agentlint 0.1.0

package/dist/rules/base.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Base rule class with common functionality
+ */
+import { Finding, AgentDocument, Evidence, Anchors } from '../ir/types';
+import { Rule, RuleDefinition, RuleContext } from './types';
+export declare abstract class BaseRule implements Rule {
+    protected definition: RuleDefinition;
+    constructor(definition: RuleDefinition);
+    getDefinition(): RuleDefinition;
+    abstract evaluate(context: RuleContext): Finding[];
+    /**
+     * Create a finding with proper fingerprints
+     */
+    protected createFinding(document: AgentDocument, location: Anchors, message: string, evidence: Evidence[], confidence?: number): Finding;
+}
+//# sourceMappingURL=base.d.ts.map

package/dist/rules/base.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.d.ts","sourceRoot":"","sources":["../../src/rules/base.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,aAAa,EAAY,QAAQ,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAClF,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAO5D,8BAAsB,QAAS,YAAW,IAAI;IAC5C,SAAS,CAAC,UAAU,EAAE,cAAc,CAAC;gBAEzB,UAAU,EAAE,cAAc;IAItC,aAAa,IAAI,cAAc;IAI/B,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,EAAE;IAElD;;OAEG;IACH,SAAS,CAAC,aAAa,CACrB,QAAQ,EAAE,aAAa,EACvB,QAAQ,EAAE,OAAO,EACjB,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,QAAQ,EAAE,EACpB,UAAU,GAAE,MAAY,GACvB,OAAO;CA2CX"}

package/dist/rules/base.js

@@ -0,0 +1,48 @@
+"use strict";
+/**
+ * Base rule class with common functionality
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseRule = void 0;
+const hash_1 = require("../utils/hash");
+class BaseRule {
+    definition;
+    constructor(definition) {
+        this.definition = definition;
+    }
+    getDefinition() {
+        return this.definition;
+    }
+    /**
+     * Create a finding with proper fingerprints
+     */
+    createFinding(document, location, message, evidence, confidence = 0.9) {
+        const evidenceValue = evidence.length > 0 ? evidence[0].value : '';
+        return {
+            finding_id: (0, hash_1.generateFindingId)(this.definition.id, document.path, location.start_line, evidenceValue),
+            rule_id: this.definition.id,
+            group: this.definition.group,
+            severity: this.definition.severity,
+            title: this.definition.title,
+            description: this.definition.description,
+            message,
+            recommendation: this.definition.recommendation,
+            confidence,
+            tags: this.definition.tags,
+            location: {
+                path: document.path,
+                start_line: location.start_line,
+                end_line: location.end_line,
+            },
+            evidence,
+            related_actions: [],
+            fingerprints: {
+                stable: (0, hash_1.generateFindingId)(this.definition.id, document.path, location.start_line, evidenceValue),
+                location: (0, hash_1.generateLocationFingerprint)(this.definition.id, document.path, location.start_line, location.end_line),
+                content: (0, hash_1.generateContentFingerprint)(this.definition.id, evidenceValue),
+            },
+        };
+    }
+}
+exports.BaseRule = BaseRule;
+//# sourceMappingURL=base.js.map

package/dist/rules/base.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.js","sourceRoot":"","sources":["../../src/rules/base.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAIH,wCAIuB;AAEvB,MAAsB,QAAQ;IAClB,UAAU,CAAiB;IAErC,YAAY,UAA0B;QACpC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED,aAAa;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAID;;OAEG;IACO,aAAa,CACrB,QAAuB,EACvB,QAAiB,EACjB,OAAe,EACf,QAAoB,EACpB,aAAqB,GAAG;QAExB,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAEnE,OAAO;YACL,UAAU,EAAE,IAAA,wBAAiB,EAC3B,IAAI,CAAC,UAAU,CAAC,EAAE,EAClB,QAAQ,CAAC,IAAI,EACb,QAAQ,CAAC,UAAU,EACnB,aAAa,CACd;YACD,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,EAAE;YAC3B,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK;YAC5B,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,QAAQ;YAClC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK;YAC5B,WAAW,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW;YACxC,OAAO;YACP,cAAc,EAAE,IAAI,CAAC,UAAU,CAAC,cAAc;YAC9C,UAAU;YACV,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI;YAC1B,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ,CAAC,IAAI;gBACnB,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;aAC5B;YACD,QAAQ;YACR,eAAe,EAAE,EAAE;YACnB,YAAY,EAAE;gBACZ,MAAM,EAAE,IAAA,wBAAiB,EACvB,IAAI,CAAC,UAAU,CAAC,EAAE,EAClB,QAAQ,CAAC,IAAI,EACb,QAAQ,CAAC,UAAU,EACnB,aAAa,CACd;gBACD,QAAQ,EAAE,IAAA,kCAA2B,EACnC,IAAI,CAAC,UAAU,CAAC,EAAE,EAClB,QAAQ,CAAC,IAAI,EACb,QAAQ,CAAC,UAAU,EACnB,QAAQ,CAAC,QAAQ,CAClB;gBACD,OAAO,EAAE,IAAA,iCAA0B,EAAC,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,aAAa,CAAC;aACvE;SACF,CAAC;IACJ,CAAC;CACF;AAjED,4BAiEC"}

package/dist/rules/engine.d.ts

@@ -0,0 +1,61 @@
+/**
+ * Rule Engine
+ * Orchestrates rule evaluation and finding generation
+ */
+import { AgentDocument, Finding, CapabilitySummary, Severity } from '../ir/types';
+import { Rule, RuleDefinition, RuleEngineOptions, RuleGroup } from './types';
+/**
+ * Rule Engine - evaluates all rules against documents
+ */
+export declare class RuleEngine {
+    private rules;
+    private options;
+    private ruleMap;
+    constructor(options?: Partial<RuleEngineOptions>);
+    /**
+     * Get all available rules
+     */
+    getAllRules(): RuleDefinition[];
+    /**
+     * Get enabled rules (after applying disabled list)
+     */
+    getEnabledRules(): RuleDefinition[];
+    /**
+     * Get a rule by ID
+     */
+    getRule(ruleId: string): Rule | undefined;
+    /**
+     * Get rule definition by ID
+     */
+    getRuleDefinition(ruleId: string): RuleDefinition | undefined;
+    /**
+     * Get rules by group
+     */
+    getRulesByGroup(group: RuleGroup): RuleDefinition[];
+    /**
+     * Evaluate all rules against a single document
+     */
+    evaluateDocument(document: AgentDocument, allDocuments: AgentDocument[], capabilitySummary: CapabilitySummary): Finding[];
+    /**
+     * Evaluate all rules against multiple documents
+     */
+    evaluateAll(documents: AgentDocument[], capabilitySummary: CapabilitySummary): Finding[];
+    /**
+     * Sort findings by severity, path, and line number
+     */
+    private sortFindings;
+    /**
+     * Count findings by severity
+     */
+    countBySeverity(findings: Finding[]): Record<Severity, number>;
+    /**
+     * Filter findings by minimum severity
+     */
+    filterBySeverity(findings: Finding[], minSeverity: Severity): Finding[];
+    /**
+     * Check if any finding meets or exceeds the threshold
+     */
+    hasFindings(findings: Finding[], threshold: Severity | 'none'): boolean;
+}
+export declare const defaultRuleEngine: RuleEngine;
+//# sourceMappingURL=engine.d.ts.map

package/dist/rules/engine.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/rules/engine.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,aAAa,EACb,OAAO,EACP,iBAAiB,EACjB,QAAQ,EACT,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,IAAI,EAAe,cAAc,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAU1F;;GAEG;AACH,qBAAa,UAAU;IACrB,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,OAAO,CAAoB;IACnC,OAAO,CAAC,OAAO,CAAoB;gBAEvB,OAAO,GAAE,OAAO,CAAC,iBAAiB,CAAM;IA0BpD;;OAEG;IACH,WAAW,IAAI,cAAc,EAAE;IAI/B;;OAEG;IACH,eAAe,IAAI,cAAc,EAAE;IAMnC;;OAEG;IACH,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS;IAIzC;;OAEG;IACH,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,cAAc,GAAG,SAAS;IAK7D;;OAEG;IACH,eAAe,CAAC,KAAK,EAAE,SAAS,GAAG,cAAc,EAAE;IAMnD;;OAEG;IACH,gBAAgB,CACd,QAAQ,EAAE,aAAa,EACvB,YAAY,EAAE,aAAa,EAAE,EAC7B,iBAAiB,EAAE,iBAAiB,GACnC,OAAO,EAAE;IA0CZ;;OAEG;IACH,WAAW,CACT,SAAS,EAAE,aAAa,EAAE,EAC1B,iBAAiB,EAAE,iBAAiB,GACnC,OAAO,EAAE;IAgBZ;;OAEG;IACH,OAAO,CAAC,YAAY;IAyBpB;;OAEG;IACH,eAAe,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC;IAc9D;;OAEG;IACH,gBAAgB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,WAAW,EAAE,QAAQ,GAAG,OAAO,EAAE;IAWvE;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,QAAQ,GAAG,MAAM,GAAG,OAAO;CAIxE;AAGD,eAAO,MAAM,iBAAiB,YAAmB,CAAC"}

package/dist/rules/engine.js

@@ -0,0 +1,195 @@
+"use strict";
+/**
+ * Rule Engine
+ * Orchestrates rule evaluation and finding generation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultRuleEngine = exports.RuleEngine = void 0;
+const execution_1 = require("./execution");
+const filesystem_1 = require("./filesystem");
+const network_1 = require("./network");
+const secrets_1 = require("./secrets");
+const hook_1 = require("./hook");
+const instruction_1 = require("./instruction");
+const scope_1 = require("./scope");
+const observability_1 = require("./observability");
+/**
+ * Rule Engine - evaluates all rules against documents
+ */
+class RuleEngine {
+    rules;
+    options;
+    ruleMap;
+    constructor(options = {}) {
+        this.options = {
+            minConfidence: options.minConfidence ?? 0.6,
+            disabledRules: options.disabledRules ?? [],
+            severityOverrides: options.severityOverrides ?? {},
+        };
+        // Collect all rules
+        this.rules = [
+            ...execution_1.executionRules,
+            ...filesystem_1.filesystemRules,
+            ...network_1.networkRules,
+            ...secrets_1.secretRules,
+            ...hook_1.hookRules,
+            ...instruction_1.instructionRules,
+            ...scope_1.scopeRules,
+            ...observability_1.observabilityRules,
+        ];
+        // Build rule map for quick lookup
+        this.ruleMap = new Map();
+        for (const rule of this.rules) {
+            this.ruleMap.set(rule.getDefinition().id, rule);
+        }
+    }
+    /**
+     * Get all available rules
+     */
+    getAllRules() {
+        return this.rules.map(r => r.getDefinition());
+    }
+    /**
+     * Get enabled rules (after applying disabled list)
+     */
+    getEnabledRules() {
+        return this.rules
+            .filter(r => !this.options.disabledRules.includes(r.getDefinition().id))
+            .map(r => r.getDefinition());
+    }
+    /**
+     * Get a rule by ID
+     */
+    getRule(ruleId) {
+        return this.ruleMap.get(ruleId);
+    }
+    /**
+     * Get rule definition by ID
+     */
+    getRuleDefinition(ruleId) {
+        const rule = this.ruleMap.get(ruleId);
+        return rule?.getDefinition();
+    }
+    /**
+     * Get rules by group
+     */
+    getRulesByGroup(group) {
+        return this.rules
+            .filter(r => r.getDefinition().group === group)
+            .map(r => r.getDefinition());
+    }
+    /**
+     * Evaluate all rules against a single document
+     */
+    evaluateDocument(document, allDocuments, capabilitySummary) {
+        const findings = [];
+        const context = {
+            document,
+            allDocuments,
+            capabilitySummary,
+            minConfidence: this.options.minConfidence,
+        };
+        for (const rule of this.rules) {
+            const definition = rule.getDefinition();
+            // Skip disabled rules
+            if (this.options.disabledRules.includes(definition.id)) {
+                continue;
+            }
+            try {
+                const ruleFindings = rule.evaluate(context);
+                // Apply severity overrides and filter by confidence
+                for (const finding of ruleFindings) {
+                    // Apply severity override if configured
+                    if (this.options.severityOverrides[definition.id]) {
+                        finding.severity = this.options.severityOverrides[definition.id];
+                    }
+                    // Filter by confidence threshold
+                    if (finding.confidence >= this.options.minConfidence) {
+                        findings.push(finding);
+                    }
+                }
+            }
+            catch (error) {
+                // Log but don't fail on individual rule errors
+                console.error(`Error evaluating rule ${definition.id}:`, error);
+            }
+        }
+        return findings;
+    }
+    /**
+     * Evaluate all rules against multiple documents
+     */
+    evaluateAll(documents, capabilitySummary) {
+        const findings = [];
+        for (const document of documents) {
+            const docFindings = this.evaluateDocument(document, documents, capabilitySummary);
+            findings.push(...docFindings);
+        }
+        // Sort findings: severity (high first), then path, then line
+        return this.sortFindings(findings);
+    }
+    /**
+     * Sort findings by severity, path, and line number
+     */
+    sortFindings(findings) {
+        const severityOrder = {
+            high: 0,
+            medium: 1,
+            low: 2,
+        };
+        return findings.sort((a, b) => {
+            // Sort by severity first
+            const severityDiff = severityOrder[a.severity] - severityOrder[b.severity];
+            if (severityDiff !== 0)
+                return severityDiff;
+            // Then by path
+            const pathDiff = a.location.path.localeCompare(b.location.path);
+            if (pathDiff !== 0)
+                return pathDiff;
+            // Then by line number
+            const lineDiff = a.location.start_line - b.location.start_line;
+            if (lineDiff !== 0)
+                return lineDiff;
+            // Finally by rule ID for stability
+            return a.rule_id.localeCompare(b.rule_id);
+        });
+    }
+    /**
+     * Count findings by severity
+     */
+    countBySeverity(findings) {
+        const counts = {
+            high: 0,
+            medium: 0,
+            low: 0,
+        };
+        for (const finding of findings) {
+            counts[finding.severity]++;
+        }
+        return counts;
+    }
+    /**
+     * Filter findings by minimum severity
+     */
+    filterBySeverity(findings, minSeverity) {
+        const severityLevel = {
+            high: 3,
+            medium: 2,
+            low: 1,
+        };
+        const minLevel = severityLevel[minSeverity];
+        return findings.filter(f => severityLevel[f.severity] >= minLevel);
+    }
+    /**
+     * Check if any finding meets or exceeds the threshold
+     */
+    hasFindings(findings, threshold) {
+        if (threshold === 'none')
+            return false;
+        return this.filterBySeverity(findings, threshold).length > 0;
+    }
+}
+exports.RuleEngine = RuleEngine;
+// Export a default instance
+exports.defaultRuleEngine = new RuleEngine();
+//# sourceMappingURL=engine.js.map

package/dist/rules/engine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../src/rules/engine.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AASH,2CAA6C;AAC7C,6CAA+C;AAC/C,uCAAyC;AACzC,uCAAwC;AACxC,iCAAmC;AACnC,+CAAiD;AACjD,mCAAqC;AACrC,mDAAqD;AAErD;;GAEG;AACH,MAAa,UAAU;IACb,KAAK,CAAS;IACd,OAAO,CAAoB;IAC3B,OAAO,CAAoB;IAEnC,YAAY,UAAsC,EAAE;QAClD,IAAI,CAAC,OAAO,GAAG;YACb,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,GAAG;YAC3C,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,EAAE;YAC1C,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,IAAI,EAAE;SACnD,CAAC;QAEF,oBAAoB;QACpB,IAAI,CAAC,KAAK,GAAG;YACX,GAAG,0BAAc;YACjB,GAAG,4BAAe;YAClB,GAAG,sBAAY;YACf,GAAG,qBAAW;YACd,GAAG,gBAAS;YACZ,GAAG,8BAAgB;YACnB,GAAG,kBAAU;YACb,GAAG,kCAAkB;SACtB,CAAC;QAEF,kCAAkC;QAClC,IAAI,CAAC,OAAO,GAAG,IAAI,GAAG,EAAE,CAAC;QACzB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,eAAe;QACb,OAAO,IAAI,CAAC,KAAK;aACd,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,EAAE,CAAC,CAAC;aACvE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,OAAO,CAAC,MAAc;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC;IAED;;OAEG;IACH,iBAAiB,CAAC,MAAc;QAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtC,OAAO,IAAI,EAAE,aAAa,EAAE,CAAC;IAC/B,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,KAAgB;QAC9B,OAAO,IAAI,CAAC,KAAK;aACd,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,KAAK,KAAK,KAAK,CAAC;aAC9C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,gBAAgB,CACd,QAAuB,EACvB,YAA6B,EAC7B,iBAAoC;QAEpC,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,MAAM,OAAO,GAAgB;YAC3B,QAAQ;YACR,YAAY;YACZ,iBAAiB;YACjB,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa;SAC1C,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YAExC,sBAAsB;YACtB,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC;gBACvD,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBAE5C,oDAAoD;gBACpD,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;oBACnC,wCAAwC;oBACxC,IAAI,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC;wBAClD,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,iBAAiB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;oBACnE,CAAC;oBAED,iCAAiC;oBACjC,IAAI,OAAO,CAAC,UAAU,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;wBACrD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,+CAA+C;gBAC/C,OAAO,CAAC,KAAK,CAAC,yBAAyB,UAAU,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,WAAW,CACT,SAA0B,EAC1B,iBAAoC;QAEpC,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CACvC,QAAQ,EACR,SAAS,EACT,iBAAiB,CAClB,CAAC;YACF,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;QAChC,CAAC;QAED,6DAA6D;QAC7D,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,QAAmB;QACtC,MAAM,aAAa,GAA6B;YAC9C,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;SACP,CAAC;QAEF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YAC5B,yBAAyB;YACzB,MAAM,YAAY,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC3E,IAAI,YAAY,KAAK,CAAC;gBAAE,OAAO,YAAY,CAAC;YAE5C,eAAe;YACf,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAChE,IAAI,QAAQ,KAAK,CAAC;gBAAE,OAAO,QAAQ,CAAC;YAEpC,sBAAsB;YACtB,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC/D,IAAI,QAAQ,KAAK,CAAC;gBAAE,OAAO,QAAQ,CAAC;YAEpC,mCAAmC;YACnC,OAAO,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,QAAmB;QACjC,MAAM,MAAM,GAA6B;YACvC,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;SACP,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,QAAmB,EAAE,WAAqB;QACzD,MAAM,aAAa,GAA6B;YAC9C,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;SACP,CAAC;QAEF,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC;QAC5C,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,CAAC;IACrE,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,QAAmB,EAAE,SAA4B;QAC3D,IAAI,SAAS,KAAK,MAAM;YAAE,OAAO,KAAK,CAAC;QACvC,OAAO,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;IAC/D,CAAC;CACF;AAhND,gCAgNC;AAED,4BAA4B;AACf,QAAA,iBAAiB,GAAG,IAAI,UAAU,EAAE,CAAC"}

package/dist/rules/execution.d.ts

@@ -0,0 +1,33 @@
+/**
+ * Execution Rules (EXEC)
+ * Rules for detecting shell execution risks
+ */
+import { Finding } from '../ir/types';
+import { BaseRule } from './base';
+import { RuleContext } from './types';
+/**
+ * EXEC-001: Dynamic Shell Execution
+ * Detects shell execution where the command is dynamically constructed or fetched
+ */
+export declare class DynamicShellExecutionRule extends BaseRule {
+    constructor();
+    evaluate(context: RuleContext): Finding[];
+}
+/**
+ * EXEC-002: Shell Execution in Non-Interactive Context
+ * Shell commands executed inside hooks or auto-triggered contexts
+ */
+export declare class ShellInNonInteractiveRule extends BaseRule {
+    constructor();
+    evaluate(context: RuleContext): Finding[];
+}
+/**
+ * EXEC-003: Broad Shell Capability Declaration
+ * Shell execution allowed without scope restriction
+ */
+export declare class BroadShellCapabilityRule extends BaseRule {
+    constructor();
+    evaluate(context: RuleContext): Finding[];
+}
+export declare const executionRules: (DynamicShellExecutionRule | ShellInNonInteractiveRule | BroadShellCapabilityRule)[];
+//# sourceMappingURL=execution.d.ts.map

package/dist/rules/execution.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"execution.d.ts","sourceRoot":"","sources":["../../src/rules/execution.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAClC,OAAO,EAAE,WAAW,EAAkB,MAAM,SAAS,CAAC;AAEtD;;;GAGG;AACH,qBAAa,yBAA0B,SAAQ,QAAQ;;IAerD,QAAQ,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,EAAE;CA2C1C;AAED;;;GAGG;AACH,qBAAa,yBAA0B,SAAQ,QAAQ;;IAerD,QAAQ,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,EAAE;CAmC1C;AAED;;;GAGG;AACH,qBAAa,wBAAyB,SAAQ,QAAQ;;IAepD,QAAQ,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,EAAE;CAuC1C;AAGD,eAAO,MAAM,cAAc,sFAI1B,CAAC"}

package/dist/rules/execution.js

@@ -0,0 +1,154 @@
+"use strict";
+/**
+ * Execution Rules (EXEC)
+ * Rules for detecting shell execution risks
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.executionRules = exports.BroadShellCapabilityRule = exports.ShellInNonInteractiveRule = exports.DynamicShellExecutionRule = void 0;
+const base_1 = require("./base");
+/**
+ * EXEC-001: Dynamic Shell Execution
+ * Detects shell execution where the command is dynamically constructed or fetched
+ */
+class DynamicShellExecutionRule extends base_1.BaseRule {
+    constructor() {
+        super({
+            id: 'EXEC-001',
+            group: 'execution',
+            severity: 'high',
+            title: 'Dynamic Shell Execution',
+            description: 'Detects shell execution where the command is dynamically constructed or fetched. This includes patterns like curl|bash, wget|sh, and eval with variables.',
+            recommendation: 'Replace with fixed commands or disable shell access. Use pinned, verified installers instead of fetching scripts from the network.',
+            tags: ['rce', 'supply-chain', 'dynamic-execution'],
+        });
+    }
+    evaluate(context) {
+        const findings = [];
+        const { document, minConfidence } = context;
+        for (const action of document.actions) {
+            if (action.type !== 'shell_exec')
+                continue;
+            if (!action.shell?.dynamic)
+                continue;
+            const confidence = action.evidence[0]?.confidence || 0.9;
+            if (confidence < minConfidence)
+                continue;
+            const patterns = action.shell.patterns || [];
+            let message = 'Dynamic shell execution detected.';
+            if (patterns.includes('curl|bash') || patterns.includes('wget|bash')) {
+                message = 'Remote code execution risk: curl|bash or wget|bash pattern detected.';
+            }
+            else if (patterns.includes('eval')) {
+                message = 'Dynamic shell execution via eval detected.';
+            }
+            else if (patterns.includes('variable_interpolation')) {
+                message = 'Shell command with variable interpolation detected.';
+            }
+            const finding = this.createFinding(document, action.anchors, message, action.evidence, confidence);
+            // Add related action info
+            finding.related_actions.push({
+                action_type: action.type,
+                context: action.context,
+                summary: action.summary,
+                anchors: action.anchors,
+            });
+            findings.push(finding);
+        }
+        return findings;
+    }
+}
+exports.DynamicShellExecutionRule = DynamicShellExecutionRule;
+/**
+ * EXEC-002: Shell Execution in Non-Interactive Context
+ * Shell commands executed inside hooks or auto-triggered contexts
+ */
+class ShellInNonInteractiveRule extends base_1.BaseRule {
+    constructor() {
+        super({
+            id: 'EXEC-002',
+            group: 'execution',
+            severity: 'high',
+            title: 'Shell Execution in Non-Interactive Context',
+            description: 'Shell commands executed inside hooks or auto-triggered contexts. Users do not explicitly approve these actions at runtime.',
+            recommendation: 'Move shell execution to interactive contexts where user approval is required, or remove automatic hook execution.',
+            tags: ['rce', 'hook', 'automation'],
+        });
+    }
+    evaluate(context) {
+        const findings = [];
+        const { document, minConfidence } = context;
+        // Only applies to hook context
+        if (document.context_profile.primary !== 'hook') {
+            return findings;
+        }
+        for (const action of document.actions) {
+            if (action.type !== 'shell_exec')
+                continue;
+            const confidence = action.evidence[0]?.confidence || 0.9;
+            if (confidence < minConfidence)
+                continue;
+            const finding = this.createFinding(document, action.anchors, `Shell execution in hook context: ${action.summary}. Users do not explicitly approve hook actions.`, action.evidence, confidence);
+            finding.related_actions.push({
+                action_type: action.type,
+                context: action.context,
+                summary: action.summary,
+                anchors: action.anchors,
+            });
+            findings.push(finding);
+        }
+        return findings;
+    }
+}
+exports.ShellInNonInteractiveRule = ShellInNonInteractiveRule;
+/**
+ * EXEC-003: Broad Shell Capability Declaration
+ * Shell execution allowed without scope restriction
+ */
+class BroadShellCapabilityRule extends base_1.BaseRule {
+    constructor() {
+        super({
+            id: 'EXEC-003',
+            group: 'execution',
+            severity: 'medium',
+            title: 'Broad Shell Capability Declaration',
+            description: 'Shell execution is allowed without command scope restriction. This enables arbitrary command execution.',
+            recommendation: 'Define an explicit command allowlist in the permission manifest, or disable shell execution.',
+            tags: ['shell', 'permissions', 'least-privilege'],
+        });
+    }
+    evaluate(context) {
+        const findings = [];
+        const { document, capabilitySummary } = context;
+        // Check if shell execution is enabled without restrictions
+        if (!capabilitySummary.shell_exec.enabled) {
+            return findings;
+        }
+        // Check each capability for unrestricted shell access
+        for (const cap of document.capabilities) {
+            if (cap.type !== 'shell_exec')
+                continue;
+            const hasAllowlist = cap.scope.shell_exec?.allowed_commands &&
+                cap.scope.shell_exec.allowed_commands.length > 0;
+            if (!hasAllowlist) {
+                const finding = this.createFinding(document, { start_line: 1, end_line: 1 }, 'Shell execution capability declared without command restrictions.', [
+                    {
+                        kind: 'heuristic',
+                        value: 'shell_exec: enabled without allowlist',
+                        confidence: 0.8,
+                    },
+                ], 0.8);
+                findings.push(finding);
+                break; // Only report once per document
+            }
+        }
+        return findings;
+    }
+}
+exports.BroadShellCapabilityRule = BroadShellCapabilityRule;
+// Export all execution rules
+exports.executionRules = [
+    new DynamicShellExecutionRule(),
+    new ShellInNonInteractiveRule(),
+    new BroadShellCapabilityRule(),
+];
+//# sourceMappingURL=execution.js.map

package/dist/rules/execution.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"execution.js","sourceRoot":"","sources":["../../src/rules/execution.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAGH,iCAAkC;AAGlC;;;GAGG;AACH,MAAa,yBAA0B,SAAQ,eAAQ;IACrD;QACE,KAAK,CAAC;YACJ,EAAE,EAAE,UAAU;YACd,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,yBAAyB;YAChC,WAAW,EACT,2JAA2J;YAC7J,cAAc,EACZ,oIAAoI;YACtI,IAAI,EAAE,CAAC,KAAK,EAAE,cAAc,EAAE,mBAAmB,CAAC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,QAAQ,CAAC,OAAoB;QAC3B,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;QAE5C,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtC,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY;gBAAE,SAAS;YAC3C,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO;gBAAE,SAAS;YAErC,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,IAAI,GAAG,CAAC;YACzD,IAAI,UAAU,GAAG,aAAa;gBAAE,SAAS;YAEzC,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC;YAC7C,IAAI,OAAO,GAAG,mCAAmC,CAAC;YAElD,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;gBACrE,OAAO,GAAG,sEAAsE,CAAC;YACnF,CAAC;iBAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrC,OAAO,GAAG,4CAA4C,CAAC;YACzD,CAAC;iBAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE,CAAC;gBACvD,OAAO,GAAG,qDAAqD,CAAC;YAClE,CAAC;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAChC,QAAQ,EACR,MAAM,CAAC,OAAO,EACd,OAAO,EACP,MAAM,CAAC,QAAQ,EACf,UAAU,CACX,CAAC;YAEF,0BAA0B;YAC1B,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC;gBAC3B,WAAW,EAAE,MAAM,CAAC,IAAI;gBACxB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,MAAM,CAAC,OAAO;aACxB,CAAC,CAAC;YAEH,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AA1DD,8DA0DC;AAED;;;GAGG;AACH,MAAa,yBAA0B,SAAQ,eAAQ;IACrD;QACE,KAAK,CAAC;YACJ,EAAE,EAAE,UAAU;YACd,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,4CAA4C;YACnD,WAAW,EACT,4HAA4H;YAC9H,cAAc,EACZ,mHAAmH;YACrH,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,CAAC;SACpC,CAAC,CAAC;IACL,CAAC;IAED,QAAQ,CAAC,OAAoB;QAC3B,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;QAE5C,+BAA+B;QAC/B,IAAI,QAAQ,CAAC,eAAe,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;YAChD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACtC,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY;gBAAE,SAAS;YAE3C,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,UAAU,IAAI,GAAG,CAAC;YACzD,IAAI,UAAU,GAAG,aAAa;gBAAE,SAAS;YAEzC,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAChC,QAAQ,EACR,MAAM,CAAC,OAAO,EACd,oCAAoC,MAAM,CAAC,OAAO,iDAAiD,EACnG,MAAM,CAAC,QAAQ,EACf,UAAU,CACX,CAAC;YAEF,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC;gBAC3B,WAAW,EAAE,MAAM,CAAC,IAAI;gBACxB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,MAAM,CAAC,OAAO;aACxB,CAAC,CAAC;YAEH,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AAlDD,8DAkDC;AAED;;;GAGG;AACH,MAAa,wBAAyB,SAAQ,eAAQ;IACpD;QACE,KAAK,CAAC;YACJ,EAAE,EAAE,UAAU;YACd,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EACT,yGAAyG;YAC3G,cAAc,EACZ,8FAA8F;YAChG,IAAI,EAAE,CAAC,OAAO,EAAE,aAAa,EAAE,iBAAiB,CAAC;SAClD,CAAC,CAAC;IACL,CAAC;IAED,QAAQ,CAAC,OAAoB;QAC3B,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,EAAE,QAAQ,EAAE,iBAAiB,EAAE,GAAG,OAAO,CAAC;QAEhD,2DAA2D;QAC3D,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YAC1C,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,sDAAsD;QACtD,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAC;YACxC,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY;gBAAE,SAAS;YAExC,MAAM,YAAY,GAChB,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,gBAAgB;gBACtC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC;YAEnD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAChC,QAAQ,EACR,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,EAC9B,mEAAmE,EACnE;oBACE;wBACE,IAAI,EAAE,WAAW;wBACjB,KAAK,EAAE,uCAAuC;wBAC9C,UAAU,EAAE,GAAG;qBAChB;iBACF,EACD,GAAG,CACJ,CAAC;gBAEF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBACvB,MAAM,CAAC,gCAAgC;YACzC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF;AAtDD,4DAsDC;AAED,6BAA6B;AAChB,QAAA,cAAc,GAAG;IAC5B,IAAI,yBAAyB,EAAE;IAC/B,IAAI,yBAAyB,EAAE;IAC/B,IAAI,wBAAwB,EAAE;CAC/B,CAAC"}

package/dist/rules/filesystem.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Filesystem Rules (FS)
+ * Rules for detecting filesystem access risks
+ */
+import { Finding } from '../ir/types';
+import { BaseRule } from './base';
+import { RuleContext } from './types';
+/**
+ * FS-001: Unscoped Write Access
+ * Agent writes to filesystem without a restricted path scope
+ */
+export declare class UnscopedWriteAccessRule extends BaseRule {
+    constructor();
+    evaluate(context: RuleContext): Finding[];
+    private isUnscopedPath;
+}
+/**
+ * FS-002: Sensitive Path Write
+ * Writes to known sensitive locations
+ */
+export declare class SensitivePathWriteRule extends BaseRule {
+    constructor();
+    evaluate(context: RuleContext): Finding[];
+    private isSensitivePath;
+}
+/**
+ * FS-003: Cross-Boundary Write
+ * Agent writes outside declared project scope
+ */
+export declare class CrossBoundaryWriteRule extends BaseRule {
+    constructor();
+    evaluate(context: RuleContext): Finding[];
+    private isCrossBoundaryPath;
+}
+export declare const filesystemRules: (UnscopedWriteAccessRule | SensitivePathWriteRule | CrossBoundaryWriteRule)[];
+//# sourceMappingURL=filesystem.d.ts.map

package/dist/rules/filesystem.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"filesystem.d.ts","sourceRoot":"","sources":["../../src/rules/filesystem.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAClC,OAAO,EAAE,WAAW,EAAkB,MAAM,SAAS,CAAC;AAuBtD;;;GAGG;AACH,qBAAa,uBAAwB,SAAQ,QAAQ;;IAenD,QAAQ,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,EAAE;IA0DzC,OAAO,CAAC,cAAc;CAiBvB;AAED;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,QAAQ;;IAelD,QAAQ,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,EAAE;IAoEzC,OAAO,CAAC,eAAe;CAMxB;AAED;;;GAGG;AACH,qBAAa,sBAAuB,SAAQ,QAAQ;;IAelD,QAAQ,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,EAAE;IAoCzC,OAAO,CAAC,mBAAmB;CAU5B;AAGD,eAAO,MAAM,eAAe,+EAI3B,CAAC"}