            }
-        }
-        return evicted;
-    }
-    /** Get the number of tracked sessions */
-    getSessionCount() {
-        return this.sessions.size;
-    }
-    /**
-     * Ensure we don't exceed the maximum session count.
-     * Evicts the oldest session if at capacity.
-     */
-    ensureCapacity() {
-        if (this.sessions.size < MAX_SESSIONS)
-            return;
-        let oldestId;
-        let oldestTime = Infinity;
-        for (const [id, state] of this.sessions) {
-            if (state.lastActivityAt < oldestTime) {
-                oldestTime = state.lastActivityAt;
-                oldestId = id;
-            }
-        }
-        if (oldestId) {
-            this.sessions.delete(oldestId);
-        }
-    }
-    getOrCreateSession(sessionId) {
-        const existing = this.sessions.get(sessionId);
-        if (existing)
-            return existing;
-        const now = Date.now();
-        const state = {
-            events: [],
-            callCounts: new Map(),
-            patternCounts: new Map(),
-            createdAt: now,
-            lastActivityAt: now,
-        };
-        this.sessions.set(sessionId, state);
-        return state;
-    }
-    extractToolName(event) {
-        if (event.type === 'tool_call' || event.type === 'tool_response') {
-            return event.fields?.['tool_name'] ?? event.content;
-        }
-        return undefined;
-    }
-}
-//# sourceMappingURL=session-tracker.js.map

package/dist/session-tracker.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-tracker.js","sourceRoot":"","sources":["../src/session-tracker.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,kDAAkD;AAClD,MAAM,sBAAsB,GAAG,IAAI,CAAC;AAEpC,yCAAyC;AACzC,MAAM,YAAY,GAAG,MAAM,CAAC;AA6B5B,MAAM,OAAO,cAAc;IACR,QAAQ,GAAG,IAAI,GAAG,EAAwB,CAAC;IAE5D;;;OAGG;IACH,WAAW,CAAC,SAAiB,EAAE,KAAiB,EAAE,WAA8B,EAAE;QAChF,IAAI,CAAC,cAAc,EAAE,CAAC;QACtB,MAAM,KAAK,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,OAAO,GAAiB;YAC5B,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,EAAE,CAAC;YAClC,UAAU,EAAE,GAAG;YACf,QAAQ;YACR,QAAQ;SACT,CAAC;QAEF,8BAA8B;QAC9B,IAAI,KAAK,CAAC,MAAM,CAAC,MAAM,IAAI,sBAAsB,EAAE,CAAC;YAClD,KAAK,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;QAED,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC1C,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC;QAE3B,qBAAqB;QACrB,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACjD,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;QAC3C,CAAC;QAED,wBAAwB;QACxB,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAC7C,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,SAAiB,EAAE,QAAgB,EAAE,QAAgB;QACpE,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK;YAAE,OAAO,CAAC,CAAC;QAErB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC;QACrC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,OAAO,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACnC,IAAI,OAAO,CAAC,UAAU,IAAI,MAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAClE,KAAK,EAAE,CAAC;YACV,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,SAAiB,EAAE,OAAe,EAAE,QAAgB;QACtE,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK;YAAE,OAAO,CAAC,CAAC;QAErB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC;QACrC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,OAAO,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACnC,IAAI,OAAO,CAAC,UAAU,IAAI,MAAM,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvE,KAAK,EAAE,CAAC;YACV,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,SAAiB,EAAE,QAAiB;QAChD,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK;YAAE,OAAO,CAAC,CAAC;QAErB,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC3B,OAAO,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC;QAC7B,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC;QACrC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,OAAO,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACnC,IAAI,OAAO,CAAC,UAAU,IAAI,MAAM,EAAE,CAAC;gBACjC,KAAK,EAAE,CAAC;YACV,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACH,kBAAkB,CAAC,SAAiB;QAClC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC3C,IAAI,CAAC,KAAK;YAAE,OAAO,SAAS,CAAC;QAE7B,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;QACjF,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;QAEvG,OAAO,MAAM,CAAC,MAAM,CAAC;YACnB,SAAS;YACT,UAAU,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM;YAC/B,oBAAoB,EAAE,MAAM;YAC5B,oBAAoB,EAAE,MAAM;YAC5B,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;SACxD,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,OAAO,CAAC,QAAgB;QACtB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC;QACrC,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxC,IAAI,KAAK,CAAC,cAAc,GAAG,MAAM,EAAE,CAAC;gBAClC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACzB,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,yCAAyC;IACzC,eAAe;QACb,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC5B,CAAC;IAED;;;OAGG;IACK,cAAc;QACpB,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,GAAG,YAAY;YAAE,OAAO;QAE9C,IAAI,QAA4B,CAAC;QACjC,IAAI,UAAU,GAAG,QAAQ,CAAC;QAE1B,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACxC,IAAI,KAAK,CAAC,cAAc,GAAG,UAAU,EAAE,CAAC;gBACtC,UAAU,GAAG,KAAK,CAAC,cAAc,CAAC;gBAClC,QAAQ,GAAG,EAAE,CAAC;YAChB,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;IAEO,kBAAkB,CAAC,SAAiB;QAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC9C,IAAI,QAAQ;YAAE,OAAO,QAAQ,CAAC;QAE9B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,KAAK,GAAiB;YAC1B,MAAM,EAAE,EAAE;YACV,UAAU,EAAE,IAAI,GAAG,EAAE;YACrB,aAAa,EAAE,IAAI,GAAG,EAAE;YACxB,SAAS,EAAE,GAAG;YACd,cAAc,EAAE,GAAG;SACpB,CAAC;QACF,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACpC,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,eAAe,CAAC,KAAiB;QACvC,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,IAAI,KAAK,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YACjE,OAAO,KAAK,CAAC,MAAM,EAAE,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC;QACtD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}

package/dist/shadow-evaluator.d.ts

@@ -1,48 +0,0 @@
-/**
- * Shadow Evaluator -- runs experimental rules without affecting verdict.
- *
- * Experimental rules evaluate against every event but don't influence
- * the real verdict. Their match/no-match results are tracked to measure
- * false positive rates. Rules with FP < threshold get promoted.
- *
- * @module agent-threat-rules/shadow-evaluator
- */
-import type { ATRRule, ATRMatch, AgentEvent } from './types.js';
-interface ShadowRuleStats {
-    readonly ruleId: string;
-    totalEvaluations: number;
-    totalMatches: number;
-    confirmedTruePositives: number;
-    confirmedFalsePositives: number;
-    firstSeen: number;
-    lastSeen: number;
-}
-export interface PromotionCandidate {
-    readonly rule: ATRRule;
-    readonly stats: Readonly<ShadowRuleStats>;
-    readonly fpRate: number;
-}
-export declare class ShadowEvaluator {
-    private readonly rules;
-    private readonly stats;
-    private readonly compiledPatterns;
-    /** Add an experimental rule for shadow evaluation */
-    addRule(rule: ATRRule): void;
-    /** Evaluate all shadow rules against an event (does NOT affect verdict) */
-    evaluate(event: AgentEvent): readonly ATRMatch[];
-    /** Record user feedback on a shadow match */
-    recordFeedback(ruleId: string, isTruePositive: boolean): void;
-    /**
-     * Get rules ready for promotion.
-     * Criteria: FP rate < maxFPRate AND minimum evaluations reached.
-     */
-    getPromotionCandidates(maxFPRate?: number, minEvaluations?: number): readonly PromotionCandidate[];
-    /** Get stats for a specific rule */
-    getStats(ruleId: string): Readonly<ShadowRuleStats> | undefined;
-    /** Get all shadow rule stats */
-    getAllStats(): ReadonlyMap<string, Readonly<ShadowRuleStats>>;
-    /** Number of shadow rules */
-    size(): number;
-}
-export {};
-//# sourceMappingURL=shadow-evaluator.d.ts.map

package/dist/shadow-evaluator.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"shadow-evaluator.d.ts","sourceRoot":"","sources":["../src/shadow-evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAEhE,UAAU,eAAe;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,MAAM,CAAC;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,uBAAuB,EAAE,MAAM,CAAC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC;IACvB,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC;IAC1C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB;AAED,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAiB;IACvC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAsC;IAC5D,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;IAE9D,qDAAqD;IACrD,OAAO,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI;IAc5B,2EAA2E;IAC3E,QAAQ,CAAC,KAAK,EAAE,UAAU,GAAG,SAAS,QAAQ,EAAE;IAsDhD,6CAA6C;IAC7C,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,OAAO,GAAG,IAAI;IAU7D;;;OAGG;IACH,sBAAsB,CACpB,SAAS,GAAE,MAAc,EACzB,cAAc,GAAE,MAAa,GAC5B,SAAS,kBAAkB,EAAE;IAuBhC,oCAAoC;IACpC,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,QAAQ,CAAC,eAAe,CAAC,GAAG,SAAS;IAK/D,gCAAgC;IAChC,WAAW,IAAI,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,CAAC;IAI7D,6BAA6B;IAC7B,IAAI,IAAI,MAAM;CAGf"}