agent-threat-rules 1.1.1 → 1.2.0

package/dist/quality/adapters/index.js

@@ -0,0 +1,10 @@
+/**
+ * ATR Quality Standard — Rule Format Adapters
+ *
+ * Adapters convert vendor-specific rule formats into the canonical
+ * RuleMetadata interface that the scoring and validation functions consume.
+ *
+ * @module agent-threat-rules/quality/adapters
+ */
+export { parseATRRule, atrRuleToMetadata } from "./atr.js";
+//# sourceMappingURL=index.js.map

package/dist/quality/adapters/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/quality/adapters/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC"}

package/dist/quality/compute-confidence.d.ts

@@ -0,0 +1,45 @@
+/**
+ * ATR Quality Standard — Confidence Scoring
+ *
+ * Pure function implementing the RFC-001 §2 confidence formula:
+ *
+ *   confidence = round(
+ *       precision_score    * 0.40
+ *     + wild_validation    * 0.30
+ *     + coverage_score     * 0.20
+ *     + evasion_docs       * 0.10
+ *   )
+ *
+ * @module agent-threat-rules/quality/compute-confidence
+ */
+import type { ConfidenceScore, DeploymentRecommendation, RuleMetadata } from "./types.js";
+/**
+ * Compute the confidence score for a rule.
+ *
+ * Score is in [0, 100]. Higher is more trustworthy.
+ *
+ * @param rule - Rule metadata (vendor-agnostic)
+ * @returns Score breakdown and total
+ */
+export declare function computeConfidence(rule: RuleMetadata): ConfidenceScore;
+/**
+ * Map a confidence score to a deployment recommendation.
+ *
+ * This is the consumer-facing signal: "should I deploy this rule in
+ * blocking mode, alert mode, or not at all?"
+ */
+export declare function deploymentFor(score: number): DeploymentRecommendation;
+/**
+ * Apply the cross-context penalty to a match's contribution.
+ *
+ * When a rule designed for one scan context (e.g. MCP runtime) fires in
+ * a different context (e.g. SKILL.md static scan), the match's contribution
+ * is downweighted by 0.7. This prevents cross-context noise from inflating
+ * overall detection confidence.
+ *
+ * @param score - The base confidence score of the rule
+ * @param isCrossContext - True if the match is outside the rule's native context
+ * @returns Adjusted score
+ */
+export declare function applyCrossContextPenalty(score: number, isCrossContext: boolean): number;
+//# sourceMappingURL=compute-confidence.d.ts.map

package/dist/quality/compute-confidence.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"compute-confidence.d.ts","sourceRoot":"","sources":["../../src/quality/compute-confidence.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,wBAAwB,EACxB,YAAY,EACb,MAAM,YAAY,CAAC;AAKpB;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,YAAY,GAAG,eAAe,CAiCrE;AAuDD;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,wBAAwB,CAMrE;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,wBAAwB,CACtC,KAAK,EAAE,MAAM,EACb,cAAc,EAAE,OAAO,GACtB,MAAM,CAER"}

package/dist/quality/compute-confidence.js

@@ -0,0 +1,133 @@
+/**
+ * ATR Quality Standard — Confidence Scoring
+ *
+ * Pure function implementing the RFC-001 §2 confidence formula:
+ *
+ *   confidence = round(
+ *       precision_score    * 0.40
+ *     + wild_validation    * 0.30
+ *     + coverage_score     * 0.20
+ *     + evasion_docs       * 0.10
+ *   )
+ *
+ * @module agent-threat-rules/quality/compute-confidence
+ */
+/** Max confidence an LLM-generated rule can reach without human review */
+const LLM_CAP_WITHOUT_REVIEW = 70;
+/**
+ * Compute the confidence score for a rule.
+ *
+ * Score is in [0, 100]. Higher is more trustworthy.
+ *
+ * @param rule - Rule metadata (vendor-agnostic)
+ * @returns Score breakdown and total
+ */
+export function computeConfidence(rule) {
+    const precisionScore = computePrecisionScore(rule);
+    const wildValidationScore = computeWildValidationScore(rule);
+    const coverageScore = computeCoverageScore(rule);
+    const evasionScore = computeEvasionScore(rule);
+    const rawTotal = precisionScore * 0.4 +
+        wildValidationScore * 0.3 +
+        coverageScore * 0.2 +
+        evasionScore * 0.1;
+    let total = Math.round(rawTotal);
+    let capped = false;
+    // LLM-generated rules are capped at LLM_CAP_WITHOUT_REVIEW until a human reviews them.
+    // Rationale: LLMs can produce subtly wrong rules that pass static validation
+    // but fail in the wild. Human review is the only reliable backstop.
+    if (rule.llmGenerated === true && rule.humanReviewed !== true) {
+        if (total > LLM_CAP_WITHOUT_REVIEW) {
+            total = LLM_CAP_WITHOUT_REVIEW;
+            capped = true;
+        }
+    }
+    return {
+        total,
+        precisionScore: Math.round(precisionScore),
+        wildValidationScore: Math.round(wildValidationScore),
+        coverageScore: Math.round(coverageScore),
+        evasionScore: Math.round(evasionScore),
+        capped,
+    };
+}
+/**
+ * Precision component (weight 0.40).
+ *
+ * If wild FP rate is measured, use it directly: (1 - fpRate/100) * 100.
+ * Otherwise, estimate from test case coverage: more test cases = higher
+ * confidence in precision (max at 10 total).
+ */
+function computePrecisionScore(rule) {
+    if (rule.wildFpRate !== undefined &&
+        rule.wildSamples !== undefined &&
+        rule.wildSamples > 0) {
+        const fpRate = Math.max(0, Math.min(100, rule.wildFpRate));
+        return 100 - fpRate;
+    }
+    // Fallback: estimate from test case depth
+    const testCaseCount = rule.truePositives + rule.trueNegatives;
+    return Math.min(testCaseCount / 10, 1) * 100;
+}
+/**
+ * Wild validation component (weight 0.30).
+ *
+ * Scales with sample size up to 10,000 samples. More real-world data
+ * = higher score. A rule tested on 0 samples gets 0. A rule tested on
+ * 10,000+ samples gets 100.
+ */
+function computeWildValidationScore(rule) {
+    const samples = rule.wildSamples ?? 0;
+    return Math.min(samples / 10000, 1) * 100;
+}
+/**
+ * Coverage component (weight 0.20).
+ *
+ * Scales with number of detection conditions (layers). A single-condition
+ * rule gets 20. A 5+ condition rule gets 100. Defense in depth matters.
+ */
+function computeCoverageScore(rule) {
+    return Math.min(rule.conditions / 5, 1) * 100;
+}
+/**
+ * Evasion documentation component (weight 0.10).
+ *
+ * Rewards honest acknowledgment of known bypasses. A rule with 0 evasion
+ * tests gets 0. A rule with 5+ evasion tests gets 100.
+ */
+function computeEvasionScore(rule) {
+    return Math.min(rule.evasionTests / 5, 1) * 100;
+}
+/**
+ * Map a confidence score to a deployment recommendation.
+ *
+ * This is the consumer-facing signal: "should I deploy this rule in
+ * blocking mode, alert mode, or not at all?"
+ */
+export function deploymentFor(score) {
+    if (score >= 90)
+        return "block-in-production";
+    if (score >= 80)
+        return "block-with-monitoring";
+    if (score >= 60)
+        return "alert-only";
+    if (score >= 40)
+        return "evaluation-only";
+    return "do-not-deploy";
+}
+/**
+ * Apply the cross-context penalty to a match's contribution.
+ *
+ * When a rule designed for one scan context (e.g. MCP runtime) fires in
+ * a different context (e.g. SKILL.md static scan), the match's contribution
+ * is downweighted by 0.7. This prevents cross-context noise from inflating
+ * overall detection confidence.
+ *
+ * @param score - The base confidence score of the rule
+ * @param isCrossContext - True if the match is outside the rule's native context
+ * @returns Adjusted score
+ */
+export function applyCrossContextPenalty(score, isCrossContext) {
+    return isCrossContext ? Math.round(score * 0.7) : score;
+}
+//# sourceMappingURL=compute-confidence.js.map

package/dist/quality/compute-confidence.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compute-confidence.js","sourceRoot":"","sources":["../../src/quality/compute-confidence.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAQH,0EAA0E;AAC1E,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAElC;;;;;;;GAOG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAkB;IAClD,MAAM,cAAc,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;IACnD,MAAM,mBAAmB,GAAG,0BAA0B,CAAC,IAAI,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAE/C,MAAM,QAAQ,GACZ,cAAc,GAAG,GAAG;QACpB,mBAAmB,GAAG,GAAG;QACzB,aAAa,GAAG,GAAG;QACnB,YAAY,GAAG,GAAG,CAAC;IAErB,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACjC,IAAI,MAAM,GAAG,KAAK,CAAC;IAEnB,uFAAuF;IACvF,6EAA6E;IAC7E,oEAAoE;IACpE,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,IAAI,IAAI,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;QAC9D,IAAI,KAAK,GAAG,sBAAsB,EAAE,CAAC;YACnC,KAAK,GAAG,sBAAsB,CAAC;YAC/B,MAAM,GAAG,IAAI,CAAC;QAChB,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,cAAc,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC;QAC1C,mBAAmB,EAAE,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC;QACpD,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC;QACxC,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC;QACtC,MAAM;KACP,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,qBAAqB,CAAC,IAAkB;IAC/C,IACE,IAAI,CAAC,UAAU,KAAK,SAAS;QAC7B,IAAI,CAAC,WAAW,KAAK,SAAS;QAC9B,IAAI,CAAC,WAAW,GAAG,CAAC,EACpB,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAC3D,OAAO,GAAG,GAAG,MAAM,CAAC;IACtB,CAAC;IACD,0CAA0C;IAC1C,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;IAC9D,OAAO,IAAI,CAAC,GAAG,CAAC,aAAa,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAC/C,CAAC;AAED;;;;;;GAMG;AACH,SAAS,0BAA0B,CAAC,IAAkB;IACpD,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,IAAI,CAAC,CAAC;IACtC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,GAAG,KAAK,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAC5C,CAAC;AAED;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,IAAkB;IAC9C,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,IAAkB;IAC7C,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;AAClD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,qBAAqB,CAAC;IAC9C,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,uBAAuB,CAAC;IAChD,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,YAAY,CAAC;IACrC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,iBAAiB,CAAC;IAC1C,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,wBAAwB,CACtC,KAAa,EACb,cAAuB;IAEvB,OAAO,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;AAC1D,CAAC"}

package/dist/quality/index.d.ts

@@ -0,0 +1,36 @@
+/**
+ * ATR Quality Standard — Public API
+ *
+ * Vendor-neutral library for scoring and validating AI agent threat detection
+ * rules. See docs/proposals/001-atr-quality-standard-rfc.md for the RFC.
+ *
+ * @example Compute a confidence score for an ATR rule
+ * ```typescript
+ * import { parseATRRule, computeConfidence } from 'agent-threat-rules/quality';
+ * import { readFileSync } from 'node:fs';
+ *
+ * const yaml = readFileSync('rules/prompt-injection/ATR-2026-00001.yaml', 'utf-8');
+ * const rule = parseATRRule(yaml);
+ * const score = computeConfidence(rule);
+ * console.log(`Confidence: ${score.total}/100`);
+ * ```
+ *
+ * @example Run a rule through the quality gate
+ * ```typescript
+ * import { parseATRRule, validateRuleMeetsStandard } from 'agent-threat-rules/quality';
+ *
+ * const rule = parseATRRule(yamlContent);
+ * const gate = validateRuleMeetsStandard(rule, 'experimental');
+ * if (!gate.passed) {
+ *   console.error('Rule rejected:', gate.issues);
+ * }
+ * ```
+ *
+ * @module agent-threat-rules/quality
+ */
+export type { Maturity, RuleMetadata, ConfidenceScore, QualityGateResult, PromotionDecision, DemotionDecision, FpReport, DeploymentRecommendation, } from "./types.js";
+export { computeConfidence, deploymentFor, applyCrossContextPenalty, } from "./compute-confidence.js";
+export { validateRuleMeetsStandard, getRequirements } from "./quality-gate.js";
+export { canPromote, shouldDemote, getMaturityThresholds, } from "./validate-maturity.js";
+export { parseATRRule, atrRuleToMetadata } from "./adapters/atr.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/quality/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/quality/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAGH,YAAY,EACV,QAAQ,EACR,YAAY,EACZ,eAAe,EACf,iBAAiB,EACjB,iBAAiB,EACjB,gBAAgB,EAChB,QAAQ,EACR,wBAAwB,GACzB,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,iBAAiB,EACjB,aAAa,EACb,wBAAwB,GACzB,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EAAE,yBAAyB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAG/E,OAAO,EACL,UAAU,EACV,YAAY,EACZ,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC"}

package/dist/quality/index.js

@@ -0,0 +1,39 @@
+/**
+ * ATR Quality Standard — Public API
+ *
+ * Vendor-neutral library for scoring and validating AI agent threat detection
+ * rules. See docs/proposals/001-atr-quality-standard-rfc.md for the RFC.
+ *
+ * @example Compute a confidence score for an ATR rule
+ * ```typescript
+ * import { parseATRRule, computeConfidence } from 'agent-threat-rules/quality';
+ * import { readFileSync } from 'node:fs';
+ *
+ * const yaml = readFileSync('rules/prompt-injection/ATR-2026-00001.yaml', 'utf-8');
+ * const rule = parseATRRule(yaml);
+ * const score = computeConfidence(rule);
+ * console.log(`Confidence: ${score.total}/100`);
+ * ```
+ *
+ * @example Run a rule through the quality gate
+ * ```typescript
+ * import { parseATRRule, validateRuleMeetsStandard } from 'agent-threat-rules/quality';
+ *
+ * const rule = parseATRRule(yamlContent);
+ * const gate = validateRuleMeetsStandard(rule, 'experimental');
+ * if (!gate.passed) {
+ *   console.error('Rule rejected:', gate.issues);
+ * }
+ * ```
+ *
+ * @module agent-threat-rules/quality
+ */
+// Scoring
+export { computeConfidence, deploymentFor, applyCrossContextPenalty, } from "./compute-confidence.js";
+// Validation
+export { validateRuleMeetsStandard, getRequirements } from "./quality-gate.js";
+// Maturity transitions
+export { canPromote, shouldDemote, getMaturityThresholds, } from "./validate-maturity.js";
+// Adapters
+export { parseATRRule, atrRuleToMetadata } from "./adapters/atr.js";
+//# sourceMappingURL=index.js.map

package/dist/quality/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/quality/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAcH,UAAU;AACV,OAAO,EACL,iBAAiB,EACjB,aAAa,EACb,wBAAwB,GACzB,MAAM,yBAAyB,CAAC;AAEjC,aAAa;AACb,OAAO,EAAE,yBAAyB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAE/E,uBAAuB;AACvB,OAAO,EACL,UAAU,EACV,YAAY,EACZ,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAEhC,WAAW;AACX,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC"}

package/dist/quality/quality-gate.d.ts

@@ -0,0 +1,68 @@
+/**
+ * ATR Quality Standard — Quality Gate
+ *
+ * Checks whether a rule meets the minimum quality bar for a target maturity
+ * level. Used by TC crystallization pipeline to reject weak LLM-generated
+ * rules before they enter the proposal pipeline.
+ *
+ * See docs/proposals/001-atr-quality-standard-rfc.md §3 for the required
+ * metadata matrix.
+ *
+ * @module agent-threat-rules/quality/quality-gate
+ */
+import type { Maturity, QualityGateResult, RuleMetadata } from "./types.js";
+/**
+ * Minimum requirements for each maturity level.
+ * Thresholds match RFC-001 §3. Adjust here to tune the bar.
+ *
+ * The experimental gate uses 3/3 (matching Cisco-merge practice) and
+ * accepts any provenance (auto-generated OK). The stable gate requires
+ * 5/5 with 3 evasion tests AND human-reviewed provenance for MITRE/OWASP.
+ */
+declare const REQUIREMENTS: {
+    readonly draft: {
+        readonly minConditions: 1;
+        readonly minTruePositives: 1;
+        readonly minTrueNegatives: 1;
+        readonly minEvasionTests: 0;
+        readonly requireOwasp: false;
+        readonly requireMitre: false;
+        readonly requireFalsePositiveDocs: false;
+        readonly requireHumanReviewedProvenance: false;
+    };
+    readonly experimental: {
+        readonly minConditions: 3;
+        readonly minTruePositives: 3;
+        readonly minTrueNegatives: 3;
+        readonly minEvasionTests: 0;
+        readonly requireOwasp: true;
+        readonly requireMitre: true;
+        readonly requireFalsePositiveDocs: true;
+        readonly requireHumanReviewedProvenance: false;
+    };
+    readonly stable: {
+        readonly minConditions: 3;
+        readonly minTruePositives: 5;
+        readonly minTrueNegatives: 5;
+        readonly minEvasionTests: 3;
+        readonly requireOwasp: true;
+        readonly requireMitre: true;
+        readonly requireFalsePositiveDocs: true;
+        readonly requireHumanReviewedProvenance: true;
+    };
+};
+/**
+ * Validate a rule against the quality bar for a target maturity level.
+ *
+ * @param rule - Rule metadata
+ * @param target - Target maturity level to validate against (default: rule.maturity)
+ * @returns Gate result with passed/failed and human-readable issues
+ */
+export declare function validateRuleMeetsStandard(rule: RuleMetadata, target?: Maturity): QualityGateResult;
+/**
+ * Public accessor for the requirements table.
+ * Useful for documentation generators and UIs that display the quality bar.
+ */
+export declare function getRequirements(): typeof REQUIREMENTS;
+export {};
+//# sourceMappingURL=quality-gate.d.ts.map

package/dist/quality/quality-gate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"quality-gate.d.ts","sourceRoot":"","sources":["../../src/quality/quality-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EACV,QAAQ,EAER,iBAAiB,EACjB,YAAY,EACb,MAAM,YAAY,CAAC;AAEpB;;;;;;;GAOG;AACH,QAAA,MAAM,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+BR,CAAC;AAQX;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,YAAY,EAClB,MAAM,CAAC,EAAE,QAAQ,GAChB,iBAAiB,CAiFnB;AAMD;;;GAGG;AACH,wBAAgB,eAAe,IAAI,OAAO,YAAY,CAErD"}

package/dist/quality/quality-gate.js

@@ -0,0 +1,140 @@
+/**
+ * ATR Quality Standard — Quality Gate
+ *
+ * Checks whether a rule meets the minimum quality bar for a target maturity
+ * level. Used by TC crystallization pipeline to reject weak LLM-generated
+ * rules before they enter the proposal pipeline.
+ *
+ * See docs/proposals/001-atr-quality-standard-rfc.md §3 for the required
+ * metadata matrix.
+ *
+ * @module agent-threat-rules/quality/quality-gate
+ */
+/**
+ * Minimum requirements for each maturity level.
+ * Thresholds match RFC-001 §3. Adjust here to tune the bar.
+ *
+ * The experimental gate uses 3/3 (matching Cisco-merge practice) and
+ * accepts any provenance (auto-generated OK). The stable gate requires
+ * 5/5 with 3 evasion tests AND human-reviewed provenance for MITRE/OWASP.
+ */
+const REQUIREMENTS = {
+    draft: {
+        minConditions: 1,
+        minTruePositives: 1,
+        minTrueNegatives: 1,
+        minEvasionTests: 0,
+        requireOwasp: false,
+        requireMitre: false,
+        requireFalsePositiveDocs: false,
+        requireHumanReviewedProvenance: false,
+    },
+    experimental: {
+        minConditions: 3,
+        minTruePositives: 3, // 3/3 matches Cisco-merge practice
+        minTrueNegatives: 3,
+        minEvasionTests: 0, // warning, not blocker
+        requireOwasp: true,
+        requireMitre: true,
+        requireFalsePositiveDocs: true,
+        requireHumanReviewedProvenance: false, // auto-generated OK for experimental
+    },
+    stable: {
+        minConditions: 3,
+        minTruePositives: 5,
+        minTrueNegatives: 5,
+        minEvasionTests: 3, // hard requirement
+        requireOwasp: true,
+        requireMitre: true,
+        requireFalsePositiveDocs: true,
+        requireHumanReviewedProvenance: true, // stable demands verified provenance
+    },
+};
+/** Provenance values that count as "verified" for stable promotion */
+const VERIFIED_PROVENANCE = [
+    "human-reviewed",
+    "community-contributed",
+];
+/**
+ * Validate a rule against the quality bar for a target maturity level.
+ *
+ * @param rule - Rule metadata
+ * @param target - Target maturity level to validate against (default: rule.maturity)
+ * @returns Gate result with passed/failed and human-readable issues
+ */
+export function validateRuleMeetsStandard(rule, target) {
+    const level = target ?? rule.maturity;
+    // Deprecated rules are always valid (they're being retired, not used)
+    if (level === "deprecated") {
+        return { passed: true, issues: [], warnings: [] };
+    }
+    const req = REQUIREMENTS[level];
+    const issues = [];
+    const warnings = [];
+    if (rule.conditions < req.minConditions) {
+        issues.push(`only ${rule.conditions} detection condition(s) (need ${req.minConditions}+)`);
+    }
+    if (rule.truePositives < req.minTruePositives) {
+        issues.push(`only ${rule.truePositives} true_positive(s) (need ${req.minTruePositives}+)`);
+    }
+    if (rule.trueNegatives < req.minTrueNegatives) {
+        issues.push(`only ${rule.trueNegatives} true_negative(s) (need ${req.minTrueNegatives}+)`);
+    }
+    if (req.minEvasionTests > 0 && rule.evasionTests < req.minEvasionTests) {
+        issues.push(`only ${rule.evasionTests} evasion_test(s) (need ${req.minEvasionTests}+)`);
+    }
+    else if (rule.evasionTests < 3 && level === "experimental") {
+        warnings.push(`only ${rule.evasionTests} evasion_test(s) — recommend 3+ for stable promotion`);
+    }
+    if (req.requireOwasp && !rule.hasOwaspRef) {
+        issues.push("missing OWASP reference (LLM Top 10 or Agentic Top 10)");
+    }
+    if (req.requireMitre && !rule.hasMitreRef) {
+        issues.push("missing MITRE reference (ATLAS or ATT&CK)");
+    }
+    if (req.requireFalsePositiveDocs && !rule.hasFalsePositiveDocs) {
+        issues.push("missing false_positives documentation");
+    }
+    // Stable promotion requires human-verified provenance on key fields
+    if (req.requireHumanReviewedProvenance) {
+        const p = rule.provenance ?? {};
+        const mitreProvenance = p.mitre_atlas ?? p.mitre_attack;
+        const owaspProvenance = p.owasp_llm ?? p.owasp_agentic;
+        if (rule.hasMitreRef && mitreProvenance && !isVerified(mitreProvenance)) {
+            issues.push(`MITRE reference is "${mitreProvenance}" — stable requires human-reviewed or community-contributed`);
+        }
+        if (rule.hasOwaspRef && owaspProvenance && !isVerified(owaspProvenance)) {
+            issues.push(`OWASP reference is "${owaspProvenance}" — stable requires human-reviewed or community-contributed`);
+        }
+    }
+    else {
+        // experimental/draft: surface provenance as warning so consumers can see it
+        const p = rule.provenance ?? {};
+        const autoFields = [];
+        if (p.mitre_atlas === "auto-generated")
+            autoFields.push("mitre_atlas");
+        if (p.owasp_llm === "auto-generated")
+            autoFields.push("owasp_llm");
+        if (p.owasp_agentic === "auto-generated")
+            autoFields.push("owasp_agentic");
+        if (autoFields.length > 0) {
+            warnings.push(`auto-generated provenance on: ${autoFields.join(", ")} — needs human review for stable`);
+        }
+    }
+    return {
+        passed: issues.length === 0,
+        issues,
+        warnings,
+    };
+}
+function isVerified(p) {
+    return VERIFIED_PROVENANCE.includes(p);
+}
+/**
+ * Public accessor for the requirements table.
+ * Useful for documentation generators and UIs that display the quality bar.
+ */
+export function getRequirements() {
+    return REQUIREMENTS;
+}
+//# sourceMappingURL=quality-gate.js.map

package/dist/quality/quality-gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"quality-gate.js","sourceRoot":"","sources":["../../src/quality/quality-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AASH;;;;;;;GAOG;AACH,MAAM,YAAY,GAAG;IACnB,KAAK,EAAE;QACL,aAAa,EAAE,CAAC;QAChB,gBAAgB,EAAE,CAAC;QACnB,gBAAgB,EAAE,CAAC;QACnB,eAAe,EAAE,CAAC;QAClB,YAAY,EAAE,KAAK;QACnB,YAAY,EAAE,KAAK;QACnB,wBAAwB,EAAE,KAAK;QAC/B,8BAA8B,EAAE,KAAK;KACtC;IACD,YAAY,EAAE;QACZ,aAAa,EAAE,CAAC;QAChB,gBAAgB,EAAE,CAAC,EAAE,mCAAmC;QACxD,gBAAgB,EAAE,CAAC;QACnB,eAAe,EAAE,CAAC,EAAE,uBAAuB;QAC3C,YAAY,EAAE,IAAI;QAClB,YAAY,EAAE,IAAI;QAClB,wBAAwB,EAAE,IAAI;QAC9B,8BAA8B,EAAE,KAAK,EAAE,qCAAqC;KAC7E;IACD,MAAM,EAAE;QACN,aAAa,EAAE,CAAC;QAChB,gBAAgB,EAAE,CAAC;QACnB,gBAAgB,EAAE,CAAC;QACnB,eAAe,EAAE,CAAC,EAAE,mBAAmB;QACvC,YAAY,EAAE,IAAI;QAClB,YAAY,EAAE,IAAI;QAClB,wBAAwB,EAAE,IAAI;QAC9B,8BAA8B,EAAE,IAAI,EAAE,qCAAqC;KAC5E;CACO,CAAC;AAEX,sEAAsE;AACtE,MAAM,mBAAmB,GAA0B;IACjD,gBAAgB;IAChB,uBAAuB;CACxB,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,UAAU,yBAAyB,CACvC,IAAkB,EAClB,MAAiB;IAEjB,MAAM,KAAK,GAAG,MAAM,IAAI,IAAI,CAAC,QAAQ,CAAC;IAEtC,sEAAsE;IACtE,IAAI,KAAK,KAAK,YAAY,EAAE,CAAC;QAC3B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACpD,CAAC;IAED,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IAChC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,IAAI,IAAI,CAAC,UAAU,GAAG,GAAG,CAAC,aAAa,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CACT,QAAQ,IAAI,CAAC,UAAU,iCAAiC,GAAG,CAAC,aAAa,IAAI,CAC9E,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC9C,MAAM,CAAC,IAAI,CACT,QAAQ,IAAI,CAAC,aAAa,2BAA2B,GAAG,CAAC,gBAAgB,IAAI,CAC9E,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC9C,MAAM,CAAC,IAAI,CACT,QAAQ,IAAI,CAAC,aAAa,2BAA2B,GAAG,CAAC,gBAAgB,IAAI,CAC9E,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,CAAC,eAAe,GAAG,CAAC,IAAI,IAAI,CAAC,YAAY,GAAG,GAAG,CAAC,eAAe,EAAE,CAAC;QACvE,MAAM,CAAC,IAAI,CACT,QAAQ,IAAI,CAAC,YAAY,0BAA0B,GAAG,CAAC,eAAe,IAAI,CAC3E,CAAC;IACJ,CAAC;SAAM,IAAI,IAAI,CAAC,YAAY,GAAG,CAAC,IAAI,KAAK,KAAK,cAAc,EAAE,CAAC;QAC7D,QAAQ,CAAC,IAAI,CACX,QAAQ,IAAI,CAAC,YAAY,sDAAsD,CAChF,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,CAAC,YAAY,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,GAAG,CAAC,YAAY,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;IAC3D,CAAC;IACD,IAAI,GAAG,CAAC,wBAAwB,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;IACvD,CAAC;IAED,oEAAoE;IACpE,IAAI,GAAG,CAAC,8BAA8B,EAAE,CAAC;QACvC,MAAM,CAAC,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC;QAChC,MAAM,eAAe,GAAG,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,YAAY,CAAC;QACxD,MAAM,eAAe,GAAG,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,aAAa,CAAC;QAEvD,IAAI,IAAI,CAAC,WAAW,IAAI,eAAe,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACxE,MAAM,CAAC,IAAI,CACT,uBAAuB,eAAe,6DAA6D,CACpG,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,WAAW,IAAI,eAAe,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;YACxE,MAAM,CAAC,IAAI,CACT,uBAAuB,eAAe,6DAA6D,CACpG,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,4EAA4E;QAC5E,MAAM,CAAC,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC;QAChC,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,IAAI,CAAC,CAAC,WAAW,KAAK,gBAAgB;YAAE,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACvE,IAAI,CAAC,CAAC,SAAS,KAAK,gBAAgB;YAAE,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACnE,IAAI,CAAC,CAAC,aAAa,KAAK,gBAAgB;YAAE,UAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC3E,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,QAAQ,CAAC,IAAI,CACX,iCAAiC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,kCAAkC,CACzF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC3B,MAAM;QACN,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,CAAa;IAC/B,OAAO,mBAAmB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AACzC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe;IAC7B,OAAO,YAAY,CAAC;AACtB,CAAC"}

package/dist/quality/types.d.ts

@@ -0,0 +1,129 @@
+/**
+ * ATR Quality Standard — Type Definitions
+ *
+ * Vendor-neutral types for rule quality scoring and maturity validation.
+ * See docs/proposals/001-atr-quality-standard-rfc.md for the full RFC.
+ *
+ * @module agent-threat-rules/quality/types
+ */
+/** Rule maturity level — matches ATR schema and RFC-001 §1 */
+export type Maturity = "draft" | "experimental" | "stable" | "deprecated";
+/**
+ * Provenance of a metadata field.
+ * RFC-001 §4: two-dimensional compliance model.
+ *
+ * - `human-reviewed`: a human maintainer verified this mapping/content
+ * - `community-contributed`: submitted via PR by an external contributor
+ * - `auto-generated`: filled by a script or LLM without human review
+ * - `llm-generated`: produced by the TC crystallization flywheel
+ *
+ * The quality gate treats these differently:
+ *  - experimental gate accepts any provenance
+ *  - stable gate requires `human-reviewed` or `community-contributed`
+ */
+export type Provenance = "human-reviewed" | "community-contributed" | "auto-generated" | "llm-generated";
+/**
+ * Per-field provenance tracking.
+ * Each metadata field can have its own provenance so partially-reviewed
+ * rules are represented accurately.
+ */
+export interface MetadataProvenance {
+    readonly mitre_atlas?: Provenance;
+    readonly mitre_attack?: Provenance;
+    readonly owasp_llm?: Provenance;
+    readonly owasp_agentic?: Provenance;
+    readonly test_cases?: Provenance;
+    readonly evasion_tests?: Provenance;
+    readonly false_positives?: Provenance;
+}
+/**
+ * Minimal metadata required to score and validate a rule.
+ * Any vendor's rule format can be adapted to this interface via a parser.
+ */
+export interface RuleMetadata {
+    /** Unique rule identifier */
+    readonly id: string;
+    /** Human-readable title */
+    readonly title: string;
+    /** Current maturity level */
+    readonly maturity: Maturity;
+    /** Number of distinct detection conditions (layers) */
+    readonly conditions: number;
+    /** Count of true_positive test cases */
+    readonly truePositives: number;
+    /** Count of true_negative test cases */
+    readonly trueNegatives: number;
+    /** Count of documented evasion tests */
+    readonly evasionTests: number;
+    /** Has at least one OWASP reference (LLM Top 10 or Agentic Top 10) */
+    readonly hasOwaspRef: boolean;
+    /** Has at least one MITRE reference (ATLAS or ATT&CK) */
+    readonly hasMitreRef: boolean;
+    /** Has at least one documented false_positive pattern */
+    readonly hasFalsePositiveDocs: boolean;
+    /** Number of real-world samples validated against this rule */
+    readonly wildSamples?: number;
+    /** Measured false positive rate on wild samples (0.0 - 100.0) */
+    readonly wildFpRate?: number;
+    /** ISO date of last wild validation run */
+    readonly wildValidatedAt?: string;
+    /** True if the rule was generated by an LLM (not human-authored) */
+    readonly llmGenerated?: boolean;
+    /** True if a human reviewer has explicitly approved this rule */
+    readonly humanReviewed?: boolean;
+    /** Per-field provenance tracking (RFC-001 §4) */
+    readonly provenance?: MetadataProvenance;
+}
+/** Confidence score components and total */
+export interface ConfidenceScore {
+    /** Overall score 0-100, rounded to integer */
+    readonly total: number;
+    /** Precision component (weight 0.40) */
+    readonly precisionScore: number;
+    /** Wild validation component (weight 0.30) */
+    readonly wildValidationScore: number;
+    /** Coverage breadth component (weight 0.20) */
+    readonly coverageScore: number;
+    /** Evasion documentation component (weight 0.10) */
+    readonly evasionScore: number;
+    /** True if score was capped due to LLM-generated origin without human review */
+    readonly capped: boolean;
+}
+/** Result of running a rule through the quality gate */
+export interface QualityGateResult {
+    /** True if the rule meets all required criteria for its target maturity */
+    readonly passed: boolean;
+    /** Human-readable list of gate failures (empty if passed) */
+    readonly issues: readonly string[];
+    /** Warnings that do not block promotion but should be addressed */
+    readonly warnings: readonly string[];
+}
+/** Decision output from canPromote() */
+export interface PromotionDecision {
+    /** True if the rule is eligible to promote to `to` */
+    readonly eligible: boolean;
+    /** The maturity level this decision is for */
+    readonly to: Maturity;
+    /** Reasons the rule is not eligible (empty if eligible) */
+    readonly blockers: readonly string[];
+}
+/** A false positive report used in demotion decisions */
+export interface FpReport {
+    /** ISO timestamp of the report */
+    readonly reportedAt: string;
+    /** Whether this report has been investigated and resolved */
+    readonly resolved: boolean;
+}
+/** Decision output from shouldDemote() */
+export interface DemotionDecision {
+    /** True if the rule should be automatically demoted */
+    readonly shouldDemote: boolean;
+    /** Reasons for demotion (empty if shouldDemote is false) */
+    readonly reasons: readonly string[];
+}
+/**
+ * Deployment guidance based on confidence score.
+ * Maps confidence to a recommended production use.
+ */
+export type DeploymentRecommendation = "block-in-production" | "block-with-monitoring" | "alert-only" | "evaluation-only" | "do-not-deploy";
+//# sourceMappingURL=types.d.ts.map

package/dist/quality/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/quality/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,8DAA8D;AAC9D,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,cAAc,GAAG,QAAQ,GAAG,YAAY,CAAC;AAE1E;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,UAAU,GAClB,gBAAgB,GAChB,uBAAuB,GACvB,gBAAgB,GAChB,eAAe,CAAC;AAEpB;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,WAAW,CAAC,EAAE,UAAU,CAAC;IAClC,QAAQ,CAAC,YAAY,CAAC,EAAE,UAAU,CAAC;IACnC,QAAQ,CAAC,SAAS,CAAC,EAAE,UAAU,CAAC;IAChC,QAAQ,CAAC,aAAa,CAAC,EAAE,UAAU,CAAC;IACpC,QAAQ,CAAC,UAAU,CAAC,EAAE,UAAU,CAAC;IACjC,QAAQ,CAAC,aAAa,CAAC,EAAE,UAAU,CAAC;IACpC,QAAQ,CAAC,eAAe,CAAC,EAAE,UAAU,CAAC;CACvC;AAED;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B,6BAA6B;IAC7B,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,2BAA2B;IAC3B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,6BAA6B;IAC7B,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,uDAAuD;IACvD,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,wCAAwC;IACxC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,wCAAwC;IACxC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,wCAAwC;IACxC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,sEAAsE;IACtE,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,yDAAyD;IACzD,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,yDAAyD;IACzD,QAAQ,CAAC,oBAAoB,EAAE,OAAO,CAAC;IACvC,+DAA+D;IAC/D,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,iEAAiE;IACjE,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,2CAA2C;IAC3C,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;IAClC,oEAAoE;IACpE,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;IAChC,iEAAiE;IACjE,QAAQ,CAAC,aAAa,CAAC,EAAE,OAAO,CAAC;IACjC,iDAAiD;IACjD,QAAQ,CAAC,UAAU,CAAC,EAAE,kBAAkB,CAAC;CAC1C;AAED,4CAA4C;AAC5C,MAAM,WAAW,eAAe;IAC9B,8CAA8C;IAC9C,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,wCAAwC;IACxC,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,8CAA8C;IAC9C,QAAQ,CAAC,mBAAmB,EAAE,MAAM,CAAC;IACrC,+CAA+C;IAC/C,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,oDAAoD;IACpD,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,gFAAgF;IAChF,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC;CAC1B;AAED,wDAAwD;AACxD,MAAM,WAAW,iBAAiB;IAChC,2EAA2E;IAC3E,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC;IACzB,6DAA6D;IAC7D,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,mEAAmE;IACnE,QAAQ,CAAC,QAAQ,EAAE,SAAS,MAAM,EAAE,CAAC;CACtC;AAED,wCAAwC;AACxC,MAAM,WAAW,iBAAiB;IAChC,sDAAsD;IACtD,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;IAC3B,8CAA8C;IAC9C,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC;IACtB,2DAA2D;IAC3D,QAAQ,CAAC,QAAQ,EAAE,SAAS,MAAM,EAAE,CAAC;CACtC;AAED,yDAAyD;AACzD,MAAM,WAAW,QAAQ;IACvB,kCAAkC;IAClC,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,6DAA6D;IAC7D,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC;CAC5B;AAED,0CAA0C;AAC1C,MAAM,WAAW,gBAAgB;IAC/B,uDAAuD;IACvD,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC;IAC/B,4DAA4D;IAC5D,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;CACrC;AAED;;;GAGG;AACH,MAAM,MAAM,wBAAwB,GAChC,qBAAqB,GACrB,uBAAuB,GACvB,YAAY,GACZ,iBAAiB,GACjB,eAAe,CAAC"}

package/dist/quality/types.js

@@ -0,0 +1,10 @@
+/**
+ * ATR Quality Standard — Type Definitions
+ *
+ * Vendor-neutral types for rule quality scoring and maturity validation.
+ * See docs/proposals/001-atr-quality-standard-rfc.md for the full RFC.
+ *
+ * @module agent-threat-rules/quality/types
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/quality/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/quality/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG"}