agent-threat-rules 3.3.1 → 3.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (354) hide show
  1. package/README.md +29 -13
  2. package/dist/cli.js +23 -0
  3. package/dist/cli.js.map +1 -1
  4. package/dist/engine.d.ts +49 -2
  5. package/dist/engine.d.ts.map +1 -1
  6. package/dist/engine.js +188 -51
  7. package/dist/engine.js.map +1 -1
  8. package/dist/loader.d.ts.map +1 -1
  9. package/dist/loader.js +6 -0
  10. package/dist/loader.js.map +1 -1
  11. package/dist/quality/rule-contract.d.ts +65 -0
  12. package/dist/quality/rule-contract.d.ts.map +1 -0
  13. package/dist/quality/rule-contract.js +97 -0
  14. package/dist/quality/rule-contract.js.map +1 -0
  15. package/dist/trace-evaluator.d.ts.map +1 -1
  16. package/dist/trace-evaluator.js +58 -20
  17. package/dist/trace-evaluator.js.map +1 -1
  18. package/dist/types.d.ts +2 -0
  19. package/dist/types.d.ts.map +1 -1
  20. package/package.json +5 -3
  21. package/rules/agent-manipulation/ATR-2026-00030-cross-agent-attack.yaml +2 -1
  22. package/rules/agent-manipulation/ATR-2026-00032-goal-hijacking.yaml +2 -2
  23. package/rules/agent-manipulation/ATR-2026-00074-cross-agent-privilege-escalation.yaml +1 -1
  24. package/rules/agent-manipulation/ATR-2026-00076-inter-agent-message-spoofing.yaml +1 -1
  25. package/rules/agent-manipulation/ATR-2026-00077-human-trust-exploitation.yaml +1 -1
  26. package/rules/agent-manipulation/ATR-2026-00117-agent-identity-spoofing.yaml +2 -2
  27. package/rules/agent-manipulation/ATR-2026-00416-litellm-mcp-unauthenticated-server-registration.yaml +1 -1
  28. package/rules/agent-manipulation/ATR-2026-00417-librechat-mcp-stdio-injection.yaml +2 -2
  29. package/rules/agent-manipulation/ATR-2026-00418-weknora-mcp-config-rce.yaml +2 -2
  30. package/rules/agent-manipulation/ATR-2026-00430-nl-trust-escalation-impersonation.yaml +1 -1
  31. package/rules/agent-manipulation/ATR-2026-00552-goal-drift-after-pressure-injection.yaml +1 -1
  32. package/rules/context-exfiltration/ATR-2026-00020-system-prompt-leak.yaml +1 -1
  33. package/rules/context-exfiltration/ATR-2026-00075-agent-memory-manipulation.yaml +1 -0
  34. package/rules/context-exfiltration/ATR-2026-00162-skill-credential-exfil-combo.yaml +2 -2
  35. package/rules/context-exfiltration/ATR-2026-00201-credential-pipe-exfiltration.yaml +1 -1
  36. package/rules/context-exfiltration/ATR-2026-00212-mcp-atlassian-credential-leak.yaml +2 -2
  37. package/rules/context-exfiltration/ATR-2026-00405-markdown-image-url-exfiltration-xss.yaml +1 -1
  38. package/rules/context-exfiltration/ATR-2026-00411-apikey-generation-completion-request.yaml +1 -1
  39. package/rules/context-exfiltration/ATR-2026-00422-nl-credential-disclosure.yaml +1 -1
  40. package/rules/context-exfiltration/ATR-2026-00423-nl-sensitive-file-disclosure.yaml +1 -1
  41. package/rules/context-exfiltration/ATR-2026-00426-nl-output-injection-credential-leak.yaml +1 -1
  42. package/rules/context-exfiltration/ATR-2026-00449-spring-ai-chatmemory-cross-user-leak.yaml +1 -1
  43. package/rules/context-exfiltration/ATR-2026-00471-garak-sysprompt-extraction-mixedunassigned.yaml +1 -1
  44. package/rules/context-exfiltration/ATR-2026-00501-data-exfiltration-via-markdown-image-and-link-url-injection.yaml +1 -1
  45. package/rules/context-exfiltration/ATR-2026-00504-tool-and-function-capability-enumeration.yaml +1 -1
  46. package/rules/context-exfiltration/ATR-2026-00505-system-prompt-extraction-instruction-dump-request.yaml +5 -1
  47. package/rules/context-exfiltration/ATR-2026-00514-system-prompt-extraction.yaml +1 -1
  48. package/rules/context-exfiltration/ATR-2026-00516-output-xss-via-llm.yaml +1 -1
  49. package/rules/context-exfiltration/ATR-2026-00524-claude-code-anthropic-base-url-credential-exfil.yaml +2 -2
  50. package/rules/context-exfiltration/ATR-2026-00548-cross-agent-session-context-leak.yaml +1 -1
  51. package/rules/context-exfiltration/ATR-2026-00578-zen-mcp-path-traversal-blacklist-bypass.yaml +201 -0
  52. package/rules/context-exfiltration/ATR-2026-00580-mcp-session-id-token-in-url-query.yaml +220 -0
  53. package/rules/context-exfiltration/ATR-2026-00583-mcp-env-secret-file-read-without-consent.yaml +218 -0
  54. package/rules/context-exfiltration/ATR-2026-00702-ipi-credential-exfil-via-agent-action.yaml +151 -0
  55. package/rules/context-exfiltration/ATR-2026-00703-ipi-financial-data-exfil-indirect.yaml +131 -0
  56. package/rules/context-exfiltration/ATR-2026-00704-ipi-medical-genetic-data-exfil.yaml +133 -0
  57. package/rules/context-exfiltration/ATR-2026-00705-ipi-location-address-browsing-exfil.yaml +127 -0
  58. package/rules/context-exfiltration/ATR-2026-00706-ipi-physical-biometric-exfil.yaml +137 -0
  59. package/rules/context-exfiltration/ATR-2026-00707-ipi-file-exfil-with-destroy-or-tamper.yaml +138 -0
  60. package/rules/context-exfiltration/ATR-2026-00850-indirect-pi-credential-exfil-email.yaml +132 -0
  61. package/rules/context-exfiltration/ATR-2026-00851-indirect-pi-financial-payment-exfil.yaml +122 -0
  62. package/rules/context-exfiltration/ATR-2026-00852-indirect-pi-medical-record-exfil.yaml +134 -0
  63. package/rules/context-exfiltration/ATR-2026-00853-indirect-pi-genetic-data-exfil.yaml +125 -0
  64. package/rules/context-exfiltration/ATR-2026-00854-indirect-pi-location-data-exfil.yaml +116 -0
  65. package/rules/context-exfiltration/ATR-2026-00855-indirect-pi-browsing-history-exfil.yaml +115 -0
  66. package/rules/context-exfiltration/ATR-2026-00856-indirect-pi-address-pii-exfil.yaml +119 -0
  67. package/rules/context-exfiltration/ATR-2026-00857-indirect-pi-cloud-file-exfil.yaml +123 -0
  68. package/rules/context-exfiltration/ATR-2026-00858-indirect-pi-exfil-and-destroy.yaml +126 -0
  69. package/rules/context-exfiltration/ATR-2026-00859-rag-injected-pii-exfil.yaml +121 -0
  70. package/rules/context-exfiltration/ATR-2026-00860-indirect-pi-financial-transfer-hijack.yaml +118 -0
  71. package/rules/context-exfiltration/ATR-2026-00861-indirect-pi-crypto-transfer-hijack.yaml +110 -0
  72. package/rules/context-exfiltration/ATR-2026-00862-indirect-pi-mfa-code-exfil.yaml +123 -0
  73. package/rules/context-exfiltration/ATR-2026-00863-shell-injection-data-exfil.yaml +124 -0
  74. package/rules/context-exfiltration/ATR-2026-01450-svg-onload-xss-injection.yaml +141 -0
  75. package/rules/context-exfiltration/ATR-2026-01451-img-onerror-xss-injection.yaml +147 -0
  76. package/rules/context-exfiltration/ATR-2026-01452-obfuscated-javascript-xss.yaml +143 -0
  77. package/rules/context-exfiltration/ATR-2026-01453-markdown-image-base64-exfil-carrier.yaml +156 -0
  78. package/rules/context-exfiltration/ATR-2026-01454-direct-markdown-exfil-payload.yaml +143 -0
  79. package/rules/context-exfiltration/ATR-2026-01455-new-instructions-injection-marker.yaml +145 -0
  80. package/rules/context-exfiltration/ATR-2026-01456-debug-cli-mode-sysprompt-extraction.yaml +156 -0
  81. package/rules/context-exfiltration/ATR-2026-01457-sysprompt-completion-clone-attack.yaml +166 -0
  82. package/rules/context-exfiltration/ATR-2026-01458-compare-bots-sysprompt-fishing.yaml +138 -0
  83. package/rules/context-exfiltration/ATR-2026-01459-variable-clone-sysprompt-technique.yaml +130 -0
  84. package/rules/context-exfiltration/ATR-2026-01460-json-format-sysprompt-extraction.yaml +138 -0
  85. package/rules/context-exfiltration/ATR-2026-01461-foreign-language-sysprompt-request.yaml +188 -0
  86. package/rules/context-exfiltration/ATR-2026-01462-sysprompt-override-pseudo-admin.yaml +170 -0
  87. package/rules/context-exfiltration/ATR-2026-01463-imend-imsystem-prompt-injection-format.yaml +147 -0
  88. package/rules/context-exfiltration/ATR-2026-01464-indirect-pi-sysprompt-action-hijack.yaml +133 -0
  89. package/rules/context-exfiltration/ATR-2026-01605-ssrf-aws-metadata-endpoint.yaml +126 -0
  90. package/rules/context-exfiltration/ATR-2026-01606-ssrf-internal-network-scan.yaml +115 -0
  91. package/rules/context-exfiltration/ATR-2026-01607-ssrf-localhost-service-probe.yaml +106 -0
  92. package/rules/context-exfiltration/ATR-2026-01608-ssrf-file-scheme-local-read.yaml +111 -0
  93. package/rules/context-exfiltration/ATR-2026-01753-ransom-email-exfil-delete-extortion.yaml +135 -0
  94. package/rules/context-exfiltration/ATR-2026-01754-ransom-file-cloud-exfil-delete-extortion.yaml +125 -0
  95. package/rules/context-exfiltration/ATR-2026-01770-semantic-pii-credential-extraction.yaml +354 -0
  96. package/rules/context-exfiltration/ATR-2026-01772-semantic-internal-state-recon.yaml +276 -0
  97. package/rules/context-exfiltration/ATR-2026-01807-asb-bulk-data-exfil-external.yaml +142 -0
  98. package/rules/context-exfiltration/ATR-2026-01862-llmail-email-tool-exfil-confirmation.yaml +156 -0
  99. package/rules/context-exfiltration/ATR-2026-01863-llmail-post-summary-exfil-directive.yaml +144 -0
  100. package/rules/context-exfiltration/ATR-2026-01864-llmail-obfuscated-exfil-address.yaml +143 -0
  101. package/rules/context-exfiltration/ATR-2026-01890-file-exfiltration.yaml +189 -0
  102. package/rules/context-exfiltration/ATR-2026-01891-surveillance-exfiltration.yaml +127 -0
  103. package/rules/context-exfiltration/ATR-2026-01892-env-exfiltration.yaml +161 -0
  104. package/rules/context-exfiltration/ATR-2026-01893-system-recon-exfiltration.yaml +183 -0
  105. package/rules/context-exfiltration/ATR-2026-01894-cookie-theft.yaml +186 -0
  106. package/rules/context-exfiltration/ATR-2026-01895-contact-exfiltration.yaml +122 -0
  107. package/rules/context-exfiltration/ATR-2026-01924-system-instruction-extraction-reformat.yaml +177 -0
  108. package/rules/context-exfiltration/ATR-2026-01929-mcp-unauthenticated-transport-token-fallback.yaml +188 -0
  109. package/rules/data-poisoning/ATR-2026-00070-data-poisoning.yaml +1 -1
  110. package/rules/data-poisoning/ATR-2026-00570-sql-injection-in-agent-tool-query.yaml +1 -1
  111. package/rules/data-poisoning/ATR-2026-01155-memory-plant-direct-command.yaml +143 -0
  112. package/rules/data-poisoning/ATR-2026-01774-semantic-rag-memory-poisoning.yaml +345 -0
  113. package/rules/excessive-autonomy/ATR-2026-00050-runaway-agent-loop.yaml +2 -2
  114. package/rules/excessive-autonomy/ATR-2026-00051-resource-exhaustion.yaml +3 -3
  115. package/rules/excessive-autonomy/ATR-2026-00052-cascading-failure.yaml +2 -2
  116. package/rules/excessive-autonomy/ATR-2026-00098-unauthorized-financial-action.yaml +3 -3
  117. package/rules/excessive-autonomy/ATR-2026-00099-high-risk-tool-gate.yaml +1 -1
  118. package/rules/excessive-autonomy/ATR-2026-00428-nl-unauthorized-shell-execution.yaml +1 -1
  119. package/rules/excessive-autonomy/ATR-2026-00491-garak-agent-breaker-markdown-just-raw-json.yaml +5 -1
  120. package/rules/excessive-autonomy/ATR-2026-00500-ssrf-via-agent-url-fetch-instruction.yaml +1 -1
  121. package/rules/excessive-autonomy/ATR-2026-00708-ipi-financial-transfer-unauthorized.yaml +138 -0
  122. package/rules/excessive-autonomy/ATR-2026-00709-ipi-disable-auth-mfa.yaml +119 -0
  123. package/rules/excessive-autonomy/ATR-2026-00710-ipi-physical-access-grant.yaml +128 -0
  124. package/rules/excessive-autonomy/ATR-2026-00711-ipi-system-sabotage-destructive-command.yaml +142 -0
  125. package/rules/excessive-autonomy/ATR-2026-00712-ipi-malicious-package-install.yaml +133 -0
  126. package/rules/excessive-autonomy/ATR-2026-00713-ipi-rce-network-shell-command.yaml +150 -0
  127. package/rules/excessive-autonomy/ATR-2026-00718-tool-misuse-financial-autonomous.yaml +120 -0
  128. package/rules/excessive-autonomy/ATR-2026-00719-tool-misuse-destructive-bulk-action.yaml +126 -0
  129. package/rules/excessive-autonomy/ATR-2026-00722-ipi-account-manipulation-emergency-pretext.yaml +136 -0
  130. package/rules/excessive-autonomy/ATR-2026-01751-indirect-pi-task-abort-stop-instruction.yaml +127 -0
  131. package/rules/excessive-autonomy/ATR-2026-01752-indirect-pi-captcha-redirect-dos.yaml +124 -0
  132. package/rules/excessive-autonomy/ATR-2026-01773-semantic-excessive-agency-action.yaml +246 -0
  133. package/rules/excessive-autonomy/ATR-2026-01801-asb-autonomous-vehicle-sabotage.yaml +159 -0
  134. package/rules/excessive-autonomy/ATR-2026-01804-asb-covert-unlogged-action.yaml +162 -0
  135. package/rules/excessive-autonomy/ATR-2026-01805-asb-financial-fraud-execution.yaml +171 -0
  136. package/rules/excessive-autonomy/ATR-2026-01806-asb-clinical-patient-harm.yaml +163 -0
  137. package/rules/excessive-autonomy/ATR-2026-01809-semantic-insider-manipulation-process-corruption.yaml +219 -0
  138. package/rules/excessive-autonomy/ATR-2026-01837-ddos-attack-orchestration.yaml +86 -0
  139. package/rules/excessive-autonomy/ATR-2026-01838-unauthorized-cryptominer-deployment.yaml +86 -0
  140. package/rules/excessive-autonomy/ATR-2026-01849-harassment-bot-deployment.yaml +86 -0
  141. package/rules/model-abuse/ATR-2026-00413-malwaregen-code-generation-request.yaml +3 -2
  142. package/rules/model-abuse/ATR-2026-00502-training-data-extraction-via-divergent-repetition-attack.yaml +5 -1
  143. package/rules/model-abuse/ATR-2026-00517-model-extraction-distillation.yaml +1 -1
  144. package/rules/model-abuse/ATR-2026-01750-dos-repeat-word-n-times-output-amplification.yaml +136 -0
  145. package/rules/model-abuse/ATR-2026-01760-dos-forced-infinite-output-token-flood.yaml +124 -0
  146. package/rules/model-abuse/ATR-2026-01830-stolen-credential-account-drain.yaml +94 -0
  147. package/rules/model-abuse/ATR-2026-01831-money-laundering-crypto-layering.yaml +90 -0
  148. package/rules/model-abuse/ATR-2026-01833-darknet-controlled-substance-procurement.yaml +101 -0
  149. package/rules/model-abuse/ATR-2026-01834-fraudulent-identity-document-procurement.yaml +86 -0
  150. package/rules/model-abuse/ATR-2026-01835-human-trafficking-facilitation.yaml +86 -0
  151. package/rules/model-abuse/ATR-2026-01836-trojanized-software-distribution.yaml +90 -0
  152. package/rules/model-abuse/ATR-2026-01840-extremist-propaganda-distribution.yaml +89 -0
  153. package/rules/model-abuse/ATR-2026-01841-deepfake-disinformation.yaml +96 -0
  154. package/rules/model-abuse/ATR-2026-01842-plagiarism-detector-evasion.yaml +85 -0
  155. package/rules/model-abuse/ATR-2026-01843-drug-dealing-detection-evasion-spelling.yaml +86 -0
  156. package/rules/model-abuse/ATR-2026-01844-illegitimate-prescription-fulfillment.yaml +86 -0
  157. package/rules/model-abuse/ATR-2026-01845-banned-ingredient-relabel-fraud.yaml +90 -0
  158. package/rules/model-abuse/ATR-2026-01846-tax-evasion-offshore-shell-planning.yaml +86 -0
  159. package/rules/model-abuse/ATR-2026-01847-immigration-work-fraud.yaml +86 -0
  160. package/rules/model-abuse/ATR-2026-01848-illicit-drug-marketplace-build.yaml +86 -0
  161. package/rules/model-abuse/ATR-2026-01850-targeted-doxxing-threat-campaign.yaml +100 -0
  162. package/rules/model-abuse/ATR-2026-01851-bestiality-content-distribution.yaml +82 -0
  163. package/rules/model-abuse/ATR-2026-01852-romance-scam-impersonation.yaml +86 -0
  164. package/rules/model-abuse/ATR-2026-01853-nonconsensual-leaked-media-distribution.yaml +86 -0
  165. package/rules/model-abuse/ATR-2026-01854-falsified-research-abstract-disinformation.yaml +82 -0
  166. package/rules/model-abuse/ATR-2026-01855-content-misappropriation-republish.yaml +90 -0
  167. package/rules/model-abuse/ATR-2026-01856-targeted-harmful-content-generation.yaml +142 -0
  168. package/rules/model-abuse/ATR-2026-01896-ransomware.yaml +124 -0
  169. package/rules/model-abuse/ATR-2026-01897-host-sabotage.yaml +169 -0
  170. package/rules/model-abuse/ATR-2026-01898-network-dos.yaml +133 -0
  171. package/rules/model-security/ATR-2026-00072-model-behavior-extraction.yaml +2 -2
  172. package/rules/model-security/ATR-2026-00073-malicious-finetuning-data.yaml +1 -1
  173. package/rules/model-security/ATR-2026-00433-modelcache-torch-load-deserialization-rce.yaml +2 -2
  174. package/rules/privilege-escalation/ATR-2026-00041-scope-creep.yaml +1 -1
  175. package/rules/privilege-escalation/ATR-2026-00436-enclave-vm-sandbox-escape-rce.yaml +1 -0
  176. package/rules/privilege-escalation/ATR-2026-00451-litellm-admin-sqli-cisa-kev.yaml +1 -1
  177. package/rules/privilege-escalation/ATR-2026-00539-crewai-codeinterpreter-sandbox-escape-rce.yaml +1 -0
  178. package/rules/privilege-escalation/ATR-2026-00549-destructive-tool-without-human-approval.yaml +1 -1
  179. package/rules/privilege-escalation/ATR-2026-00551-cross-conversation-memory-write.yaml +2 -3
  180. package/rules/privilege-escalation/ATR-2026-01600-sql-injection-tautology-rbac-bypass.yaml +113 -0
  181. package/rules/privilege-escalation/ATR-2026-01601-sql-injection-destructive-ddl.yaml +118 -0
  182. package/rules/privilege-escalation/ATR-2026-01602-sql-injection-union-select-exfil.yaml +118 -0
  183. package/rules/privilege-escalation/ATR-2026-01603-sql-injection-stacked-dml-abuse.yaml +109 -0
  184. package/rules/privilege-escalation/ATR-2026-01604-sql-injection-schema-enumeration.yaml +105 -0
  185. package/rules/privilege-escalation/ATR-2026-01609-shell-injection-exfil-webhook.yaml +123 -0
  186. package/rules/privilege-escalation/ATR-2026-01610-shell-evasion-subshell-injection.yaml +114 -0
  187. package/rules/privilege-escalation/ATR-2026-01611-shell-evasion-eval-exec-injection.yaml +125 -0
  188. package/rules/privilege-escalation/ATR-2026-01612-debug-mode-privilege-escalation.yaml +119 -0
  189. package/rules/privilege-escalation/ATR-2026-01613-rbac-bypass-social-engineering.yaml +161 -0
  190. package/rules/privilege-escalation/ATR-2026-01614-bola-cross-user-data-access.yaml +141 -0
  191. package/rules/privilege-escalation/ATR-2026-01615-sandbox-escape-command-injection.yaml +120 -0
  192. package/rules/privilege-escalation/ATR-2026-01616-path-traversal-agent-file-access.yaml +106 -0
  193. package/rules/privilege-escalation/ATR-2026-01802-asb-backdoor-surveillance-implant.yaml +146 -0
  194. package/rules/privilege-escalation/ATR-2026-01803-asb-covert-server-intrusion.yaml +164 -0
  195. package/rules/privilege-escalation/ATR-2026-01808-asb-synthetic-pan-payment-probe.yaml +136 -0
  196. package/rules/privilege-escalation/ATR-2026-01899-remote-access-backdoor.yaml +152 -0
  197. package/rules/prompt-injection/ATR-2026-00001-direct-prompt-injection.yaml +1 -0
  198. package/rules/prompt-injection/ATR-2026-00002-indirect-prompt-injection.yaml +1 -0
  199. package/rules/prompt-injection/ATR-2026-00003-jailbreak-attempt.yaml +1 -1
  200. package/rules/prompt-injection/ATR-2026-00004-system-prompt-override.yaml +11 -2
  201. package/rules/prompt-injection/ATR-2026-00005-multi-turn-injection.yaml +1 -1
  202. package/rules/prompt-injection/ATR-2026-00104-persona-hijacking.yaml +1 -1
  203. package/rules/prompt-injection/ATR-2026-00203-context-pollution-skill-description.yaml +1 -1
  204. package/rules/prompt-injection/ATR-2026-00245-malicious-persona.yaml +10 -10
  205. package/rules/prompt-injection/ATR-2026-00297-python-code-execution-rce.yaml +1 -1
  206. package/rules/prompt-injection/ATR-2026-00397-snowball-impossible-reasoning-injection.yaml +1 -1
  207. package/rules/prompt-injection/ATR-2026-00401-leakreplay-cloze-mask-training-data-elicitation.yaml +1 -1
  208. package/rules/prompt-injection/ATR-2026-00420-copilot-studio-sharepoint-indirect-injection.yaml +3 -3
  209. package/rules/prompt-injection/ATR-2026-00442-quoted-exact-output-forcing.yaml +1 -0
  210. package/rules/prompt-injection/ATR-2026-00445-translation-hijack-with-side-output.yaml +1 -1
  211. package/rules/prompt-injection/ATR-2026-00447-fictional-generation-containing-target.yaml +1 -1
  212. package/rules/prompt-injection/ATR-2026-00452-direct-pwned-payload-injection.yaml +1 -1
  213. package/rules/prompt-injection/ATR-2026-00453-secret-key-reveal-demand.yaml +1 -1
  214. package/rules/prompt-injection/ATR-2026-00454-backslash-per-character-encoding.yaml +1 -1
  215. package/rules/prompt-injection/ATR-2026-00456-conditional-empty-input-injection.yaml +1 -1
  216. package/rules/prompt-injection/ATR-2026-00465-garak-dan-your-prompt-here.yaml +1 -1
  217. package/rules/prompt-injection/ATR-2026-00472-garak-dan-are-going-to.yaml +1 -1
  218. package/rules/prompt-injection/ATR-2026-00485-garak-dan-and-does-not.yaml +1 -1
  219. package/rules/prompt-injection/ATR-2026-00490-garak-dan-in-order-to.yaml +4 -0
  220. package/rules/prompt-injection/ATR-2026-00492-garak-dan-want-you-to.yaml +3 -3
  221. package/rules/prompt-injection/ATR-2026-00495-garak-dan-insert-prompt-here.yaml +5 -1
  222. package/rules/prompt-injection/ATR-2026-00499-garak-dan-from-now-on.yaml +4 -0
  223. package/rules/prompt-injection/ATR-2026-00506-nevermind-override-goal-hijacking-in-user-input-promptinject.yaml +1 -1
  224. package/rules/prompt-injection/ATR-2026-00508-escape-delimiter-wrapped-goal-hijacking-in-user-input-prompt.yaml +4 -0
  225. package/rules/prompt-injection/ATR-2026-00510-delayed-tool-invocation-injection.yaml +1 -1
  226. package/rules/prompt-injection/ATR-2026-00550-untrusted-retrieval-to-privileged-tool.yaml +1 -1
  227. package/rules/prompt-injection/ATR-2026-00579-mcp-tool-description-line-jumping-injection.yaml +214 -0
  228. package/rules/prompt-injection/ATR-2026-00584-indirect-injection-via-tool-response.yaml +234 -0
  229. package/rules/prompt-injection/ATR-2026-00700-structured-data-payload-injection.yaml +135 -0
  230. package/rules/prompt-injection/ATR-2026-00701-ipi-tool-output-xss-injection.yaml +121 -0
  231. package/rules/prompt-injection/ATR-2026-01000-context-ignore-fake-completion-prefix.yaml +123 -0
  232. package/rules/prompt-injection/ATR-2026-01001-direct-pi-instruction-override-secret-key.yaml +130 -0
  233. package/rules/prompt-injection/ATR-2026-01002-role-escalation-false-authority-claim.yaml +132 -0
  234. package/rules/prompt-injection/ATR-2026-01005-many-shot-repetition-override.yaml +117 -0
  235. package/rules/prompt-injection/ATR-2026-01006-payload-split-string-concat-injection.yaml +135 -0
  236. package/rules/prompt-injection/ATR-2026-01007-token-repeat-flooding-injection.yaml +117 -0
  237. package/rules/prompt-injection/ATR-2026-01009-virtual-world-bypass-fictional-pii.yaml +120 -0
  238. package/rules/prompt-injection/ATR-2026-01012-encoding-evasion-decode-execute.yaml +132 -0
  239. package/rules/prompt-injection/ATR-2026-01013-language-evasion-multilingual-credential.yaml +175 -0
  240. package/rules/prompt-injection/ATR-2026-01015-evasion-refusal-suppression.yaml +133 -0
  241. package/rules/prompt-injection/ATR-2026-01016-evasion-response-priming-forced-opener.yaml +121 -0
  242. package/rules/prompt-injection/ATR-2026-01017-evasion-dual-response-split-output.yaml +123 -0
  243. package/rules/prompt-injection/ATR-2026-01018-evasion-shell-injection-eval.yaml +212 -0
  244. package/rules/prompt-injection/ATR-2026-01019-sysprompt-override-fake-diagnostic-mode.yaml +146 -0
  245. package/rules/prompt-injection/ATR-2026-01020-spikee-doc-embedded-base64-payload.yaml +116 -0
  246. package/rules/prompt-injection/ATR-2026-01021-spikee-doc-embedded-translation-injection.yaml +114 -0
  247. package/rules/prompt-injection/ATR-2026-01023-evasion-opposite-intent-negation-trick.yaml +116 -0
  248. package/rules/prompt-injection/ATR-2026-01024-evasion-persona-override-rule-breaker.yaml +126 -0
  249. package/rules/prompt-injection/ATR-2026-01025-evasion-hypothetical-fictional-execution-framing.yaml +140 -0
  250. package/rules/prompt-injection/ATR-2026-01026-evasion-unicode-glitch-token-anomaly.yaml +131 -0
  251. package/rules/prompt-injection/ATR-2026-01304-indirect-injection-carrier-important-override.yaml +141 -0
  252. package/rules/prompt-injection/ATR-2026-01757-hypothetical-framing-bypass-research-audit.yaml +130 -0
  253. package/rules/prompt-injection/ATR-2026-01758-hypothetical-fictional-story-bypass.yaml +153 -0
  254. package/rules/prompt-injection/ATR-2026-01759-dos-new-important-instructions-injection-in-document.yaml +124 -0
  255. package/rules/prompt-injection/ATR-2026-01771-semantic-jailbreak-framing.yaml +291 -0
  256. package/rules/prompt-injection/ATR-2026-01800-asb-trigger-marker-tool-coercion.yaml +155 -0
  257. package/rules/prompt-injection/ATR-2026-01860-llmail-chat-template-boundary-spoof.yaml +142 -0
  258. package/rules/prompt-injection/ATR-2026-01861-llmail-pseudo-xml-role-injection.yaml +140 -0
  259. package/rules/prompt-injection/ATR-2026-01865-llmail-fake-email-boundary-marker.yaml +137 -0
  260. package/rules/prompt-injection/ATR-2026-01900-output-encoding.yaml +178 -0
  261. package/rules/prompt-injection/ATR-2026-01901-output-scrambling.yaml +169 -0
  262. package/rules/prompt-injection/ATR-2026-01902-output-emoji.yaml +112 -0
  263. package/rules/prompt-injection/ATR-2026-01903-output-language.yaml +105 -0
  264. package/rules/prompt-injection/ATR-2026-01904-link-injection.yaml +126 -0
  265. package/rules/prompt-injection/ATR-2026-01905-promotional-injection.yaml +108 -0
  266. package/rules/prompt-injection/ATR-2026-01906-content-manipulation.yaml +175 -0
  267. package/rules/prompt-injection/ATR-2026-01920-access-grant-coercion.yaml +160 -0
  268. package/rules/prompt-injection/ATR-2026-01921-access-denial-inversion.yaml +155 -0
  269. package/rules/prompt-injection/ATR-2026-01922-authorization-state-spoofing.yaml +160 -0
  270. package/rules/prompt-injection/ATR-2026-01923-forged-input-boundary-markers.yaml +160 -0
  271. package/rules/prompt-injection/ATR-2026-01925-encoded-payload-decoding-coercion.yaml +177 -0
  272. package/rules/prompt-injection/ATR-2026-01926-cross-lingual-authorization-laundering.yaml +149 -0
  273. package/rules/skill-compromise/ATR-2026-00060-skill-impersonation.yaml +2 -1
  274. package/rules/skill-compromise/ATR-2026-00061-description-behavior-mismatch.yaml +2 -2
  275. package/rules/skill-compromise/ATR-2026-00062-hidden-capability.yaml +1 -1
  276. package/rules/skill-compromise/ATR-2026-00063-skill-chain-attack.yaml +2 -2
  277. package/rules/skill-compromise/ATR-2026-00065-skill-update-attack.yaml +1 -1
  278. package/rules/skill-compromise/ATR-2026-00120-skill-instruction-injection.yaml +1 -1
  279. package/rules/skill-compromise/ATR-2026-00121-skill-dangerous-script.yaml +1 -1
  280. package/rules/skill-compromise/ATR-2026-00122-skill-weaponized-instruction.yaml +1 -1
  281. package/rules/skill-compromise/ATR-2026-00123-skill-overreach-permissions.yaml +1 -1
  282. package/rules/skill-compromise/ATR-2026-00124-skill-name-squatting.yaml +1 -1
  283. package/rules/skill-compromise/ATR-2026-00125-context-poisoning-compaction.yaml +2 -1
  284. package/rules/skill-compromise/ATR-2026-00126-skill-rug-pull-setup.yaml +2 -1
  285. package/rules/skill-compromise/ATR-2026-00127-subcommand-overflow.yaml +1 -1
  286. package/rules/skill-compromise/ATR-2026-00128-html-comment-hidden-payload.yaml +1 -1
  287. package/rules/skill-compromise/ATR-2026-00129-unicode-smuggling.yaml +1 -1
  288. package/rules/skill-compromise/ATR-2026-00134-fork-claim-impersonation.yaml +1 -1
  289. package/rules/skill-compromise/ATR-2026-00135-exfil-url-in-instructions.yaml +1 -1
  290. package/rules/skill-compromise/ATR-2026-00147-fork-impersonation.yaml +1 -1
  291. package/rules/skill-compromise/ATR-2026-00149-skill-exfil-compound.yaml +1 -1
  292. package/rules/skill-compromise/ATR-2026-00151-fork-impersonation-install.yaml +1 -1
  293. package/rules/skill-compromise/ATR-2026-00200-agent-memory-config-tampering.yaml +1 -1
  294. package/rules/skill-compromise/ATR-2026-00214-credential-theft.yaml +1 -1
  295. package/rules/skill-compromise/ATR-2026-00260-package-hallucination.yaml +1 -1
  296. package/rules/skill-compromise/ATR-2026-00262-av-evasion-code-gen.yaml +1 -1
  297. package/rules/skill-compromise/ATR-2026-00263-credential-file-read-gen.yaml +1 -1
  298. package/rules/skill-compromise/ATR-2026-00266-malware-dropper-gen.yaml +1 -1
  299. package/rules/skill-compromise/ATR-2026-00398-huggingface-unsafe-model-artifact-load.yaml +2 -2
  300. package/rules/skill-compromise/ATR-2026-00425-nl-persistent-covert-hook.yaml +2 -2
  301. package/rules/skill-compromise/ATR-2026-00427-nl-fake-error-instruction-bypass.yaml +1 -1
  302. package/rules/skill-compromise/ATR-2026-00429-nl-skill-self-modification.yaml +2 -2
  303. package/rules/skill-compromise/ATR-2026-00523-claude-code-hooks-session-start-pre-trust-rce.yaml +1 -1
  304. package/rules/skill-compromise/ATR-2026-00525-mini-shai-hulud-gh-token-monitor-persistence.yaml +1 -1
  305. package/rules/skill-compromise/ATR-2026-00527-skill-silent-git-remote-mirror-exfiltration.yaml +1 -1
  306. package/rules/skill-compromise/ATR-2026-01755-backdoor-pot-linguistic-trigger-phrase.yaml +148 -0
  307. package/rules/skill-compromise/ATR-2026-01756-backdoor-pot-symbol-emoticon-trigger.yaml +147 -0
  308. package/rules/tool-poisoning/ATR-2026-00010-mcp-malicious-response.yaml +2 -2
  309. package/rules/tool-poisoning/ATR-2026-00011-tool-output-injection.yaml +2 -2
  310. package/rules/tool-poisoning/ATR-2026-00012-unauthorized-tool-call.yaml +1 -1
  311. package/rules/tool-poisoning/ATR-2026-00100-consent-bypass-instruction.yaml +1 -1
  312. package/rules/tool-poisoning/ATR-2026-00101-trust-escalation-override.yaml +1 -1
  313. package/rules/tool-poisoning/ATR-2026-00103-hidden-safety-bypass-instruction.yaml +2 -1
  314. package/rules/tool-poisoning/ATR-2026-00105-silent-action-concealment.yaml +1 -1
  315. package/rules/tool-poisoning/ATR-2026-00106-schema-description-contradiction.yaml +1 -1
  316. package/rules/tool-poisoning/ATR-2026-00161-important-tag-cross-tool-shadowing.yaml +3 -2
  317. package/rules/tool-poisoning/ATR-2026-00209-mcpwn-runaway-invocation.yaml +2 -2
  318. package/rules/tool-poisoning/ATR-2026-00210-flowise-system-message-override.yaml +2 -2
  319. package/rules/tool-poisoning/ATR-2026-00415-flowise-custom-mcp-stdio-rce.yaml +1 -1
  320. package/rules/tool-poisoning/ATR-2026-00419-cursor-mcp-zero-click-config.yaml +2 -2
  321. package/rules/tool-poisoning/ATR-2026-00434-mcp-remote-authorization-endpoint-command-injection.yaml +1 -1
  322. package/rules/tool-poisoning/ATR-2026-00435-azure-mcp-server-missing-authentication.yaml +1 -1
  323. package/rules/tool-poisoning/ATR-2026-00494-garak-exploitation-mixedunassigned.yaml +3 -3
  324. package/rules/tool-poisoning/ATR-2026-00513-package-hallucination-exploitation.yaml +1 -1
  325. package/rules/tool-poisoning/ATR-2026-00521-shell-command-injection-agent-tool-context.yaml +1 -1
  326. package/rules/tool-poisoning/ATR-2026-00522-sql-injection-natural-language-agent-interface.yaml +1 -1
  327. package/rules/tool-poisoning/ATR-2026-00526-claude-code-shell-metachar-in-double-quoted-path.yaml +1 -1
  328. package/rules/tool-poisoning/ATR-2026-00530-ms-agent-shell-tool-unsanitized-argv-rce.yaml +1 -1
  329. package/rules/tool-poisoning/ATR-2026-00531-praisonai-unauthenticated-agent-api.yaml +1 -1
  330. package/rules/tool-poisoning/ATR-2026-00536-nginx-ui-mcp-unauthenticated-command-execution.yaml +1 -1
  331. package/rules/tool-poisoning/ATR-2026-00537-fastmcp-server-name-cmd-injection-windows.yaml +1 -1
  332. package/rules/tool-poisoning/ATR-2026-00538-langchain-chatchat-mcp-stdio-unauthenticated-rce.yaml +1 -1
  333. package/rules/tool-poisoning/ATR-2026-00540-praisonai-parse-mcp-command-cli-injection.yaml +1 -1
  334. package/rules/tool-poisoning/ATR-2026-00543-litellm-mcp-server-argv-injection.yaml +1 -1
  335. package/rules/tool-poisoning/ATR-2026-00572-symjack-symlink-config-redirection.yaml +1 -1
  336. package/rules/tool-poisoning/ATR-2026-00575-miasma-npm-worm-agent-config-backdoor.yaml +1 -1
  337. package/rules/tool-poisoning/ATR-2026-00576-hades-agent-credential-theft.yaml +1 -1
  338. package/rules/tool-poisoning/ATR-2026-00577-create-mcp-server-stdio-exec-command-injection.yaml +186 -0
  339. package/rules/tool-poisoning/ATR-2026-00581-mcp-tool-rug-pull-post-approval-redefinition.yaml +210 -0
  340. package/rules/tool-poisoning/ATR-2026-00714-tool-camouflage-forced-tool-call.yaml +127 -0
  341. package/rules/tool-poisoning/ATR-2026-00715-tool-knowledge-hijack-identity-injection.yaml +143 -0
  342. package/rules/tool-poisoning/ATR-2026-00716-ipi-data-destruction-carrier.yaml +129 -0
  343. package/rules/tool-poisoning/ATR-2026-00720-tool-misuse-privilege-escalation-social.yaml +117 -0
  344. package/rules/tool-poisoning/ATR-2026-01300-mcp-notes-param-chat-history-exfil.yaml +150 -0
  345. package/rules/tool-poisoning/ATR-2026-01301-tool-description-exclusive-tool-override.yaml +140 -0
  346. package/rules/tool-poisoning/ATR-2026-01302-fake-tool-result-instruction-injection.yaml +134 -0
  347. package/rules/tool-poisoning/ATR-2026-01303-tool-schema-enumeration-social-engineering.yaml +170 -0
  348. package/rules/tool-poisoning/ATR-2026-01306-mcp-oauth-command-injection.yaml +134 -0
  349. package/rules/tool-poisoning/ATR-2026-01307-mcp-dns-rebinding-attack.yaml +140 -0
  350. package/rules/tool-poisoning/ATR-2026-01310-mcp-tool-description-compliance-history-exfil.yaml +162 -0
  351. package/rules/tool-poisoning/ATR-2026-01775-semantic-mcp-tool-manifest-poisoning.yaml +251 -0
  352. package/rules/tool-poisoning/ATR-2026-01927-mcp-server-kubernetes-kubectl-command-injection.yaml +171 -0
  353. package/rules/tool-poisoning/ATR-2026-01928-framelink-figma-mcp-curl-fallback-command-injection.yaml +230 -0
  354. package/spec/mappings/atr-to-nist-csf-2.0.md +12 -12
@@ -1 +1 @@
1
- {"version":3,"file":"loader.js","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,IAAI,MAAM,SAAS,CAAC;AAG3B;;GAEG;AACH,MAAM,aAAa,GAAG,SAAS,CAAC,CAAC,MAAM;AAEvC,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChC,IAAI,IAAI,CAAC,IAAI,GAAG,aAAa,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,aAAa,QAAQ,4BAA4B,IAAI,CAAC,IAAI,SAAS,CAAC,CAAC;IACvF,CAAC;IACD,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAY,CAAC;IAE7C,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,kDAAkD,CAAC,CAAC;IACrG,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAc,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;IAE1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;IACzI,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACzE,CAAC;IAED,cAAc;IACd,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACxE,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;IAC/E,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAwC,CAAC;IAC9D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,eAAe,GAAG;YACtB,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;YAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;YAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;SACpD,CAAC;QACF,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACxF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,CAAC,cAAc,CAAwC,CAAC;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB;YACvD,kBAAkB,EAAE,gBAAgB,EAAE,eAAe;YACrD,iBAAiB,EAAE,kBAAkB,EAAE,aAAa;SACrD,CAAC;QACF,IAAI,OAAO,WAAW,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzF,MAAM,CAAC,IAAI,CAAC,8BAA8B,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAwC,CAAC;IACxE,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAwC,CAAC;IACtE,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,CAAC,CAAC,YAAY,CAAwC,CAAC;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}
1
+ {"version":3,"file":"loader.js","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,IAAI,MAAM,SAAS,CAAC;AAE3B,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAE9D;;GAEG;AACH,MAAM,aAAa,GAAG,SAAS,CAAC,CAAC,MAAM;AAEvC,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChC,IAAI,IAAI,CAAC,IAAI,GAAG,aAAa,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,aAAa,QAAQ,4BAA4B,IAAI,CAAC,IAAI,SAAS,CAAC,CAAC;IACvF,CAAC;IACD,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAY,CAAC;IAE7C,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,uBAAuB,QAAQ,kDAAkD,CAAC,CAAC;IACrG,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,KAAK,GAAc,EAAE,CAAC;IAE5B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEhC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAClD,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAa;IACxC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,GAAG,IAA+B,CAAC;IAE1C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC;IACzI,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;QACtE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACzE,CAAC;IAED,cAAc;IACd,MAAM,aAAa,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IACxE,IAAI,OAAO,CAAC,CAAC,QAAQ,CAAC,KAAK,QAAQ,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,4EAA4E;IAC5E,KAAK,MAAM,CAAC,IAAI,gBAAgB,CAAC,CAA+E,CAAC,EAAE,CAAC;QAClH,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;IAED,gBAAgB;IAChB,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;IAC/E,IAAI,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAwC,CAAC;IAC9D,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,eAAe,GAAG;YACtB,kBAAkB,EAAE,gBAAgB,EAAE,sBAAsB;YAC5D,oBAAoB,EAAE,sBAAsB,EAAE,oBAAoB;YAClE,gBAAgB,EAAE,aAAa,EAAE,kBAAkB;SACpD,CAAC;QACF,IAAI,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACxF,MAAM,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,CAAC,cAAc,CAAwC,CAAC;IAC7E,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,WAAW,EAAE,cAAc,EAAE,gBAAgB;YACvD,kBAAkB,EAAE,gBAAgB,EAAE,eAAe;YACrD,iBAAiB,EAAE,kBAAkB,EAAE,aAAa;YACpD,aAAa;SACd,CAAC;QACF,IAAI,OAAO,WAAW,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YACzF,MAAM,CAAC,IAAI,CAAC,8BAA8B,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,CAAwC,CAAC;IACxE,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC9C,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAwC,CAAC;IACtE,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5E,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,CAAC,CAAC,YAAY,CAAwC,CAAC;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,MAAM,EAAE,GAAG,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC"}
@@ -0,0 +1,65 @@
1
+ /**
2
+ * ATR Rule Quality Contract — the single source of truth for what a rule's
3
+ * maturity means, which detection lane it may fire in, and whether its
4
+ * contract-level fields are valid.
5
+ *
6
+ * Every pipeline (the engine, the schema validators, rule producers, and the
7
+ * promotion gate) imports from HERE instead of reimplementing its own notion of
8
+ * "is this rule good / mature / allowed to block". Change the contract once and
9
+ * every consumer stays consistent; a new pipeline inherits it by importing.
10
+ *
11
+ * This module is PURE (no engine / corpus / IO dependency) so it can be imported
12
+ * everywhere without cycles. The precision/promotion GATES that need the engine +
13
+ * corpus live in `./rule-gates.ts`.
14
+ *
15
+ * @module agent-threat-rules/quality/rule-contract
16
+ */
17
+ /** Canonical maturity ladder. The ONLY allowed values; producers must emit one. */
18
+ export declare const MATURITIES: readonly ["draft", "experimental", "test", "stable", "deprecated"];
19
+ export type Maturity = (typeof MATURITIES)[number];
20
+ /** Detection lanes. enforce=auto-block, alert=analyst/correlation, hunt=advisory. */
21
+ export declare const LANES: readonly ["enforce", "alert", "hunt"];
22
+ export type Lane = (typeof LANES)[number];
23
+ /** Allowed values for a rule's `confirm` field (require a second-stage confirm). */
24
+ export declare const CONFIRM_METHODS: readonly ["embedding"];
25
+ export type ConfirmMethod = (typeof CONFIRM_METHODS)[number];
26
+ /**
27
+ * Detection methods for which `confirm: embedding` is meaningful — content-matching
28
+ * methods whose hit can be re-checked against attack-content similarity. `trace` and
29
+ * `behavioral` are intentionally EXCLUDED: their signal is structural/temporal, not
30
+ * content, so an embedding content-similarity confirm does not apply.
31
+ */
32
+ export declare const CONFIRM_COMPATIBLE_METHODS: readonly ["pattern", "signature", "semantic"];
33
+ /**
34
+ * Normalize a possibly-missing/empty/odd maturity to the canonical set.
35
+ * Safe-fail: anything unrecognized becomes 'experimental' (so a rule-authoring
36
+ * typo is treated as not-production, never silently reaching the enforce lane).
37
+ */
38
+ export declare function normalizeMaturity(m: unknown): Maturity;
39
+ /**
40
+ * Lane gate: may a rule of this maturity fire in this lane?
41
+ * enforce -> stable only (lowest FP; the auto-block lane)
42
+ * alert -> stable + test (analyst / correlation lane)
43
+ * hunt -> all (except deprecated) (advisory / eval; default)
44
+ * Self-contained: a `deprecated` maturity never fires in ANY lane (it is retired),
45
+ * so a consumer that calls this without the engine's status-skip can't misroute it.
46
+ */
47
+ export declare function laneAllows(maturity: unknown, lane: Lane): boolean;
48
+ /** Does a rule require embedding-confirmation before it may fire in enforce/alert? */
49
+ export declare function requiresConfirm(rule: {
50
+ confirm?: unknown;
51
+ }): boolean;
52
+ /**
53
+ * Structural validation of the contract-level fields (maturity + confirm).
54
+ * Returns a list of human-readable errors (empty = valid). Schema validators and
55
+ * the loader call this so an invalid maturity (e.g. the legacy `needs-human-poc`)
56
+ * or a bad `confirm` value can no longer pass silently.
57
+ */
58
+ export declare function validateContract(rule: {
59
+ maturity?: unknown;
60
+ confirm?: unknown;
61
+ detection?: {
62
+ method?: string;
63
+ };
64
+ }): string[];
65
+ //# sourceMappingURL=rule-contract.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rule-contract.d.ts","sourceRoot":"","sources":["../../src/quality/rule-contract.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,mFAAmF;AACnF,eAAO,MAAM,UAAU,oEAAqE,CAAC;AAC7F,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC;AAEnD,qFAAqF;AACrF,eAAO,MAAM,KAAK,uCAAwC,CAAC;AAC3D,MAAM,MAAM,IAAI,GAAG,CAAC,OAAO,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC;AAE1C,oFAAoF;AACpF,eAAO,MAAM,eAAe,wBAAyB,CAAC;AACtD,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC,MAAM,CAAC,CAAC;AAE7D;;;;;GAKG;AACH,eAAO,MAAM,0BAA0B,+CAAgD,CAAC;AAMxF;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,CAAC,EAAE,OAAO,GAAG,QAAQ,CAGtD;AAED;;;;;;;GAOG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAMjE;AAED,sFAAsF;AACtF,wBAAgB,eAAe,CAAC,IAAI,EAAE;IAAE,OAAO,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,OAAO,CAEpE;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE;IACrC,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACjC,GAAG,MAAM,EAAE,CA0BX"}
@@ -0,0 +1,97 @@
1
+ /**
2
+ * ATR Rule Quality Contract — the single source of truth for what a rule's
3
+ * maturity means, which detection lane it may fire in, and whether its
4
+ * contract-level fields are valid.
5
+ *
6
+ * Every pipeline (the engine, the schema validators, rule producers, and the
7
+ * promotion gate) imports from HERE instead of reimplementing its own notion of
8
+ * "is this rule good / mature / allowed to block". Change the contract once and
9
+ * every consumer stays consistent; a new pipeline inherits it by importing.
10
+ *
11
+ * This module is PURE (no engine / corpus / IO dependency) so it can be imported
12
+ * everywhere without cycles. The precision/promotion GATES that need the engine +
13
+ * corpus live in `./rule-gates.ts`.
14
+ *
15
+ * @module agent-threat-rules/quality/rule-contract
16
+ */
17
+ /** Canonical maturity ladder. The ONLY allowed values; producers must emit one. */
18
+ export const MATURITIES = ['draft', 'experimental', 'test', 'stable', 'deprecated'];
19
+ /** Detection lanes. enforce=auto-block, alert=analyst/correlation, hunt=advisory. */
20
+ export const LANES = ['enforce', 'alert', 'hunt'];
21
+ /** Allowed values for a rule's `confirm` field (require a second-stage confirm). */
22
+ export const CONFIRM_METHODS = ['embedding'];
23
+ /**
24
+ * Detection methods for which `confirm: embedding` is meaningful — content-matching
25
+ * methods whose hit can be re-checked against attack-content similarity. `trace` and
26
+ * `behavioral` are intentionally EXCLUDED: their signal is structural/temporal, not
27
+ * content, so an embedding content-similarity confirm does not apply.
28
+ */
29
+ export const CONFIRM_COMPATIBLE_METHODS = ['pattern', 'signature', 'semantic'];
30
+ const MATURITY_SET = new Set(MATURITIES);
31
+ const CONFIRM_SET = new Set(CONFIRM_METHODS);
32
+ const CONFIRM_METHOD_SET = new Set(CONFIRM_COMPATIBLE_METHODS);
33
+ /**
34
+ * Normalize a possibly-missing/empty/odd maturity to the canonical set.
35
+ * Safe-fail: anything unrecognized becomes 'experimental' (so a rule-authoring
36
+ * typo is treated as not-production, never silently reaching the enforce lane).
37
+ */
38
+ export function normalizeMaturity(m) {
39
+ const s = String(m ?? '').trim();
40
+ return MATURITY_SET.has(s) ? s : 'experimental';
41
+ }
42
+ /**
43
+ * Lane gate: may a rule of this maturity fire in this lane?
44
+ * enforce -> stable only (lowest FP; the auto-block lane)
45
+ * alert -> stable + test (analyst / correlation lane)
46
+ * hunt -> all (except deprecated) (advisory / eval; default)
47
+ * Self-contained: a `deprecated` maturity never fires in ANY lane (it is retired),
48
+ * so a consumer that calls this without the engine's status-skip can't misroute it.
49
+ */
50
+ export function laneAllows(maturity, lane) {
51
+ const m = normalizeMaturity(maturity);
52
+ if (m === 'deprecated')
53
+ return false; // retired — never fires, in any lane
54
+ if (lane === 'hunt')
55
+ return true;
56
+ if (lane === 'enforce')
57
+ return m === 'stable';
58
+ return m === 'stable' || m === 'test'; // alert
59
+ }
60
+ /** Does a rule require embedding-confirmation before it may fire in enforce/alert? */
61
+ export function requiresConfirm(rule) {
62
+ return String(rule.confirm ?? '') === 'embedding';
63
+ }
64
+ /**
65
+ * Structural validation of the contract-level fields (maturity + confirm).
66
+ * Returns a list of human-readable errors (empty = valid). Schema validators and
67
+ * the loader call this so an invalid maturity (e.g. the legacy `needs-human-poc`)
68
+ * or a bad `confirm` value can no longer pass silently.
69
+ */
70
+ export function validateContract(rule) {
71
+ const errors = [];
72
+ if (rule.maturity != null && !MATURITY_SET.has(String(rule.maturity).trim())) {
73
+ errors.push(`invalid maturity "${String(rule.maturity)}" (allowed: ${MATURITIES.join(', ')})`);
74
+ }
75
+ if (rule.confirm != null) {
76
+ if (!CONFIRM_SET.has(String(rule.confirm))) {
77
+ errors.push(`invalid confirm "${String(rule.confirm)}" (allowed: ${CONFIRM_METHODS.join(', ')})`);
78
+ }
79
+ // embedding-confirm only makes sense for content-matching methods.
80
+ const method = rule.detection?.method;
81
+ if (method != null && !CONFIRM_METHOD_SET.has(String(method))) {
82
+ errors.push(`confirm not supported for detection.method "${method}" (allowed: ${CONFIRM_COMPATIBLE_METHODS.join(', ')})`);
83
+ }
84
+ // Cross-field invariant: a rule that declares it needs confirmation must be
85
+ // mature enough to reach an enforcing lane — confirm on draft/experimental is
86
+ // incoherent (it would never actually be confirmed, since those don't fire in
87
+ // enforce/alert).
88
+ if (rule.maturity != null) {
89
+ const m = normalizeMaturity(rule.maturity);
90
+ if (m !== 'stable' && m !== 'test') {
91
+ errors.push(`confirm requires maturity stable or test, got "${String(rule.maturity)}"`);
92
+ }
93
+ }
94
+ }
95
+ return errors;
96
+ }
97
+ //# sourceMappingURL=rule-contract.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rule-contract.js","sourceRoot":"","sources":["../../src/quality/rule-contract.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,mFAAmF;AACnF,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,CAAU,CAAC;AAG7F,qFAAqF;AACrF,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,CAAU,CAAC;AAG3D,oFAAoF;AACpF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,WAAW,CAAU,CAAC;AAGtD;;;;;GAKG;AACH,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,SAAS,EAAE,WAAW,EAAE,UAAU,CAAU,CAAC;AAExF,MAAM,YAAY,GAAwB,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;AAC9D,MAAM,WAAW,GAAwB,IAAI,GAAG,CAAC,eAAe,CAAC,CAAC;AAClE,MAAM,kBAAkB,GAAwB,IAAI,GAAG,CAAC,0BAA0B,CAAC,CAAC;AAEpF;;;;GAIG;AACH,MAAM,UAAU,iBAAiB,CAAC,CAAU;IAC1C,MAAM,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACjC,OAAO,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,CAAc,CAAC,CAAC,CAAC,cAAc,CAAC;AAChE,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,UAAU,CAAC,QAAiB,EAAE,IAAU;IACtD,MAAM,CAAC,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACtC,IAAI,CAAC,KAAK,YAAY;QAAE,OAAO,KAAK,CAAC,CAAC,qCAAqC;IAC3E,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,IAAI,CAAC;IACjC,IAAI,IAAI,KAAK,SAAS;QAAE,OAAO,CAAC,KAAK,QAAQ,CAAC;IAC9C,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,MAAM,CAAC,CAAC,QAAQ;AACjD,CAAC;AAED,sFAAsF;AACtF,MAAM,UAAU,eAAe,CAAC,IAA2B;IACzD,OAAO,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,KAAK,WAAW,CAAC;AACpD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAIhC;IACC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;QAC7E,MAAM,CAAC,IAAI,CAAC,qBAAqB,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,eAAe,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjG,CAAC;IACD,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,EAAE,CAAC;QACzB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAC3C,MAAM,CAAC,IAAI,CAAC,oBAAoB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACpG,CAAC;QACD,mEAAmE;QACnE,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,MAAM,CAAC;QACtC,IAAI,MAAM,IAAI,IAAI,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAC9D,MAAM,CAAC,IAAI,CAAC,+CAA+C,MAAM,eAAe,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5H,CAAC;QACD,4EAA4E;QAC5E,8EAA8E;QAC9E,8EAA8E;QAC9E,kBAAkB;QAClB,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,EAAE,CAAC;YAC1B,MAAM,CAAC,GAAG,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,MAAM,EAAE,CAAC;gBACnC,MAAM,CAAC,IAAI,CAAC,kDAAkD,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;YAC1F,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"trace-evaluator.d.ts","sourceRoot":"","sources":["../src/trace-evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EACV,OAAO,EACP,QAAQ,EAMT,MAAM,YAAY,CAAC;AAqMpB,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,iBAAiB,EAAE,CAAC,QAAQ,GAAG,SAAS,GAAG,WAAW,CAAC,EAAE,CAAC;CAC3D;AAED;wCACwC;AACxC,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,GAAG,qBAAqB,CAmCvF"}
1
+ {"version":3,"file":"trace-evaluator.d.ts","sourceRoot":"","sources":["../src/trace-evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EACV,OAAO,EACP,QAAQ,EAMT,MAAM,YAAY,CAAC;AAyOpB,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,iBAAiB,EAAE,CAAC,QAAQ,GAAG,SAAS,GAAG,WAAW,CAAC,EAAE,CAAC;CAC3D;AAED;wCACwC;AACxC,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,QAAQ,GAAG,qBAAqB,CAmCvF"}
@@ -26,11 +26,28 @@ function resolvePlaceholder(value, candidateSpan) {
26
26
  }
27
27
  /** Read dotted-path attribute, e.g., "tool.args.target_conversation_id" */
28
28
  function readAttributePath(attrs, path) {
29
- // Try literal-key first (covers cases like "session.id" stored as a literal key with a dot)
29
+ // Fast path: exact literal key (covers "session.id" stored as a dotted literal key).
30
30
  if (path in attrs)
31
31
  return attrs[path];
32
- // Then walk dotted path
33
32
  const parts = path.split(".");
33
+ // Greedy: match the longest leading literal-key prefix, then descend into the
34
+ // remainder. Handles span attributes that MIX literal dotted keys (e.g.
35
+ // "tool.args") with nested objects (e.g. { target_conversation_id }), which a
36
+ // plain part-by-part walk from the root cannot traverse.
37
+ for (let n = parts.length; n >= 1; n--) {
38
+ const prefix = parts.slice(0, n).join(".");
39
+ if (prefix in attrs) {
40
+ const head = attrs[prefix];
41
+ const rest = parts.slice(n);
42
+ if (rest.length === 0)
43
+ return head;
44
+ if (head !== null && typeof head === "object") {
45
+ return readAttributePath(head, rest.join("."));
46
+ }
47
+ return undefined;
48
+ }
49
+ }
50
+ // Fallback: plain nested walk from the root (fully-nested attribute objects).
34
51
  let cur = attrs;
35
52
  for (const part of parts) {
36
53
  if (cur === null || cur === undefined)
@@ -53,35 +70,56 @@ function evaluatePredicate(predicate, value) {
53
70
  return value === predicate;
54
71
  }
55
72
  const pred = predicate;
56
- // Compound predicate object: { in: [...] } / { not_equals: X } / etc.
57
- if (Array.isArray(pred["in"]) && pred["in"].includes(value))
58
- return true;
59
- if (Array.isArray(pred["in"]) && !pred["in"].includes(value))
60
- return false;
61
- if (Array.isArray(pred["not_in"])) {
62
- return !pred["not_in"].includes(value);
63
- }
64
- if ("equals" in pred)
65
- return value === pred["equals"];
66
- if ("not_equals" in pred)
67
- return value !== pred["not_equals"];
73
+ // Compound predicate object: EVERY recognised operator present must hold (AND).
74
+ // e.g. { exists: true, not_equals: X } means "the attribute exists AND differs
75
+ // from X" (spec §8.3). Evaluating operators independently with first-match
76
+ // early-return is a bug: { exists: true, not_equals: X } against an absent
77
+ // attribute would wrongly pass on not_equals (undefined !== X) without ever
78
+ // checking exists.
79
+ let sawOperator = false;
80
+ if ("in" in pred) {
81
+ sawOperator = true;
82
+ if (!Array.isArray(pred["in"]) || !pred["in"].includes(value))
83
+ return false;
84
+ }
85
+ if ("not_in" in pred) {
86
+ sawOperator = true;
87
+ if (!Array.isArray(pred["not_in"]) || pred["not_in"].includes(value))
88
+ return false;
89
+ }
90
+ if ("equals" in pred) {
91
+ sawOperator = true;
92
+ if (value !== pred["equals"])
93
+ return false;
94
+ }
95
+ if ("not_equals" in pred) {
96
+ sawOperator = true;
97
+ if (value === pred["not_equals"])
98
+ return false;
99
+ }
68
100
  if ("exists" in pred) {
101
+ sawOperator = true;
69
102
  const requiredExists = Boolean(pred["exists"]);
70
- return requiredExists ? value !== undefined : value === undefined;
103
+ if (requiredExists ? value === undefined : value !== undefined)
104
+ return false;
71
105
  }
72
106
  if ("regex" in pred && typeof pred["regex"] === "string") {
107
+ sawOperator = true;
73
108
  try {
74
109
  const re = new RegExp(pred["regex"]);
75
- return typeof value === "string" && re.test(value);
110
+ if (!(typeof value === "string" && re.test(value)))
111
+ return false;
76
112
  }
77
113
  catch {
78
114
  return false;
79
115
  }
80
116
  }
81
- if (Object.keys(pred).length === 0)
82
- return true;
83
- // Unknown predicate object — strict: return false rather than assume.
84
- return false;
117
+ if (!sawOperator) {
118
+ // No recognised operator: empty object matches anything; otherwise strict-fail
119
+ // rather than assume.
120
+ return Object.keys(pred).length === 0;
121
+ }
122
+ return true;
85
123
  }
86
124
  /** Check if a span matches a shape. Handles literal values + predicate maps + placeholders. */
87
125
  function spanMatchesShape(span, shape) {
@@ -1 +1 @@
1
- {"version":3,"file":"trace-evaluator.js","sourceRoot":"","sources":["../src/trace-evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAYH,yFAAyF;AACzF,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC;AACxC,CAAC;AAED,iFAAiF;AACjF,SAAS,kBAAkB,CAAC,KAAc,EAAE,aAAsB;IAChE,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACxD,IAAI,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IACrB,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClB,OAAO,iBAAiB,CAAC,aAAa,CAAC,UAAU,IAAI,EAAE,EAAE,IAAI,CAAC,CAAC;AACjE,CAAC;AAED,2EAA2E;AAC3E,SAAS,iBAAiB,CAAC,KAA8B,EAAE,IAAY;IACrE,4FAA4F;IAC5F,IAAI,IAAI,IAAI,KAAK;QAAE,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC;IACtC,wBAAwB;IACxB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,GAAG,GAAY,KAAK,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,SAAS,CAAC;QACxD,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QAC9C,GAAG,GAAI,GAA+B,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,SAAS,CAAC;IAC1C,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,8EAA8E;AAC9E,SAAS,iBAAiB,CAAC,SAAkB,EAAE,KAAc;IAC3D,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAClD,OAAO,KAAK,KAAK,SAAS,CAAC;IAC7B,CAAC;IACD,mBAAmB;IACnB,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAClC,OAAO,KAAK,KAAK,SAAS,CAAC;IAC7B,CAAC;IACD,MAAM,IAAI,GAAG,SAAoC,CAAC;IAClD,sEAAsE;IACtE,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAK,IAAI,CAAC,IAAI,CAAe,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACxF,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAE,IAAI,CAAC,IAAI,CAAe,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1F,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAClC,OAAO,CAAE,IAAI,CAAC,QAAQ,CAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACxD,CAAC;IACD,IAAI,QAAQ,IAAI,IAAI;QAAE,OAAO,KAAK,KAAK,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtD,IAAI,YAAY,IAAI,IAAI;QAAE,OAAO,KAAK,KAAK,IAAI,CAAC,YAAY,CAAC,CAAC;IAC9D,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;QACrB,MAAM,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/C,OAAO,cAAc,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,CAAC;IACpE,CAAC;IACD,IAAI,OAAO,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;QACzD,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAW,CAAC,CAAC;YAC/C,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAChD,sEAAsE;IACtE,OAAO,KAAK,CAAC;AACf,CAAC;AAED,+FAA+F;AAC/F,SAAS,gBAAgB,CAAC,IAAa,EAAE,KAAmB;IAC1D,IAAI,KAAK,CAAC,WAAW,CAAC,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;QAC/B,IAAI,IAAI,KAAK,KAAK,CAAC,WAAW,CAAC;YAAE,OAAO,KAAK,CAAC;IAChD,CAAC;IACD,MAAM,cAAc,GAAG,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;IAC9C,KAAK,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QAC/D,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,IAAI,CAAC,CAAC;QAC9D,MAAM,QAAQ,GAAG,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACrD,0BAA0B;QAC1B,IACE,QAAQ,KAAK,IAAI;YACjB,OAAO,QAAQ,KAAK,QAAQ;YAC5B,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EACxB,CAAC;YACD,kDAAkD;YAClD,MAAM,YAAY,GAA4B,EAAE,CAAC;YACjD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAmC,CAAC,EAAE,CAAC;gBACzE,YAAY,CAAC,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAChD,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;gBAAE,OAAO,KAAK,CAAC;QAC7D,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,MAAM,CAAC;gBAAE,OAAO,KAAK,CAAC;QACzD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,uFAAuF;AACvF,SAAS,eAAe,CACtB,KAAe,EACf,SAAiB,EACjB,UAA4D;IAE5D,MAAM,MAAM,GACV,eAAe,IAAI,UAAU;QAC3B,CAAC,CAAE,UAAgD,CAAC,aAAa;QACjE,CAAC,CAAC,CAAC,UAA0B,CAAC,CAAC;IACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACzB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,gBAAgB,CAAC,CAAC,EAAE,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC9C,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,mFAAmF;AACnF,SAAS,cAAc,CAAC,KAAe,EAAE,MAAsB;IAC7D,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC;YAAE,SAAS;QACpD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YACvB,MAAM,cAAc,GAAG,eAAe,CAAC,KAAK,EAAE,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;YACrE,IAAI,cAAc,EAAE,CAAC;gBACnB,UAAU,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,EAAE,wCAAwC,CAAC,CAAC;YACnF,CAAC;QACH,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,EAAE,0BAA0B,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;mFACmF;AACnF,SAAS,eAAe,CAAC,KAAe,EAAE,GAAoB;IAC5D,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC;YAAE,SAAS;QACxD,MAAM,WAAW,GAAG,eAAe,CAAC,KAAK,EAAE,CAAC,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACvE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,UAAU,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,EAAE,yCAAyC,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,+EAA+E;AAC/E,SAAS,aAAa,CAAC,KAAe,EAAE,MAAmC;IACzE,MAAM,MAAM,GAAG,IAAI,GAAG,EAAqB,CAAC;IAC5C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,GAAuB,CAAC;QAC5B,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,GAAG,GAAG,KAAK,CAAC,QAAQ,IAAI,SAAS,CAAC;QACpC,CAAC;aAAM,IAAI,MAAM,KAAK,wBAAwB,EAAE,CAAC;YAC/C,GAAG,GAAG,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,wBAAwB,CAE1D,CAAC;QAChB,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,GAAG,GAAG,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,YAAY,CAAuB,CAAC;QACrF,CAAC;aAAM,IAAI,MAAM,KAAK,cAAc,EAAE,CAAC;YACrC,GAAG;gBACA,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,wBAAwB,CAAY;oBAC7E,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,iBAAiB,CAAY,CAAC;QAC5E,CAAC;QACD,IAAI,GAAG,KAAK,SAAS;YAAE,SAAS;QAChC,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,6CAA6C;AAC7C,SAAS,iBAAiB,CAAC,KAAe,EAAE,GAAsB;IAChE,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,aAAa,CAAC,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAChD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;QAC5C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,SAAS;QAC/B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAC7E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,CAAC,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;YACtE,0DAA0D;YAC1D,IAAI,QAAQ,KAAK,SAAS,IAAI,CAAC,KAAK,SAAS;gBAAE,SAAS;YACxD,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;gBACnB,UAAU,CAAC,IAAI,CACb,cAAc,GAAG,CAAC,SAAS,kBAAkB,GAAG,CAAC,MAAM,KAAK,GAAG,YAAY,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CACjJ,CAAC;gBACF,MAAM,CAAC,wCAAwC;YACjD,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAQD;wCACwC;AACxC,MAAM,UAAU,iBAAiB,CAAC,IAAa,EAAE,KAAe;IAC9D,MAAM,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;IAC/B,IAAI,CAAC,CAAC,EAAE,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAC;IACnE,CAAC;IACD,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,iBAAiB,GAA2C,EAAE,CAAC;IAErE,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzB,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,IAAI,EAAE,EAAE,CAAC;QAChC,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACpC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzB,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,CAAC,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;QACpC,MAAM,CAAC,GAAG,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzB,iBAAiB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,aAAa,CAAC,MAAM,GAAG,CAAC;QACjC,UAAU,EAAE,aAAa;QACzB,iBAAiB;KAClB,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"trace-evaluator.js","sourceRoot":"","sources":["../src/trace-evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAYH,yFAAyF;AACzF,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC;AACxC,CAAC;AAED,iFAAiF;AACjF,SAAS,kBAAkB,CAAC,KAAc,EAAE,aAAsB;IAChE,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACxD,IAAI,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IACrB,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClB,OAAO,iBAAiB,CAAC,aAAa,CAAC,UAAU,IAAI,EAAE,EAAE,IAAI,CAAC,CAAC;AACjE,CAAC;AAED,2EAA2E;AAC3E,SAAS,iBAAiB,CAAC,KAA8B,EAAE,IAAY;IACrE,qFAAqF;IACrF,IAAI,IAAI,IAAI,KAAK;QAAE,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,8EAA8E;IAC9E,wEAAwE;IACxE,8EAA8E;IAC9E,yDAAyD;IACzD,KAAK,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;YACpB,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;YAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YACnC,IAAI,IAAI,KAAK,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC9C,OAAO,iBAAiB,CAAC,IAA+B,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5E,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IACD,8EAA8E;IAC9E,IAAI,GAAG,GAAY,KAAK,CAAC;IACzB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,SAAS,CAAC;QACxD,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QAC9C,GAAG,GAAI,GAA+B,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,SAAS,CAAC;IAC1C,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,8EAA8E;AAC9E,SAAS,iBAAiB,CAAC,SAAkB,EAAE,KAAc;IAC3D,IAAI,SAAS,KAAK,IAAI,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;QAClD,OAAO,KAAK,KAAK,SAAS,CAAC;IAC7B,CAAC;IACD,mBAAmB;IACnB,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAClC,OAAO,KAAK,KAAK,SAAS,CAAC;IAC7B,CAAC;IACD,MAAM,IAAI,GAAG,SAAoC,CAAC;IAClD,gFAAgF;IAChF,+EAA+E;IAC/E,2EAA2E;IAC3E,2EAA2E;IAC3E,4EAA4E;IAC5E,mBAAmB;IACnB,IAAI,WAAW,GAAG,KAAK,CAAC;IACxB,IAAI,IAAI,IAAI,IAAI,EAAE,CAAC;QACjB,WAAW,GAAG,IAAI,CAAC;QACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAE,IAAI,CAAC,IAAI,CAAe,CAAC,QAAQ,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;IAC7F,CAAC;IACD,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;QACrB,WAAW,GAAG,IAAI,CAAC;QACnB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAK,IAAI,CAAC,QAAQ,CAAe,CAAC,QAAQ,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;IACpG,CAAC;IACD,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;QACrB,WAAW,GAAG,IAAI,CAAC;QACnB,IAAI,KAAK,KAAK,IAAI,CAAC,QAAQ,CAAC;YAAE,OAAO,KAAK,CAAC;IAC7C,CAAC;IACD,IAAI,YAAY,IAAI,IAAI,EAAE,CAAC;QACzB,WAAW,GAAG,IAAI,CAAC;QACnB,IAAI,KAAK,KAAK,IAAI,CAAC,YAAY,CAAC;YAAE,OAAO,KAAK,CAAC;IACjD,CAAC;IACD,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;QACrB,WAAW,GAAG,IAAI,CAAC;QACnB,MAAM,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/C,IAAI,cAAc,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS;YAAE,OAAO,KAAK,CAAC;IAC/E,CAAC;IACD,IAAI,OAAO,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;QACzD,WAAW,GAAG,IAAI,CAAC;QACnB,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAW,CAAC,CAAC;YAC/C,IAAI,CAAC,CAAC,OAAO,KAAK,KAAK,QAAQ,IAAI,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAAE,OAAO,KAAK,CAAC;QACnE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IACD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,+EAA+E;QAC/E,sBAAsB;QACtB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;IACxC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,+FAA+F;AAC/F,SAAS,gBAAgB,CAAC,IAAa,EAAE,KAAmB;IAC1D,IAAI,KAAK,CAAC,WAAW,CAAC,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;QAC/B,IAAI,IAAI,KAAK,KAAK,CAAC,WAAW,CAAC;YAAE,OAAO,KAAK,CAAC;IAChD,CAAC;IACD,MAAM,cAAc,GAAG,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC;IAC9C,KAAK,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;QAC/D,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,IAAI,CAAC,CAAC;QAC9D,MAAM,QAAQ,GAAG,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACrD,0BAA0B;QAC1B,IACE,QAAQ,KAAK,IAAI;YACjB,OAAO,QAAQ,KAAK,QAAQ;YAC5B,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EACxB,CAAC;YACD,kDAAkD;YAClD,MAAM,YAAY,GAA4B,EAAE,CAAC;YACjD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAmC,CAAC,EAAE,CAAC;gBACzE,YAAY,CAAC,CAAC,CAAC,GAAG,kBAAkB,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAChD,CAAC;YACD,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,MAAM,CAAC;gBAAE,OAAO,KAAK,CAAC;QAC7D,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,MAAM,CAAC;gBAAE,OAAO,KAAK,CAAC;QACzD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,uFAAuF;AACvF,SAAS,eAAe,CACtB,KAAe,EACf,SAAiB,EACjB,UAA4D;IAE5D,MAAM,MAAM,GACV,eAAe,IAAI,UAAU;QAC3B,CAAC,CAAE,UAAgD,CAAC,aAAa;QACjE,CAAC,CAAC,CAAC,UAA0B,CAAC,CAAC;IACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACzB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,gBAAgB,CAAC,CAAC,EAAE,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC9C,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,mFAAmF;AACnF,SAAS,cAAc,CAAC,KAAe,EAAE,MAAsB;IAC7D,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC;YAAE,SAAS;QACpD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YACvB,MAAM,cAAc,GAAG,eAAe,CAAC,KAAK,EAAE,CAAC,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;YACrE,IAAI,cAAc,EAAE,CAAC;gBACnB,UAAU,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,EAAE,wCAAwC,CAAC,CAAC;YACnF,CAAC;QACH,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,EAAE,0BAA0B,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;mFACmF;AACnF,SAAS,eAAe,CAAC,KAAe,EAAE,GAAoB;IAC5D,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC5B,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,GAAG,CAAC,YAAY,CAAC;YAAE,SAAS;QACxD,MAAM,WAAW,GAAG,eAAe,CAAC,KAAK,EAAE,CAAC,EAAE,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACvE,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,UAAU,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,EAAE,yCAAyC,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,+EAA+E;AAC/E,SAAS,aAAa,CAAC,KAAe,EAAE,MAAmC;IACzE,MAAM,MAAM,GAAG,IAAI,GAAG,EAAqB,CAAC;IAC5C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,GAAuB,CAAC;QAC5B,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,GAAG,GAAG,KAAK,CAAC,QAAQ,IAAI,SAAS,CAAC;QACpC,CAAC;aAAM,IAAI,MAAM,KAAK,wBAAwB,EAAE,CAAC;YAC/C,GAAG,GAAG,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,wBAAwB,CAE1D,CAAC;QAChB,CAAC;aAAM,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,GAAG,GAAG,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,YAAY,CAAuB,CAAC;QACrF,CAAC;aAAM,IAAI,MAAM,KAAK,cAAc,EAAE,CAAC;YACrC,GAAG;gBACA,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,wBAAwB,CAAY;oBAC7E,iBAAiB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,iBAAiB,CAAY,CAAC;QAC5E,CAAC;QACD,IAAI,GAAG,KAAK,SAAS;YAAE,SAAS;QAChC,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,6CAA6C;AAC7C,SAAS,iBAAiB,CAAC,KAAe,EAAE,GAAsB;IAChE,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,aAAa,CAAC,KAAK,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAChD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;QAC5C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,SAAS;QAC/B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAC7E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,CAAC,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,EAAE,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;YACtE,0DAA0D;YAC1D,IAAI,QAAQ,KAAK,SAAS,IAAI,CAAC,KAAK,SAAS;gBAAE,SAAS;YACxD,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;gBACnB,UAAU,CAAC,IAAI,CACb,cAAc,GAAG,CAAC,SAAS,kBAAkB,GAAG,CAAC,MAAM,KAAK,GAAG,YAAY,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CACjJ,CAAC;gBACF,MAAM,CAAC,wCAAwC;YACjD,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAQD;wCACwC;AACxC,MAAM,UAAU,iBAAiB,CAAC,IAAa,EAAE,KAAe;IAC9D,MAAM,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;IAC/B,IAAI,CAAC,CAAC,EAAE,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAC;IACnE,CAAC;IACD,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,iBAAiB,GAA2C,EAAE,CAAC;IAErE,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACnC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzB,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,IAAI,EAAE,EAAE,CAAC;QAChC,MAAM,CAAC,GAAG,eAAe,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QACpC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzB,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,CAAC,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;QACpC,MAAM,CAAC,GAAG,iBAAiB,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;YACzB,iBAAiB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,aAAa,CAAC,MAAM,GAAG,CAAC;QACjC,UAAU,EAAE,aAAa;QACzB,iBAAiB;KAClB,CAAC;AACJ,CAAC"}
package/dist/types.d.ts CHANGED
@@ -232,6 +232,8 @@ export interface ATRRule {
232
232
  schema_version?: string;
233
233
  detection_tier?: string;
234
234
  maturity?: string;
235
+ /** Require a second-stage confirmation before firing in enforce/alert lanes. */
236
+ confirm?: 'embedding';
235
237
  severity: ATRSeverity;
236
238
  references?: ATRReferences;
237
239
  tags: ATRTags;
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,MAAM,SAAS,GAAG,OAAO,GAAG,cAAc,GAAG,QAAQ,GAAG,YAAY,CAAC;AAE3E,MAAM,MAAM,WAAW,GACnB,UAAU,GACV,MAAM,GACN,QAAQ,GACR,KAAK,GACL,eAAe,CAAC;AAEpB,MAAM,MAAM,WAAW,GACnB,kBAAkB,GAClB,gBAAgB,GAChB,sBAAsB,GACtB,oBAAoB,GACpB,sBAAsB,GACtB,oBAAoB,GACpB,gBAAgB,GAChB,aAAa,GACb,kBAAkB,CAAC;AAEvB;;;;;GAKG;AACH,MAAM,MAAM,wBAAwB,GAChC,WAAW,GACX,QAAQ,GACR,SAAS,GACT,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;AAElB,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEtD,MAAM,MAAM,aAAa,GACrB,QAAQ,GACR,WAAW,GACX,cAAc,GACd,gBAAgB,GAChB,kBAAkB,GAClB,gBAAgB,GAChB,eAAe,GACf,iBAAiB,GACjB,kBAAkB,GAClB,aAAa,CAAC;AAElB,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG,OAAO,GAAG,OAAO,GAAG,aAAa,CAAC;AAE1E;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,WAAW,GACnB,IAAI,GACJ,SAAS,GACT,SAAS,GACT,IAAI,GACJ,IAAI,GACJ,IAAI,CAAC;AAET,MAAM,MAAM,WAAW,GACnB,IAAI,GACJ,IAAI,GACJ,IAAI,GACJ,KAAK,GACL,KAAK,GACL,yBAAyB,CAAC;AAE9B,MAAM,MAAM,SAAS,GACjB,aAAa,GACb,cAAc,GACd,YAAY,GACZ,oBAAoB,GACpB,eAAe,GACf,OAAO,GACP,QAAQ,GACR,UAAU,GACV,UAAU,GACV,oBAAoB,GACpB,YAAY,CAAC;AAEjB,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;CAChB;AAED,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;AAEjE,MAAM,WAAW,OAAO;IACtB,QAAQ,EAAE,WAAW,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,aAAa,CAAC;IAC3B,WAAW,CAAC,EAAE,aAAa,CAAC;CAC7B;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,aAAa,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,UAAU,EAAE,YAAY,CAAC;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,WAAW,CAAC;CACxB;AAED,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,WAAW,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,UAAU,CAAC,EAAE,YAAY,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,WAAW,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,eAAe,EAAE,CAAC;CAC1B;AAED,0EAA0E;AAC1E,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,+CAA+C;AAC/C,MAAM,MAAM,aAAa,GACrB,iBAAiB,EAAE,GACnB,MAAM,CACJ,MAAM,EACN,mBAAmB,GAAG,sBAAsB,GAAG,oBAAoB,CACpE,CAAC;AAEN,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,aAAa,CAAC;IAC1B,kGAAkG;IAClG,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,sEAAsE;IACtE,MAAM,CAAC,EAAE,SAAS,GAAG,WAAW,GAAG,UAAU,GAAG,YAAY,GAAG,OAAO,CAAC;IACvE,8DAA8D;IAC9D,SAAS,CAAC,EAAE,qBAAqB,CAAC;IAClC,6DAA6D;IAC7D,QAAQ,CAAC,EAAE,oBAAoB,CAAC;IAChC,+DAA+D;IAC/D,UAAU,CAAC,EAAE,sBAAsB,CAAC;IACpC,0DAA0D;IAC1D,KAAK,CAAC,EAAE,iBAAiB,CAAC;CAC3B;AAED,qDAAqD;AACrD,MAAM,WAAW,qBAAqB;IACpC,UAAU,EAAE,qBAAqB,EAAE,CAAC;IACpC,WAAW,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC;CAC7B;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,aAAa,GAAG,cAAc,GAAG,cAAc,GAAG,UAAU,CAAC;IACzF,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE;QAAE,cAAc,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACjF;AAED,0CAA0C;AAC1C,MAAM,WAAW,oBAAoB;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,eAAe,CAAC,EAAE,SAAS,GAAG,MAAM,CAAC;IACrC,SAAS,CAAC,EAAE;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC;CAC9C;AAED,iEAAiE;AACjE,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,OAAO,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,gBAAgB,GAAG,MAAM,CAAC;IACzE,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,IAAI,GAAG,IAAI,GAAG,KAAK,GAAG,KAAK,GAAG,IAAI,GAAG,yBAAyB,CAAC;IACzE,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,QAAQ,CAAC,EAAE;QACT,MAAM,EAAE,cAAc,GAAG,uBAAuB,GAAG,OAAO,CAAC;QAC3D,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,cAAc,CAAC,EAAE,QAAQ,GAAG,UAAU,CAAC;KACxC,CAAC;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,+DAA+D;AAC/D,MAAM,WAAW,iBAAiB;IAChC,aAAa,CAAC,EAAE,eAAe,GAAG,aAAa,CAAC;IAChD,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC;IAC1B,OAAO,CAAC,EAAE,eAAe,EAAE,CAAC;IAC5B,SAAS,CAAC,EAAE,iBAAiB,EAAE,CAAC;CACjC;AAED,wEAAwE;AACxE,MAAM,MAAM,YAAY,GAAG;IACzB,CAAC,WAAW,CAAC,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,YAAY,CAAC;IACpB,WAAW,CAAC,EAAE,YAAY,GAAG;QAAE,aAAa,EAAE,YAAY,EAAE,CAAA;KAAE,CAAC;IAC/D,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,YAAY,CAAC;IAC3B,mBAAmB,EAAE,YAAY,GAAG;QAAE,aAAa,EAAE,YAAY,EAAE,CAAA;KAAE,CAAC;IACtE,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,OAAO,GAAG,wBAAwB,GAAG,SAAS,GAAG,cAAc,CAAC;IACxE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,2DAA2D;AAC3D,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,CAAC,WAAW,CAAC,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,mEAAmE;AACnE,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,OAAO,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,SAAS,EAAE,CAAC;IACrB,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,SAAS,GAAG,YAAY,GAAG,WAAW,GAAG,eAAe,CAAC;CACpE;AAED,MAAM,WAAW,YAAY;IAC3B,cAAc,EAAE,WAAW,EAAE,CAAC;IAC9B,cAAc,EAAE,WAAW,EAAE,CAAC;CAC/B;AAED,MAAM,WAAW,OAAO;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,SAAS,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,WAAW,CAAC;IACtB,UAAU,CAAC,EAAE,aAAa,CAAC;IAC3B,IAAI,EAAE,OAAO,CAAC;IACd,YAAY,EAAE,cAAc,CAAC;IAC7B,SAAS,EAAE,YAAY,CAAC;IACxB,QAAQ,EAAE,WAAW,CAAC;IACtB,UAAU,CAAC,EAAE,YAAY,CAAC;IAC1B,wDAAwD;IACxD,aAAa,CAAC,EAAE,cAAc,EAAE,CAAC;IACjC,iGAAiG;IACjG,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,4DAA4D;IAC5D,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,uDAAuD;IACvD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oEAAoE;IACpE,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,2DAA2D;IAC3D,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,WAAW,GAAG,eAAe,CAAC;IACxC,gBAAgB,EAAE,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,mDAAmD;AACnD,MAAM,MAAM,cAAc,GACtB,WAAW,GACX,YAAY,GACZ,WAAW,GACX,eAAe,GACf,gBAAgB,GAChB,qBAAqB,GACrB,cAAc,CAAC;AAEnB,mDAAmD;AACnD,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,kCAAkC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,iDAAiD;IACjD,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,uDAAuD;IACvD,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,yCAAyC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,8BAA8B;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC;0EACsE;IACtE,WAAW,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC;IAC9B,4DAA4D;IAC5D,KAAK,CAAC,EAAE,QAAQ,CAAC;CAClB;AAED,gEAAgE;AAChE,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,wBAAwB,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;qCAIqC;AACrC,MAAM,MAAM,gBAAgB,GAAG,CAAC,IAAI,EAAE;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,CAAC;CAC3B,KAAK,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAEtC,+CAA+C;AAC/C,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,eAAe,CAAC;AAEzD,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,OAAO,CAAC;IACd,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB;kFAC8E;IAC9E,YAAY,EAAE,eAAe,CAAC;CAC/B;AAED,oDAAoD;AACpD,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,KAAK,GAAG,MAAM,CAAC;AAEtD,mEAAmE;AACnE,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;IACjC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,eAAe,EAAE,WAAW,GAAG,IAAI,CAAC;IAC7C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,OAAO,EAAE,SAAS,SAAS,EAAE,CAAC;IACvC,QAAQ,CAAC,OAAO,EAAE,SAAS,QAAQ,EAAE,CAAC;IACtC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,0CAA0C;AAC1C,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,mEAAmE;AACnE,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,KAAK,EAAE,UAAU,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,SAAS,QAAQ,EAAE,CAAC;IACtC,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAC;IAC7B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACvD;AAED,0DAA0D;AAC1D,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACzD,WAAW,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAC1D,SAAS,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACxD,iBAAiB,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAChE,YAAY,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAC3D,KAAK,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACpD;;;;;OAKG;IACH,MAAM,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrD,QAAQ,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACvD,QAAQ,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACvD,iBAAiB,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAChE,SAAS,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;CACzD;AAED,+CAA+C;AAC/C,MAAM,WAAW,SAAS;IACxB,QAAQ,CAAC,IAAI,EAAE,YAAY,GAAG,aAAa,CAAC;IAC5C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACvD,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,8CAA8C;AAC9C,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,aAAa,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CAC5C;AAED,qEAAqE;AACrE,MAAM,MAAM,QAAQ,GAAG,KAAK,GAAG,OAAO,CAAC;AAEvC,4EAA4E;AAC5E,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC;IAC7B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,OAAO,EAAE,SAAS,QAAQ,EAAE,CAAC;IACtC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;CAC/B"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,MAAM,SAAS,GAAG,OAAO,GAAG,cAAc,GAAG,QAAQ,GAAG,YAAY,CAAC;AAE3E,MAAM,MAAM,WAAW,GACnB,UAAU,GACV,MAAM,GACN,QAAQ,GACR,KAAK,GACL,eAAe,CAAC;AAEpB,MAAM,MAAM,WAAW,GACnB,kBAAkB,GAClB,gBAAgB,GAChB,sBAAsB,GACtB,oBAAoB,GACpB,sBAAsB,GACtB,oBAAoB,GACpB,gBAAgB,GAChB,aAAa,GACb,kBAAkB,CAAC;AAEvB;;;;;GAKG;AACH,MAAM,MAAM,wBAAwB,GAChC,WAAW,GACX,QAAQ,GACR,SAAS,GACT,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;AAElB,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEtD,MAAM,MAAM,aAAa,GACrB,QAAQ,GACR,WAAW,GACX,cAAc,GACd,gBAAgB,GAChB,kBAAkB,GAClB,gBAAgB,GAChB,eAAe,GACf,iBAAiB,GACjB,kBAAkB,GAClB,aAAa,CAAC;AAElB,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG,OAAO,GAAG,OAAO,GAAG,aAAa,CAAC;AAE1E;;;;;;;;;;;GAWG;AACH,MAAM,MAAM,WAAW,GACnB,IAAI,GACJ,SAAS,GACT,SAAS,GACT,IAAI,GACJ,IAAI,GACJ,IAAI,CAAC;AAET,MAAM,MAAM,WAAW,GACnB,IAAI,GACJ,IAAI,GACJ,IAAI,GACJ,KAAK,GACL,KAAK,GACL,yBAAyB,CAAC;AAE9B,MAAM,MAAM,SAAS,GACjB,aAAa,GACb,cAAc,GACd,YAAY,GACZ,oBAAoB,GACpB,eAAe,GACf,OAAO,GACP,QAAQ,GACR,UAAU,GACV,UAAU,GACV,oBAAoB,GACpB,YAAY,CAAC;AAEjB,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;CAChB;AAED,MAAM,MAAM,aAAa,GAAG,KAAK,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;AAEjE,MAAM,WAAW,OAAO;IACtB,QAAQ,EAAE,WAAW,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,aAAa,CAAC;IAC3B,WAAW,CAAC,EAAE,aAAa,CAAC;CAC7B;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,aAAa,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,UAAU,EAAE,YAAY,CAAC;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB;;;;;;OAMG;IACH,QAAQ,CAAC,EAAE,WAAW,CAAC;CACxB;AAED,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,WAAW,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,UAAU,CAAC,EAAE,YAAY,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,WAAW,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,eAAe,EAAE,CAAC;CAC1B;AAED,0EAA0E;AAC1E,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,+CAA+C;AAC/C,MAAM,MAAM,aAAa,GACrB,iBAAiB,EAAE,GACnB,MAAM,CACJ,MAAM,EACN,mBAAmB,GAAG,sBAAsB,GAAG,oBAAoB,CACpE,CAAC;AAEN,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,aAAa,CAAC;IAC1B,kGAAkG;IAClG,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,sEAAsE;IACtE,MAAM,CAAC,EAAE,SAAS,GAAG,WAAW,GAAG,UAAU,GAAG,YAAY,GAAG,OAAO,CAAC;IACvE,8DAA8D;IAC9D,SAAS,CAAC,EAAE,qBAAqB,CAAC;IAClC,6DAA6D;IAC7D,QAAQ,CAAC,EAAE,oBAAoB,CAAC;IAChC,+DAA+D;IAC/D,UAAU,CAAC,EAAE,sBAAsB,CAAC;IACpC,0DAA0D;IAC1D,KAAK,CAAC,EAAE,iBAAiB,CAAC;CAC3B;AAED,qDAAqD;AACrD,MAAM,WAAW,qBAAqB;IACpC,UAAU,EAAE,qBAAqB,EAAE,CAAC;IACpC,WAAW,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC;CAC7B;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,aAAa,GAAG,cAAc,GAAG,cAAc,GAAG,UAAU,CAAC;IACzF,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE;QAAE,cAAc,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACjF;AAED,0CAA0C;AAC1C,MAAM,WAAW,oBAAoB;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,eAAe,CAAC,EAAE,SAAS,GAAG,MAAM,CAAC;IACrC,SAAS,CAAC,EAAE;QAAE,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC;CAC9C;AAED,iEAAiE;AACjE,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,OAAO,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,GAAG,gBAAgB,GAAG,MAAM,CAAC;IACzE,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,IAAI,GAAG,IAAI,GAAG,KAAK,GAAG,KAAK,GAAG,IAAI,GAAG,yBAAyB,CAAC;IACzE,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,QAAQ,CAAC,EAAE;QACT,MAAM,EAAE,cAAc,GAAG,uBAAuB,GAAG,OAAO,CAAC;QAC3D,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,cAAc,CAAC,EAAE,QAAQ,GAAG,UAAU,CAAC;KACxC,CAAC;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,+DAA+D;AAC/D,MAAM,WAAW,iBAAiB;IAChC,aAAa,CAAC,EAAE,eAAe,GAAG,aAAa,CAAC;IAChD,MAAM,CAAC,EAAE,cAAc,EAAE,CAAC;IAC1B,OAAO,CAAC,EAAE,eAAe,EAAE,CAAC;IAC5B,SAAS,CAAC,EAAE,iBAAiB,EAAE,CAAC;CACjC;AAED,wEAAwE;AACxE,MAAM,MAAM,YAAY,GAAG;IACzB,CAAC,WAAW,CAAC,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC,CAAC;AAEF,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,YAAY,CAAC;IACpB,WAAW,CAAC,EAAE,YAAY,GAAG;QAAE,aAAa,EAAE,YAAY,EAAE,CAAA;KAAE,CAAC;IAC/D,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE,YAAY,CAAC;IAC3B,mBAAmB,EAAE,YAAY,GAAG;QAAE,aAAa,EAAE,YAAY,EAAE,CAAA;KAAE,CAAC;IACtE,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,OAAO,GAAG,wBAAwB,GAAG,SAAS,GAAG,cAAc,CAAC;IACxE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,2DAA2D;AAC3D,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,CAAC,WAAW,CAAC,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,mEAAmE;AACnE,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,OAAO,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,SAAS,EAAE,CAAC;IACrB,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,SAAS,GAAG,YAAY,GAAG,WAAW,GAAG,eAAe,CAAC;CACpE;AAED,MAAM,WAAW,YAAY;IAC3B,cAAc,EAAE,WAAW,EAAE,CAAC;IAC9B,cAAc,EAAE,WAAW,EAAE,CAAC;CAC/B;AAED,MAAM,WAAW,OAAO;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,SAAS,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gFAAgF;IAChF,OAAO,CAAC,EAAE,WAAW,CAAC;IACtB,QAAQ,EAAE,WAAW,CAAC;IACtB,UAAU,CAAC,EAAE,aAAa,CAAC;IAC3B,IAAI,EAAE,OAAO,CAAC;IACd,YAAY,EAAE,cAAc,CAAC;IAC7B,SAAS,EAAE,YAAY,CAAC;IACxB,QAAQ,EAAE,WAAW,CAAC;IACtB,UAAU,CAAC,EAAE,YAAY,CAAC;IAC1B,wDAAwD;IACxD,aAAa,CAAC,EAAE,cAAc,EAAE,CAAC;IACjC,iGAAiG;IACjG,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,4DAA4D;IAC5D,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,uDAAuD;IACvD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,mEAAmE;IACnE,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oEAAoE;IACpE,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,2DAA2D;IAC3D,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,WAAW,GAAG,eAAe,CAAC;IACxC,gBAAgB,EAAE,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,mDAAmD;AACnD,MAAM,MAAM,cAAc,GACtB,WAAW,GACX,YAAY,GACZ,WAAW,GACX,eAAe,GACf,gBAAgB,GAChB,qBAAqB,GACrB,cAAc,CAAC;AAEnB,mDAAmD;AACnD,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,cAAc,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,kCAAkC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,iDAAiD;IACjD,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,uDAAuD;IACvD,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,yCAAyC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,8BAA8B;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC;0EACsE;IACtE,WAAW,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC;IAC9B,4DAA4D;IAC5D,KAAK,CAAC,EAAE,QAAQ,CAAC;CAClB;AAED,gEAAgE;AAChE,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,wBAAwB,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;;qCAIqC;AACrC,MAAM,MAAM,gBAAgB,GAAG,CAAC,IAAI,EAAE;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,CAAC;CAC3B,KAAK,OAAO,CAAC,sBAAsB,CAAC,CAAC;AAEtC,+CAA+C;AAC/C,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,eAAe,CAAC;AAEzD,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,OAAO,CAAC;IACd,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB;kFAC8E;IAC9E,YAAY,EAAE,eAAe,CAAC;CAC/B;AAED,oDAAoD;AACpD,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,KAAK,GAAG,MAAM,CAAC;AAEtD,mEAAmE;AACnE,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;IACjC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,eAAe,EAAE,WAAW,GAAG,IAAI,CAAC;IAC7C,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,OAAO,EAAE,SAAS,SAAS,EAAE,CAAC;IACvC,QAAQ,CAAC,OAAO,EAAE,SAAS,QAAQ,EAAE,CAAC;IACtC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,0CAA0C;AAC1C,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,mEAAmE;AACnE,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,KAAK,EAAE,UAAU,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,SAAS,QAAQ,EAAE,CAAC;IACtC,QAAQ,CAAC,OAAO,EAAE,UAAU,CAAC;IAC7B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;CACvD;AAED,0DAA0D;AAC1D,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACzD,WAAW,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAC1D,SAAS,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACxD,iBAAiB,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAChE,YAAY,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAC3D,KAAK,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACpD;;;;;OAKG;IACH,MAAM,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACrD,QAAQ,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACvD,QAAQ,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACvD,iBAAiB,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAChE,SAAS,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;CACzD;AAED,+CAA+C;AAC/C,MAAM,WAAW,SAAS;IACxB,QAAQ,CAAC,IAAI,EAAE,YAAY,GAAG,aAAa,CAAC;IAC5C,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IACvD,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,8CAA8C;AAC9C,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,aAAa,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CAC5C;AAED,qEAAqE;AACrE,MAAM,MAAM,QAAQ,GAAG,KAAK,GAAG,OAAO,CAAC;AAEvC,4EAA4E;AAC5E,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC;IAC7B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,OAAO,EAAE,SAAS,QAAQ,EAAE,CAAC;IACtC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;CAC/B"}
package/package.json CHANGED
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "name": "agent-threat-rules",
3
- "version": "3.3.1",
3
+ "version": "3.5.0",
4
4
  "type": "module",
5
- "description": "Open detection standard -- like Sigma, but for AI agents. 464 rules for prompt injection, tool poisoning, context exfiltration, and MCP attacks. Shipped in Cisco AI Defense. 98% recall on NVIDIA garak.",
5
+ "description": "Open detection standard -- like Sigma, but for AI agents. 651 rules for prompt injection, tool poisoning, context exfiltration, and MCP attacks. Shipped in Cisco AI Defense. 98% recall on NVIDIA garak.",
6
6
  "main": "./dist/index.js",
7
7
  "types": "./dist/index.d.ts",
8
8
  "bin": {
@@ -70,7 +70,7 @@
70
70
  "README.md"
71
71
  ],
72
72
  "scripts": {
73
- "build": "tsc --build",
73
+ "build": "tsc -p tsconfig.json",
74
74
  "clean": "rm -rf dist tsconfig.tsbuildinfo",
75
75
  "typecheck": "tsc --noEmit",
76
76
  "test": "vitest run",
@@ -80,6 +80,8 @@
80
80
  "validate:compliance": "tsx scripts/validate-compliance.ts",
81
81
  "eval": "tsx src/eval/run-eval.ts",
82
82
  "eval:pint": "tsx src/eval/run-pint-benchmark.ts",
83
+ "eval:generalization": "tsx scripts/eval-generalization.ts --all",
84
+ "gate:generalization": "tsx scripts/eval-generalization.ts --gate",
83
85
  "compile:yara": "tsx scripts/compile-yara.ts --all rules/",
84
86
  "prepublishOnly": "npm run build",
85
87
  "prepare": "npm run build 1>&2",
@@ -15,6 +15,7 @@ author: "ATR Community"
15
15
  date: "2026/03/08"
16
16
  schema_version: "0.1"
17
17
  detection_tier: pattern
18
+ confirm: embedding
18
19
  maturity: "stable"
19
20
  severity: critical
20
21
 
@@ -28,7 +29,7 @@ references:
28
29
  - "ASI07:2026 - Insecure Inter-Agent Communication"
29
30
  - "ASI10:2026 - Rogue Agents"
30
31
  mitre_atlas:
31
- - "AML.T0051 - Prompt Injection"
32
+ - "AML.T0051 - LLM Prompt Injection"
32
33
  - "AML.T0043 - Craft Adversarial Data"
33
34
  - "AML.T0052.000 - Spearphishing via Social Engineering LLM"
34
35
 
@@ -15,7 +15,7 @@ author: ATR Community
15
15
  date: 2026/03/08
16
16
  schema_version: "0.1"
17
17
  detection_tier: pattern
18
- maturity: test
18
+ maturity: experimental
19
19
  severity: high
20
20
  references:
21
21
  owasp_llm:
@@ -24,7 +24,7 @@ references:
24
24
  owasp_agentic:
25
25
  - ASI01:2026 - Agent Goal Hijack
26
26
  mitre_atlas:
27
- - AML.T0051 - Prompt Injection
27
+ - AML.T0051 - LLM Prompt Injection
28
28
  - AML.T0043 - Craft Adversarial Data
29
29
 
30
30
  compliance:
@@ -21,7 +21,7 @@ references:
21
21
  - ASI03:2026 - Identity and Privilege Abuse
22
22
  - ASI10:2026 - Rogue Agents
23
23
  mitre_atlas:
24
- - AML.T0051.001 - Indirect Prompt Injection
24
+ - AML.T0051.001 - Indirect
25
25
  mitre_attack:
26
26
  - T1078 - Valid Accounts
27
27
  - T1550 - Use Alternate Authentication Material
@@ -25,7 +25,7 @@ references:
25
25
  owasp_agentic:
26
26
  - ASI07:2026 - Insecure Inter-Agent Communication
27
27
  mitre_atlas:
28
- - AML.T0051 - Prompt Injection
28
+ - AML.T0051 - LLM Prompt Injection
29
29
  - AML.T0043 - Craft Adversarial Data
30
30
 
31
31
  compliance:
@@ -32,7 +32,7 @@ references:
32
32
  owasp_agentic:
33
33
  - ASI09:2026 - Human-Agent Trust Exploitation
34
34
  mitre_atlas:
35
- - AML.T0048 - Adversarial Prompt Techniques
35
+ - AML.T0048 - External Harms
36
36
 
37
37
  compliance:
38
38
  eu_ai_act:
@@ -97,8 +97,8 @@ detection:
97
97
  - field: content
98
98
  operator: regex
99
99
  value: >-
100
- (?i)(?:this\s+is\s+a\s+)?(?:system|admin|supervisor|emergency)\s+(?:level\s+)?(?:command|directive|override|instruction)
101
- description: Messages framed as system-level commands or directives
100
+ (?i)(?:this\s+is\s+a\s+)?(?:system|admin|supervisor|emergency)\s+(?:level\s+)?(?:command|directive|override)
101
+ description: Messages framed as system-level commands or directives (bare "system instruction(s)" doc references no longer match)
102
102
  - field: content
103
103
  operator: regex
104
104
  value: (?i)(?:I\s+am|this\s+is)\s+(?:GPT-4|Claude|Gemini|the\s+(?:primary|main|original)\s+(?:model|AI|assistant))
@@ -28,7 +28,7 @@ references:
28
28
  - "ASI04:2026 - Supply Chain"
29
29
  mitre_atlas:
30
30
  - "AML.T0049 - Exploit Public-Facing Application"
31
- - "AML.T0040 - ML Model Inference API Access"
31
+ - "AML.T0040 - AI Model Inference API Access"
32
32
  mitre_attack:
33
33
  - "T1190 - Exploit Public-Facing Application"
34
34
  - "T1059 - Command and Scripting Interpreter"
@@ -26,8 +26,8 @@ references:
26
26
  - "ASI03:2026 - Tool Misuse"
27
27
  - "ASI05:2026 - Unexpected Code Execution"
28
28
  mitre_atlas:
29
- - "AML.T0051.001 - Indirect Prompt Injection"
30
- - "AML.T0040 - ML Model Inference API Access"
29
+ - "AML.T0051.001 - Indirect"
30
+ - "AML.T0040 - AI Model Inference API Access"
31
31
  mitre_attack:
32
32
  - "T1059 - Command and Scripting Interpreter"
33
33
  - "T1068 - Exploitation for Privilege Escalation"
@@ -26,8 +26,8 @@ references:
26
26
  - "ASI04:2026 - Supply Chain"
27
27
  - "ASI05:2026 - Unexpected Code Execution"
28
28
  mitre_atlas:
29
- - "AML.T0010 - ML Supply Chain Compromise"
30
- - "AML.T0040 - ML Model Inference API Access"
29
+ - "AML.T0010 - AI Supply Chain Compromise"
30
+ - "AML.T0040 - AI Model Inference API Access"
31
31
  mitre_attack:
32
32
  - "T1546 - Event Triggered Execution"
33
33
  - "T1059 - Command and Scripting Interpreter"
@@ -19,7 +19,7 @@ maturity: test
19
19
  severity: high
20
20
  references:
21
21
  mitre_atlas:
22
- - AML.T0010 - ML Supply Chain Compromise
22
+ - AML.T0010 - AI Supply Chain Compromise
23
23
  owasp_llm:
24
24
  - LLM01:2025 - Prompt Injection
25
25
  owasp_agentic:
@@ -39,7 +39,7 @@ references:
39
39
  - "LLM06:2025 - Excessive Agency"
40
40
  mitre_atlas:
41
41
  - "AML.T0051 - LLM Prompt Injection"
42
- - "AML.T0051.000 - Direct Prompt Injection"
42
+ - "AML.T0051.000 - Direct"
43
43
  research:
44
44
  - "Evaluating Goal Drift in LM Agents (arXiv:2505.02709, AIES-25)"
45
45
  - "Inherited Goal Drift (arXiv:2603.03258)"
@@ -29,7 +29,7 @@ references:
29
29
  - "ASI01:2026 - Agent Goal Hijack"
30
30
  - "ASI06:2026 - Memory and Context Poisoning"
31
31
  mitre_atlas:
32
- - "AML.T0056 - LLM Meta Prompt Extraction"
32
+ - "AML.T0056 - Extract LLM System Prompt"
33
33
  - "AML.T0051 - LLM Prompt Injection"
34
34
 
35
35
  compliance:
@@ -21,6 +21,7 @@ references:
21
21
  - ASI06:2026 - Memory and Context Poisoning
22
22
  mitre_atlas:
23
23
  - AML.T0051 - LLM Prompt Injection
24
+ - AML.T0080 - AI Agent Context Poisoning
24
25
  mitre_attack:
25
26
  - "T1565.001 - Data Manipulation: Stored Data Manipulation"
26
27
  compliance:
@@ -19,7 +19,7 @@ references:
19
19
  owasp_agentic:
20
20
  - 'ASI07:2026 - Agent Data Leak'
21
21
  mitre_atlas:
22
- - 'AML.T0040 - ML Model Inference API Access'
22
+ - 'AML.T0040 - AI Model Inference API Access'
23
23
  compliance:
24
24
  nist_ai_rmf:
25
25
  - subcategory: "MS.2.10"
@@ -62,7 +62,7 @@ detection:
62
62
  conditions:
63
63
  - field: content
64
64
  operator: regex
65
- value: '(?i)(?:cat|read|type|head|tail|strings|xxd|base64)\s+[^\n]*(?:\.ssh/id_|\.aws/credentials|\.npmrc|\.env|\.netrc|\.docker/config|\.kube/config)[^\n]*(?:\||>|curl|wget|nc\s|fetch|POST|http)'
65
+ value: '(?i)(?:cat|read|type|head|tail|strings|xxd|base64)\s+[^\n]*(?:\.ssh/id_|\.aws/credentials|\.npmrc|\.env|\.netrc|\.docker/config|\.kube/config)[^\n]*(?:\|\s*(?:curl|wget|nc|base64|xxd|gzip)|>\s*/dev/tcp|curl|wget|nc\s|fetch|POST|http)'
66
66
  description: 'Credential file read piped to network command (e.g. cat ~/.ssh/id_rsa | curl)'
67
67
  - field: content
68
68
  operator: regex