agentscore-mcp 1.0.4 → 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +128 -1
- package/dist/adapters/demo/adapter.d.ts +1 -1
- package/dist/adapters/github/adapter.d.ts +1 -1
- package/dist/adapters/json/adapter.d.ts +1 -1
- package/dist/adapters/moltbook/adapter.d.ts +1 -1
- package/dist/config.d.ts +9 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +48 -0
- package/dist/config.js.map +1 -1
- package/dist/scoring/engine.d.ts.map +1 -1
- package/dist/scoring/engine.js +65 -4
- package/dist/scoring/engine.js.map +1 -1
- package/dist/scoring/types.d.ts +7 -1
- package/dist/scoring/types.d.ts.map +1 -1
- package/dist/security/audit-store.d.ts +34 -0
- package/dist/security/audit-store.d.ts.map +1 -0
- package/dist/security/audit-store.js +50 -0
- package/dist/security/audit-store.js.map +1 -0
- package/dist/security/policy.d.ts +45 -0
- package/dist/security/policy.d.ts.map +1 -0
- package/dist/security/policy.js +144 -0
- package/dist/security/policy.js.map +1 -0
- package/dist/server.js +216 -13
- package/dist/server.js.map +1 -1
- package/dist/tools/agentscore.d.ts.map +1 -1
- package/dist/tools/agentscore.js +38 -2
- package/dist/tools/agentscore.js.map +1 -1
- package/dist/tools/sweep.d.ts.map +1 -1
- package/dist/tools/sweep.js +35 -0
- package/dist/tools/sweep.js.map +1 -1
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/package.json +2 -1
package/README.md
CHANGED
|
@@ -26,6 +26,22 @@
|
|
|
26
26
|
|
|
27
27
|
---
|
|
28
28
|
|
|
29
|
+
> [!TIP]
|
|
30
|
+
> **Compatibility:** AgentScore works with any MCP client that supports local `stdio` servers, including Claude Code/Desktop, Cursor, Codex-compatible clients, and other MCP hosts.
|
|
31
|
+
|
|
32
|
+
## Quick Navigation
|
|
33
|
+
|
|
34
|
+
| Start Here | Go To |
|
|
35
|
+
|:---|:---|
|
|
36
|
+
| Why + who this is for | [`Why This Exists`](#why-this-exists) · [`Goal, Audience, and Limits`](#goal-audience-and-limits) |
|
|
37
|
+
| Install and first run | [`Install in 10 Seconds`](#install-in-10-seconds) · [`Setup`](#setup) |
|
|
38
|
+
| Validate with real/controlled data | [`Production Proof`](#production-proof-2-minute-sanity-check) |
|
|
39
|
+
| Understand scoring model | [`Scoring System`](#scoring-system) |
|
|
40
|
+
| Adapter capabilities | [`Platform Adapters`](#platform-adapters) |
|
|
41
|
+
| Security and trust posture | [`Trust & Transparency`](#trust--transparency) |
|
|
42
|
+
|
|
43
|
+
---
|
|
44
|
+
|
|
29
45
|
## Why This Exists
|
|
30
46
|
|
|
31
47
|
You're about to give AI agents access to customer data, source code, and critical workflows.
|
|
@@ -50,6 +66,20 @@ Built in public from recurring conversations with AI governance teams asking one
|
|
|
50
66
|
- Scores depend on available data quality; sparse data lowers certainty even if a score is produced.
|
|
51
67
|
- Use it with human review, policy controls, and least-privilege access.
|
|
52
68
|
|
|
69
|
+
> [!WARNING]
|
|
70
|
+
> No README or open-source license can guarantee zero legal risk. AgentScore is provided as-is (MIT), without warranty, and is **not legal advice**.
|
|
71
|
+
|
|
72
|
+
---
|
|
73
|
+
|
|
74
|
+
## Pick Your Track
|
|
75
|
+
|
|
76
|
+
| Track | Best For | First Step |
|
|
77
|
+
|:---|:---|:---|
|
|
78
|
+
| `demo` | Fastest product demo with built-in agents | Run the install command and ask for `@NovaMind` |
|
|
79
|
+
| `github` | Live public profile/thread analysis | `export AGENTSCORE_ADAPTER=github` |
|
|
80
|
+
| `json` | Controlled internal evaluations from your own data | `export AGENTSCORE_ADAPTER=json` + set `AGENTSCORE_DATA_PATH` |
|
|
81
|
+
| `moltbook` | Live Moltbook agent analysis | `export AGENTSCORE_ADAPTER=moltbook` + set `MOLTBOOK_API_KEY` |
|
|
82
|
+
|
|
53
83
|
---
|
|
54
84
|
|
|
55
85
|
## Install in 10 Seconds
|
|
@@ -58,6 +88,12 @@ Built in public from recurring conversations with AI governance teams asking one
|
|
|
58
88
|
claude mcp add agentscore -- npx -y agentscore-mcp
|
|
59
89
|
```
|
|
60
90
|
|
|
91
|
+
Optional policy-enforced startup:
|
|
92
|
+
|
|
93
|
+
```bash
|
|
94
|
+
claude mcp add agentscore -- npx -y agentscore-mcp --enforce
|
|
95
|
+
```
|
|
96
|
+
|
|
61
97
|
Then ask Claude:
|
|
62
98
|
|
|
63
99
|
> _"Investigate @NovaMind — can I trust this agent?"_
|
|
@@ -174,7 +210,63 @@ export AGENTSCORE_ADAPTER=json # or github / moltbook
|
|
|
174
210
|
|
|
175
211
|
AgentScore is a standard MCP server over `stdio`. Any MCP client that can launch local `stdio` servers can use it (not only Cursor/Claude).
|
|
176
212
|
|
|
177
|
-
|
|
213
|
+
| Client Type | Supported |
|
|
214
|
+
|:---|:---:|
|
|
215
|
+
| Claude Code | Yes |
|
|
216
|
+
| Claude Desktop | Yes |
|
|
217
|
+
| Cursor | Yes |
|
|
218
|
+
| Codex-compatible MCP clients | Yes |
|
|
219
|
+
| Any MCP host with local `stdio` support | Yes |
|
|
220
|
+
|
|
221
|
+
Public site note: [`ai-agent-score.vercel.app`](https://ai-agent-score.vercel.app) is a separate public trust index/leaderboard experience. MCP output suppresses public report links by default to avoid dead links for private or custom handles.
|
|
222
|
+
|
|
223
|
+
### Centralized Service Mode (Streamable HTTP)
|
|
224
|
+
|
|
225
|
+
Run one shared governance endpoint for multiple clients:
|
|
226
|
+
|
|
227
|
+
```bash
|
|
228
|
+
export AGENTSCORE_TRANSPORT=http
|
|
229
|
+
export AGENTSCORE_ENABLED_TOOLS=agentscore,sweep
|
|
230
|
+
export AGENTSCORE_HTTP_HOST=127.0.0.1
|
|
231
|
+
export AGENTSCORE_HTTP_PORT=8787
|
|
232
|
+
export AGENTSCORE_HTTP_PATH=/mcp
|
|
233
|
+
export AGENTSCORE_ENFORCE=true
|
|
234
|
+
export AGENTSCORE_POLICY_MIN_SCORE=650
|
|
235
|
+
node dist/server.js
|
|
236
|
+
```
|
|
237
|
+
|
|
238
|
+
Service endpoints:
|
|
239
|
+
- MCP: `http://127.0.0.1:8787/mcp`
|
|
240
|
+
- Health: `http://127.0.0.1:8787/healthz`
|
|
241
|
+
- Policy snapshot: `http://127.0.0.1:8787/agentscore/policy`
|
|
242
|
+
- Audit events: `http://127.0.0.1:8787/agentscore/audit`
|
|
243
|
+
|
|
244
|
+
Optionally protect the MCP endpoint itself:
|
|
245
|
+
|
|
246
|
+
```bash
|
|
247
|
+
export AGENTSCORE_HTTP_AUTH_TOKEN=replace-with-strong-token
|
|
248
|
+
```
|
|
249
|
+
|
|
250
|
+
Then send one of:
|
|
251
|
+
- `Authorization: Bearer <token>`
|
|
252
|
+
- `x-agentscore-mcp-token: <token>`
|
|
253
|
+
- `x-agentscore-token: <token>`
|
|
254
|
+
|
|
255
|
+
Optionally protect policy/audit endpoints:
|
|
256
|
+
|
|
257
|
+
```bash
|
|
258
|
+
export AGENTSCORE_AUDIT_TOKEN=replace-with-strong-token
|
|
259
|
+
```
|
|
260
|
+
|
|
261
|
+
Then call with either:
|
|
262
|
+
- `Authorization: Bearer <token>`
|
|
263
|
+
- `x-agentscore-audit-token: <token>`
|
|
264
|
+
|
|
265
|
+
If your MCP client does not support direct remote Streamable HTTP servers, use a local bridge:
|
|
266
|
+
|
|
267
|
+
```bash
|
|
268
|
+
npx -y mcp-remote http://127.0.0.1:8787/mcp
|
|
269
|
+
```
|
|
178
270
|
|
|
179
271
|
### Clean Onboarding (Recommended)
|
|
180
272
|
|
|
@@ -255,6 +347,24 @@ Team/project-scoped example: [`examples/mcp.project.json`](examples/mcp.project.
|
|
|
255
347
|
- If project scope is required, create/update one config file deliberately (do not auto-generate multiple variants).
|
|
256
348
|
- Do not commit `.mcp.json` unless your team explicitly wants repo-scoped MCP defaults.
|
|
257
349
|
|
|
350
|
+
### Policy Gate Mode (Optional)
|
|
351
|
+
|
|
352
|
+
Enable hard blocking (instead of advisory-only scoring):
|
|
353
|
+
|
|
354
|
+
```bash
|
|
355
|
+
export AGENTSCORE_ENFORCE=true
|
|
356
|
+
export AGENTSCORE_POLICY_MIN_SCORE=650
|
|
357
|
+
export AGENTSCORE_POLICY_TRUSTED_ADAPTERS=github,json
|
|
358
|
+
```
|
|
359
|
+
|
|
360
|
+
Or pass `--enforce` at startup to set `AGENTSCORE_ENFORCE=true`.
|
|
361
|
+
|
|
362
|
+
When enforced, AgentScore can return blocked responses (`isError: true`) if policy conditions are violated. Every decision emits a structured audit event to stderr:
|
|
363
|
+
|
|
364
|
+
```text
|
|
365
|
+
[agentscore][audit] {"type":"agentscore_policy_decision",...}
|
|
366
|
+
```
|
|
367
|
+
|
|
258
368
|
---
|
|
259
369
|
|
|
260
370
|
## Scoring System
|
|
@@ -451,6 +561,8 @@ flowchart LR
|
|
|
451
561
|
| Variable | Default | Description |
|
|
452
562
|
|:---|:---:|:---|
|
|
453
563
|
| `AGENTSCORE_ADAPTER` | `demo` | `demo` · `github` · `json` · `moltbook` |
|
|
564
|
+
| `AGENTSCORE_ENABLED_TOOLS` | `agentscore,sweep` | Comma-separated tool allow-list (`agentscore`, `sweep`) |
|
|
565
|
+
| `AGENTSCORE_TRANSPORT` | `stdio` | `stdio` or `http` (Streamable HTTP server mode) |
|
|
454
566
|
| `AGENTSCORE_PUBLIC_MODE` | `false` | If `true`, requires explicit adapter and blocks `demo` |
|
|
455
567
|
| `GITHUB_TOKEN` | — | GitHub PAT (optional, increases rate limit to 5,000/hr) |
|
|
456
568
|
| `MOLTBOOK_API_KEY` | — | Required for Moltbook adapter |
|
|
@@ -458,6 +570,21 @@ flowchart LR
|
|
|
458
570
|
| `AGENTSCORE_CACHE_TTL` | `86400` | Score cache TTL in seconds |
|
|
459
571
|
| `AGENTSCORE_RATE_LIMIT_MS` | `200` | Moltbook adapter request delay (ms) |
|
|
460
572
|
| `AGENTSCORE_SITE_URL` | `https://ai-agent-score.vercel.app` | Base URL for report links in MCP output |
|
|
573
|
+
| `AGENTSCORE_REPORT_URL_MODE` | `none` | Report link policy: `none` (default), `demo-only`, or `always` |
|
|
574
|
+
| `AGENTSCORE_HTTP_HOST` | `127.0.0.1` | Bind host for HTTP transport |
|
|
575
|
+
| `AGENTSCORE_HTTP_PORT` | `8787` | Bind port for HTTP transport |
|
|
576
|
+
| `AGENTSCORE_HTTP_PATH` | `/mcp` | MCP endpoint path for HTTP transport |
|
|
577
|
+
| `AGENTSCORE_HTTP_AUTH_TOKEN` | — | Optional bearer token required for `/mcp` HTTP endpoint |
|
|
578
|
+
| `AGENTSCORE_AUDIT_TOKEN` | — | Optional bearer token required for policy/audit endpoints |
|
|
579
|
+
| `AGENTSCORE_AUDIT_MAX_ENTRIES` | `500` | In-memory cap for retained policy audit events |
|
|
580
|
+
| `AGENTSCORE_ENFORCE` | `false` | If `true`, policy gate can block risky results |
|
|
581
|
+
| `AGENTSCORE_POLICY_MIN_SCORE` | `550` | Minimum allowed score when policy is enforced |
|
|
582
|
+
| `AGENTSCORE_POLICY_BLOCK_RECOMMENDATIONS` | `AVOID` | Comma-separated blocked recommendations (`TRUST`, `CAUTION`, `AVOID`) |
|
|
583
|
+
| `AGENTSCORE_POLICY_BLOCK_THREAT_LEVELS` | `COMPROMISED` | Comma-separated blocked sweep levels (`SUSPICIOUS`, `COMPROMISED`) |
|
|
584
|
+
| `AGENTSCORE_POLICY_BLOCK_FLAGS` | `prompt injection,manipulation keyword,account not claimed` | Comma-separated flag substrings that trigger blocking |
|
|
585
|
+
| `AGENTSCORE_POLICY_TRUSTED_ADAPTERS` | `github,json,moltbook` *(when enforced)* | Comma-separated adapters allowed in enforced mode |
|
|
586
|
+
| `AGENTSCORE_POLICY_FAIL_ON_ERRORS` | `false` | If `true`, any per-handle scoring errors trigger blocking |
|
|
587
|
+
| `AGENTSCORE_AUDIT_LOG` | `auto` (`true` when enforced) | Set `false` to suppress structured policy audit events |
|
|
461
588
|
|
|
462
589
|
Invalid numeric values fall back to defaults. Trailing slashes on URLs are trimmed automatically. `AGENTSCORE_SITE_URL` must be a valid `https://` URL.
|
|
463
590
|
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
import type { AgentPlatformAdapter, AgentProfile, AgentContent } from "../types.js";
|
|
10
10
|
export declare class DemoAdapter implements AgentPlatformAdapter {
|
|
11
11
|
readonly name = "demo";
|
|
12
|
-
readonly version = "1.0.
|
|
12
|
+
readonly version = "1.0.6";
|
|
13
13
|
fetchProfile(handle: string): Promise<AgentProfile | null>;
|
|
14
14
|
fetchContent(handle: string, limit?: number): Promise<AgentContent[]>;
|
|
15
15
|
fetchInteractions(handle: string, limit?: number): Promise<AgentContent[]>;
|
|
@@ -2,7 +2,7 @@ import type { AgentPlatformAdapter, AgentProfile, AgentContent } from "../types.
|
|
|
2
2
|
/** GitHub platform adapter — scores any public GitHub account. */
|
|
3
3
|
export declare class GitHubAdapter implements AgentPlatformAdapter {
|
|
4
4
|
readonly name = "github";
|
|
5
|
-
readonly version = "1.0.
|
|
5
|
+
readonly version = "1.0.6";
|
|
6
6
|
private client;
|
|
7
7
|
constructor();
|
|
8
8
|
fetchProfile(handle: string): Promise<AgentProfile | null>;
|
|
@@ -23,7 +23,7 @@ import type { AgentPlatformAdapter, AgentProfile, AgentContent } from "../types.
|
|
|
23
23
|
*/
|
|
24
24
|
export declare class JSONAdapter implements AgentPlatformAdapter {
|
|
25
25
|
readonly name = "json";
|
|
26
|
-
readonly version = "1.0.
|
|
26
|
+
readonly version = "1.0.6";
|
|
27
27
|
private data;
|
|
28
28
|
private loadData;
|
|
29
29
|
fetchProfile(handle: string): Promise<AgentProfile | null>;
|
|
@@ -2,7 +2,7 @@ import type { AgentPlatformAdapter, AgentProfile, AgentContent } from "../types.
|
|
|
2
2
|
/** Moltbook platform adapter — the default adapter. */
|
|
3
3
|
export declare class MoltbookAdapter implements AgentPlatformAdapter {
|
|
4
4
|
readonly name = "moltbook";
|
|
5
|
-
readonly version = "1.0.
|
|
5
|
+
readonly version = "1.0.6";
|
|
6
6
|
private client;
|
|
7
7
|
constructor();
|
|
8
8
|
fetchProfile(handle: string): Promise<AgentProfile | null>;
|
package/dist/config.d.ts
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
1
|
export interface Config {
|
|
2
2
|
adapter: "demo" | "moltbook" | "json" | "github";
|
|
3
|
+
transport: "stdio" | "http";
|
|
4
|
+
enabledTools: Array<"agentscore" | "sweep">;
|
|
5
|
+
reportUrlMode: "none" | "always" | "demo-only";
|
|
3
6
|
moltbookApiKey: string;
|
|
4
7
|
githubToken: string;
|
|
5
8
|
dataPath: string;
|
|
@@ -7,6 +10,12 @@ export interface Config {
|
|
|
7
10
|
rateLimitMs: number;
|
|
8
11
|
siteUrl: string;
|
|
9
12
|
publicMode: boolean;
|
|
13
|
+
httpHost: string;
|
|
14
|
+
httpPort: number;
|
|
15
|
+
httpPath: string;
|
|
16
|
+
httpAuthToken: string;
|
|
17
|
+
auditToken: string;
|
|
18
|
+
auditMaxEntries: number;
|
|
10
19
|
}
|
|
11
20
|
/** Load and validate configuration from environment variables. */
|
|
12
21
|
export declare function loadConfig(): Config;
|
package/dist/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,MAAM;IACrB,OAAO,EAAE,MAAM,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACjD,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,MAAM;IACrB,OAAO,EAAE,MAAM,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACjD,SAAS,EAAE,OAAO,GAAG,MAAM,CAAC;IAC5B,YAAY,EAAE,KAAK,CAAC,YAAY,GAAG,OAAO,CAAC,CAAC;IAC5C,aAAa,EAAE,MAAM,GAAG,QAAQ,GAAG,WAAW,CAAC;IAC/C,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,OAAO,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;CACzB;AAQD,kEAAkE;AAClE,wBAAgB,UAAU,IAAI,MAAM,CAqInC;AAED,2DAA2D;AAC3D,wBAAgB,SAAS,IAAI,MAAM,CAKlC"}
|
package/dist/config.js
CHANGED
|
@@ -1,11 +1,22 @@
|
|
|
1
1
|
import path from "node:path";
|
|
2
2
|
let _config = null;
|
|
3
3
|
const ADAPTERS = ["demo", "moltbook", "json", "github"];
|
|
4
|
+
const TRANSPORTS = ["stdio", "http"];
|
|
5
|
+
const TOOLS = ["agentscore", "sweep"];
|
|
6
|
+
const REPORT_URL_MODES = ["none", "always", "demo-only"];
|
|
4
7
|
/** Load and validate configuration from environment variables. */
|
|
5
8
|
export function loadConfig() {
|
|
6
9
|
const publicMode = (process.env.AGENTSCORE_PUBLIC_MODE || "").trim().toLowerCase() === "true";
|
|
10
|
+
const rawTransport = (process.env.AGENTSCORE_TRANSPORT || "").trim();
|
|
11
|
+
const resolvedTransport = rawTransport || "stdio";
|
|
12
|
+
if (!TRANSPORTS.includes(resolvedTransport)) {
|
|
13
|
+
throw new Error(`AGENTSCORE_TRANSPORT must be one of: ${TRANSPORTS.join(", ")}. Received: "${resolvedTransport || "<empty>"}".`);
|
|
14
|
+
}
|
|
15
|
+
const transport = resolvedTransport;
|
|
7
16
|
const rawAdapter = (process.env.AGENTSCORE_ADAPTER || "").trim();
|
|
8
17
|
const resolvedAdapter = rawAdapter || "demo";
|
|
18
|
+
const rawReportUrlMode = (process.env.AGENTSCORE_REPORT_URL_MODE || "").trim().toLowerCase();
|
|
19
|
+
const resolvedReportUrlMode = rawReportUrlMode || "none";
|
|
9
20
|
if (publicMode && !rawAdapter) {
|
|
10
21
|
throw new Error(`AGENTSCORE_ADAPTER is required when AGENTSCORE_PUBLIC_MODE=true. Choose one of: ${ADAPTERS.join(", ")}.`);
|
|
11
22
|
}
|
|
@@ -13,6 +24,11 @@ export function loadConfig() {
|
|
|
13
24
|
throw new Error(`AGENTSCORE_ADAPTER must be one of: ${ADAPTERS.join(", ")}. Received: "${resolvedAdapter || "<empty>"}".`);
|
|
14
25
|
}
|
|
15
26
|
const adapter = resolvedAdapter;
|
|
27
|
+
if (!REPORT_URL_MODES.includes(resolvedReportUrlMode)) {
|
|
28
|
+
throw new Error(`AGENTSCORE_REPORT_URL_MODE must be one of: ${REPORT_URL_MODES.join(", ")}. ` +
|
|
29
|
+
`Received: "${resolvedReportUrlMode || "<empty>"}".`);
|
|
30
|
+
}
|
|
31
|
+
const reportUrlMode = resolvedReportUrlMode;
|
|
16
32
|
if (publicMode && adapter === "demo") {
|
|
17
33
|
throw new Error("AGENTSCORE_PUBLIC_MODE=true does not allow AGENTSCORE_ADAPTER=demo. Use json, github, or moltbook.");
|
|
18
34
|
}
|
|
@@ -50,8 +66,34 @@ export function loadConfig() {
|
|
|
50
66
|
}
|
|
51
67
|
const cacheTtl = parseInt(process.env.AGENTSCORE_CACHE_TTL || "86400", 10);
|
|
52
68
|
const rateLimitMs = parseInt(process.env.AGENTSCORE_RATE_LIMIT_MS || "200", 10);
|
|
69
|
+
const httpHost = (process.env.AGENTSCORE_HTTP_HOST || "127.0.0.1").trim() || "127.0.0.1";
|
|
70
|
+
const parsedHttpPort = parseInt(process.env.AGENTSCORE_HTTP_PORT || "8787", 10);
|
|
71
|
+
const httpPort = Number.isNaN(parsedHttpPort) ? 8787 : Math.max(1, Math.min(parsedHttpPort, 65535));
|
|
72
|
+
const rawHttpPath = (process.env.AGENTSCORE_HTTP_PATH || "/mcp").trim() || "/mcp";
|
|
73
|
+
const httpPath = rawHttpPath.startsWith("/") ? rawHttpPath : `/${rawHttpPath}`;
|
|
74
|
+
const parsedAuditMaxEntries = parseInt(process.env.AGENTSCORE_AUDIT_MAX_ENTRIES || "500", 10);
|
|
75
|
+
const auditMaxEntries = Number.isNaN(parsedAuditMaxEntries)
|
|
76
|
+
? 500
|
|
77
|
+
: Math.max(10, Math.min(parsedAuditMaxEntries, 10_000));
|
|
78
|
+
const rawEnabledTools = (process.env.AGENTSCORE_ENABLED_TOOLS || "").trim().toLowerCase();
|
|
79
|
+
let enabledTools = [...TOOLS];
|
|
80
|
+
if (rawEnabledTools) {
|
|
81
|
+
const requestedTools = [...new Set(rawEnabledTools.split(",").map((item) => item.trim()).filter(Boolean))];
|
|
82
|
+
const invalidTools = requestedTools.filter((tool) => !TOOLS.includes(tool));
|
|
83
|
+
if (invalidTools.length > 0) {
|
|
84
|
+
throw new Error(`AGENTSCORE_ENABLED_TOOLS contains invalid tools: ${invalidTools.join(", ")}. ` +
|
|
85
|
+
`Allowed values: ${TOOLS.join(", ")}.`);
|
|
86
|
+
}
|
|
87
|
+
enabledTools = TOOLS.filter((tool) => requestedTools.includes(tool));
|
|
88
|
+
if (enabledTools.length === 0) {
|
|
89
|
+
throw new Error(`AGENTSCORE_ENABLED_TOOLS must include at least one tool: ${TOOLS.join(", ")}.`);
|
|
90
|
+
}
|
|
91
|
+
}
|
|
53
92
|
_config = {
|
|
54
93
|
adapter,
|
|
94
|
+
transport,
|
|
95
|
+
enabledTools,
|
|
96
|
+
reportUrlMode,
|
|
55
97
|
moltbookApiKey: process.env.MOLTBOOK_API_KEY || "",
|
|
56
98
|
githubToken: process.env.GITHUB_TOKEN || "",
|
|
57
99
|
dataPath,
|
|
@@ -59,6 +101,12 @@ export function loadConfig() {
|
|
|
59
101
|
rateLimitMs: Number.isNaN(rateLimitMs) ? 200 : rateLimitMs,
|
|
60
102
|
siteUrl,
|
|
61
103
|
publicMode,
|
|
104
|
+
httpHost,
|
|
105
|
+
httpPort,
|
|
106
|
+
httpPath,
|
|
107
|
+
httpAuthToken: process.env.AGENTSCORE_HTTP_AUTH_TOKEN || "",
|
|
108
|
+
auditToken: process.env.AGENTSCORE_AUDIT_TOKEN || "",
|
|
109
|
+
auditMaxEntries,
|
|
62
110
|
};
|
|
63
111
|
return _config;
|
|
64
112
|
}
|
package/dist/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAsB7B,IAAI,OAAO,GAAkB,IAAI,CAAC;AAClC,MAAM,QAAQ,GAAwB,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;AAC7E,MAAM,UAAU,GAA0B,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AAC5D,MAAM,KAAK,GAA2B,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;AAC9D,MAAM,gBAAgB,GAA8B,CAAC,MAAM,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;AAEpF,kEAAkE;AAClE,MAAM,UAAU,UAAU;IACxB,MAAM,UAAU,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC;IAC9F,MAAM,YAAY,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACrE,MAAM,iBAAiB,GAAG,YAAY,IAAI,OAAO,CAAC;IAClD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,iBAAwC,CAAC,EAAE,CAAC;QACnE,MAAM,IAAI,KAAK,CACb,wCAAwC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,iBAAiB,IAAI,SAAS,IAAI,CAChH,CAAC;IACJ,CAAC;IACD,MAAM,SAAS,GAAG,iBAAwC,CAAC;IAC3D,MAAM,UAAU,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACjE,MAAM,eAAe,GAAG,UAAU,IAAI,MAAM,CAAC;IAC7C,MAAM,gBAAgB,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC7F,MAAM,qBAAqB,GAAG,gBAAgB,IAAI,MAAM,CAAC;IAEzD,IAAI,UAAU,IAAI,CAAC,UAAU,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,mFAAmF,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC1G,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAoC,CAAC,EAAE,CAAC;QAC7D,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,eAAe,IAAI,SAAS,IAAI,CAC1G,CAAC;IACJ,CAAC;IACD,MAAM,OAAO,GAAG,eAAoC,CAAC;IAErD,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,qBAAgD,CAAC,EAAE,CAAC;QACjF,MAAM,IAAI,KAAK,CACb,8CAA8C,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;YAC7E,cAAc,qBAAqB,IAAI,SAAS,IAAI,CACrD,CAAC;IACJ,CAAC;IACD,MAAM,aAAa,GAAG,qBAAgD,CAAC;IAEvE,IAAI,UAAU,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,oGAAoG,CACrG,CAAC;IACJ,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC;IACxD,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,mCAAmC,CAAC;IAE1F,IAAI,QAAQ,EAAE,CAAC;QACb,mEAAmE;QACnE,6EAA6E;QAC7E,4DAA4D;QAC5D,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC5C,IAAI,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,IAAI,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC5C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IACvE,CAAC;IAED,IAAI,OAAO,KAAK,UAAU,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC5D,OAAO,CAAC,KAAK,CACX,sEAAsE;YACtE,iGAAiG,CAClG,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,KAAK,QAAQ,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QACtD,OAAO,CAAC,KAAK,CACX,sEAAsE;YACtE,sCAAsC,CACvC,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,KAAK,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,4FAA4F,CAC7F,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,OAAO,EAAE,EAAE,CAAC,CAAC;IAC3E,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,KAAK,EAAE,EAAE,CAAC,CAAC;IAChF,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,WAAW,CAAC,CAAC,IAAI,EAAE,IAAI,WAAW,CAAC;IACzF,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,MAAM,EAAE,EAAE,CAAC,CAAC;IAChF,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC,CAAC;IACpG,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,MAAM,CAAC,CAAC,IAAI,EAAE,IAAI,MAAM,CAAC;IAClF,MAAM,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC;IAC/E,MAAM,qBAAqB,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,KAAK,EAAE,EAAE,CAAC,CAAC;IAC9F,MAAM,eAAe,GAAG,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC;QACzD,CAAC,CAAC,GAAG;QACL,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC;IAC1D,MAAM,eAAe,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1F,IAAI,YAAY,GAA2B,CAAC,GAAG,KAAK,CAAC,CAAC;IACtD,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,cAAc,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAC3G,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAsC,CAAC,CAAC,CAAC;QAC9G,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CACb,oDAAoD,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;gBAC/E,mBAAmB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACvC,CAAC;QACJ,CAAC;QACD,YAAY,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;QACrE,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,4DAA4D,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnG,CAAC;IACH,CAAC;IAED,OAAO,GAAG;QACR,OAAO;QACP,SAAS;QACT,YAAY;QACZ,aAAa;QACb,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,EAAE;QAClD,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE;QAC3C,QAAQ;QACR,QAAQ,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ;QACnD,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW;QAC1D,OAAO;QACP,UAAU;QACV,QAAQ;QACR,QAAQ;QACR,QAAQ;QACR,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAAI,EAAE;QAC3D,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI,EAAE;QACpD,eAAe;KAChB,CAAC;IAEF,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,2DAA2D;AAC3D,MAAM,UAAU,SAAS;IACvB,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/scoring/engine.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,gBAAgB,EAAiB,gBAAgB,EAAkB,MAAM,YAAY,CAAC;AAsBpG,yEAAyE;AACzE,wBAAgB,UAAU,CACxB,OAAO,EAAE,YAAY,EACrB,OAAO,EAAE,YAAY,EAAE,EACvB,YAAY,EAAE,YAAY,EAAE,EAC5B,UAAU,GAAE,MAAM,GAAG,QAAQ,GAAG,KAAc,GAC7C,gBAAgB,
|
|
1
|
+
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/scoring/engine.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,gBAAgB,EAAiB,gBAAgB,EAAkB,MAAM,YAAY,CAAC;AAsBpG,yEAAyE;AACzE,wBAAgB,UAAU,CACxB,OAAO,EAAE,YAAY,EACrB,OAAO,EAAE,YAAY,EAAE,EACvB,YAAY,EAAE,YAAY,EAAE,EAC5B,UAAU,GAAE,MAAM,GAAG,QAAQ,GAAG,KAAc,GAC7C,gBAAgB,CAuElB;AA6FD,gEAAgE;AAChE,wBAAgB,aAAa,CAAC,OAAO,EAAE,gBAAgB,EAAE,GAAG,gBAAgB,CA+E3E"}
|
package/dist/scoring/engine.js
CHANGED
|
@@ -38,7 +38,25 @@ export function scoreAgent(profile, content, interactions, confidence = "high")
|
|
|
38
38
|
const config = getConfig();
|
|
39
39
|
const badgeColor = tier.color.replace("#", "");
|
|
40
40
|
const badgeLabel = `AgentScore-${score}%2F850-${badgeColor}`;
|
|
41
|
+
const badgeUrl = `https://img.shields.io/badge/${badgeLabel}`;
|
|
42
|
+
const badgeMarkdown = ``;
|
|
41
43
|
const encodedHandle = encodeURIComponent(profile.handle);
|
|
44
|
+
const scoredAt = new Date().toISOString();
|
|
45
|
+
const reportUrl = config.reportUrlMode === "always" ||
|
|
46
|
+
(config.reportUrlMode === "demo-only" && profile.platform === "demo")
|
|
47
|
+
? `${config.siteUrl}/agent/${encodedHandle}`
|
|
48
|
+
: undefined;
|
|
49
|
+
const governanceCardHtml = buildGovernanceCardHtml({
|
|
50
|
+
profile,
|
|
51
|
+
score,
|
|
52
|
+
tier: tier.name,
|
|
53
|
+
recommendation: tier.recommendation,
|
|
54
|
+
confidence,
|
|
55
|
+
categories,
|
|
56
|
+
flags,
|
|
57
|
+
scoredAt,
|
|
58
|
+
badgeUrl,
|
|
59
|
+
});
|
|
42
60
|
return {
|
|
43
61
|
handle: profile.handle,
|
|
44
62
|
displayName: profile.displayName,
|
|
@@ -51,14 +69,57 @@ export function scoreAgent(profile, content, interactions, confidence = "high")
|
|
|
51
69
|
briefing,
|
|
52
70
|
flags,
|
|
53
71
|
badge: {
|
|
54
|
-
|
|
72
|
+
url: badgeUrl,
|
|
73
|
+
markdown: badgeMarkdown,
|
|
74
|
+
shields: badgeMarkdown,
|
|
55
75
|
text: `AgentScore: ${score}/850 (${tier.name})`,
|
|
56
76
|
},
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
77
|
+
artifacts: {
|
|
78
|
+
governanceCardHtml,
|
|
79
|
+
},
|
|
80
|
+
scoredAt,
|
|
81
|
+
reportUrl,
|
|
60
82
|
};
|
|
61
83
|
}
|
|
84
|
+
function escapeHtml(value) {
|
|
85
|
+
return value
|
|
86
|
+
.replaceAll("&", "&")
|
|
87
|
+
.replaceAll("<", "<")
|
|
88
|
+
.replaceAll(">", ">")
|
|
89
|
+
.replaceAll('"', """)
|
|
90
|
+
.replaceAll("'", "'");
|
|
91
|
+
}
|
|
92
|
+
function buildGovernanceCardHtml(input) {
|
|
93
|
+
const rows = input.categories
|
|
94
|
+
.map((c) => `<tr><td style="padding:6px 8px;border-bottom:1px solid #e5e7eb;">${escapeHtml(c.name)}</td>` +
|
|
95
|
+
`<td style="padding:6px 8px;border-bottom:1px solid #e5e7eb;text-align:right;">${c.score}/100</td>` +
|
|
96
|
+
`<td style="padding:6px 8px;border-bottom:1px solid #e5e7eb;text-align:right;">${c.weight}%</td>` +
|
|
97
|
+
`<td style="padding:6px 8px;border-bottom:1px solid #e5e7eb;">${escapeHtml(c.topSignal)}</td></tr>`)
|
|
98
|
+
.join("");
|
|
99
|
+
const flags = input.flags.length > 0
|
|
100
|
+
? escapeHtml(input.flags.join("; "))
|
|
101
|
+
: "None";
|
|
102
|
+
return (`<section style="font-family:ui-sans-serif,system-ui,-apple-system,'Segoe UI',Roboto,sans-serif;max-width:860px;` +
|
|
103
|
+
`border:1px solid #d1d5db;border-radius:14px;padding:16px;background:#ffffff;color:#111827;">` +
|
|
104
|
+
`<div style="display:flex;justify-content:space-between;align-items:flex-start;gap:12px;flex-wrap:wrap;">` +
|
|
105
|
+
`<div><h2 style="margin:0 0 4px 0;font-size:20px;">Agent Trust Card</h2>` +
|
|
106
|
+
`<div style="font-size:14px;color:#4b5563;">@${escapeHtml(input.profile.handle)} | ${escapeHtml(input.profile.displayName)}</div></div>` +
|
|
107
|
+
`<img alt="AgentScore badge" src="${escapeHtml(input.badgeUrl)}" style="height:28px;" /></div>` +
|
|
108
|
+
`<p style="margin:12px 0 10px 0;font-size:14px;">` +
|
|
109
|
+
`<strong>Score:</strong> ${input.score}/850 (${escapeHtml(input.tier)}) | ` +
|
|
110
|
+
`<strong>Recommendation:</strong> ${escapeHtml(input.recommendation)} | ` +
|
|
111
|
+
`<strong>Confidence:</strong> ${escapeHtml(input.confidence)}</p>` +
|
|
112
|
+
`<table style="width:100%;border-collapse:collapse;font-size:13px;">` +
|
|
113
|
+
`<thead><tr>` +
|
|
114
|
+
`<th style="text-align:left;padding:6px 8px;border-bottom:2px solid #d1d5db;">Dimension</th>` +
|
|
115
|
+
`<th style="text-align:right;padding:6px 8px;border-bottom:2px solid #d1d5db;">Score</th>` +
|
|
116
|
+
`<th style="text-align:right;padding:6px 8px;border-bottom:2px solid #d1d5db;">Weight</th>` +
|
|
117
|
+
`<th style="text-align:left;padding:6px 8px;border-bottom:2px solid #d1d5db;">Top Signal</th>` +
|
|
118
|
+
`</tr></thead><tbody>${rows}</tbody></table>` +
|
|
119
|
+
`<p style="margin:10px 0 0 0;font-size:13px;"><strong>Flags:</strong> ${flags}</p>` +
|
|
120
|
+
`<p style="margin:6px 0 0 0;font-size:12px;color:#6b7280;">Scored at ${escapeHtml(input.scoredAt)}.</p>` +
|
|
121
|
+
`</section>`);
|
|
122
|
+
}
|
|
62
123
|
function collectFlags(categories, ctx) {
|
|
63
124
|
const flags = [];
|
|
64
125
|
// Pull flags from risk signals (it embeds them in topSignal)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../src/scoring/engine.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,0BAA0B,EAAE,MAAM,wCAAwC,CAAC;AACpF,OAAO,EAAE,uBAAuB,EAAE,MAAM,qCAAqC,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,sBAAsB,EAAE,MAAM,oCAAoC,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAIzC,MAAM,OAAO,GAAqB;IAChC,mBAAmB;IACnB,0BAA0B;IAC1B,uBAAuB;IACvB,gBAAgB;IAChB,kBAAkB;IAClB,sBAAsB;CACvB,CAAC;AAEF,yEAAyE;AACzE,MAAM,UAAU,UAAU,CACxB,OAAqB,EACrB,OAAuB,EACvB,YAA4B,EAC5B,aAAwC,MAAM;IAE9C,MAAM,GAAG,GAAmB;QAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,OAAO;QACP,OAAO;QACP,YAAY;KACb,CAAC;IAEF,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAExD,mBAAmB;IACnB,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC3E,MAAM,eAAe,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAExE,8CAA8C;IAC9C,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,eAAe,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACrD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;IAEjE,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,YAAY,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,gBAAgB,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;IAErF,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC/C,MAAM,UAAU,GAAG,cAAc,KAAK,UAAU,UAAU,EAAE,CAAC;IAC7D,MAAM,aAAa,GAAG,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../src/scoring/engine.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AACrC,OAAO,EAAE,mBAAmB,EAAE,MAAM,iCAAiC,CAAC;AACtE,OAAO,EAAE,0BAA0B,EAAE,MAAM,wCAAwC,CAAC;AACpF,OAAO,EAAE,uBAAuB,EAAE,MAAM,qCAAqC,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,sBAAsB,EAAE,MAAM,oCAAoC,CAAC;AAC5E,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAIzC,MAAM,OAAO,GAAqB;IAChC,mBAAmB;IACnB,0BAA0B;IAC1B,uBAAuB;IACvB,gBAAgB;IAChB,kBAAkB;IAClB,sBAAsB;CACvB,CAAC;AAEF,yEAAyE;AACzE,MAAM,UAAU,UAAU,CACxB,OAAqB,EACrB,OAAuB,EACvB,YAA4B,EAC5B,aAAwC,MAAM;IAE9C,MAAM,GAAG,GAAmB;QAC1B,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,OAAO;QACP,OAAO;QACP,YAAY;KACb,CAAC;IAEF,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAExD,mBAAmB;IACnB,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC3E,MAAM,eAAe,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAExE,8CAA8C;IAC9C,MAAM,QAAQ,GAAG,GAAG,GAAG,CAAC,eAAe,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC;IACrD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC;IAEjE,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAC5B,MAAM,KAAK,GAAG,YAAY,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,gBAAgB,CAAC,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;IAErF,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IAC/C,MAAM,UAAU,GAAG,cAAc,KAAK,UAAU,UAAU,EAAE,CAAC;IAC7D,MAAM,QAAQ,GAAG,gCAAgC,UAAU,EAAE,CAAC;IAC9D,MAAM,aAAa,GAAG,iBAAiB,QAAQ,GAAG,CAAC;IACnD,MAAM,aAAa,GAAG,kBAAkB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1C,MAAM,SAAS,GACb,MAAM,CAAC,aAAa,KAAK,QAAQ;QACjC,CAAC,MAAM,CAAC,aAAa,KAAK,WAAW,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM,CAAC;QACnE,CAAC,CAAC,GAAG,MAAM,CAAC,OAAO,UAAU,aAAa,EAAE;QAC5C,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,kBAAkB,GAAG,uBAAuB,CAAC;QACjD,OAAO;QACP,KAAK;QACL,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,UAAU;QACV,UAAU;QACV,KAAK;QACL,QAAQ;QACR,QAAQ;KACT,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,KAAK;QACL,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,UAAU;QACV,UAAU;QACV,QAAQ;QACR,KAAK;QACL,KAAK,EAAE;YACL,GAAG,EAAE,QAAQ;YACb,QAAQ,EAAE,aAAa;YACvB,OAAO,EAAE,aAAa;YACtB,IAAI,EAAE,eAAe,KAAK,SAAS,IAAI,CAAC,IAAI,GAAG;SAChD;QACD,SAAS,EAAE;YACT,kBAAkB;SACnB;QACD,QAAQ;QACR,SAAS;KACV,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,OAAO,KAAK;SACT,UAAU,CAAC,GAAG,EAAE,OAAO,CAAC;SACxB,UAAU,CAAC,GAAG,EAAE,MAAM,CAAC;SACvB,UAAU,CAAC,GAAG,EAAE,MAAM,CAAC;SACvB,UAAU,CAAC,GAAG,EAAE,QAAQ,CAAC;SACzB,UAAU,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,uBAAuB,CAAC,KAUhC;IACC,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU;SAC1B,GAAG,CACF,CAAC,CAAC,EAAE,EAAE,CACJ,oEAAoE,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO;QAC7F,iFAAiF,CAAC,CAAC,KAAK,WAAW;QACnG,iFAAiF,CAAC,CAAC,MAAM,QAAQ;QACjG,gEAAgE,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,YAAY,CACtG;SACA,IAAI,CAAC,EAAE,CAAC,CAAC;IACZ,MAAM,KAAK,GACT,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC;QACpB,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpC,CAAC,CAAC,MAAM,CAAC;IAEb,OAAO,CACL,iHAAiH;QACjH,8FAA8F;QAC9F,0GAA0G;QAC1G,yEAAyE;QACzE,+CAA+C,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,cAAc;QACxI,oCAAoC,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,iCAAiC;QAC/F,kDAAkD;QAClD,2BAA2B,KAAK,CAAC,KAAK,SAAS,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM;QAC3E,oCAAoC,UAAU,CAAC,KAAK,CAAC,cAAc,CAAC,KAAK;QACzE,gCAAgC,UAAU,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM;QAClE,qEAAqE;QACrE,aAAa;QACb,6FAA6F;QAC7F,0FAA0F;QAC1F,2FAA2F;QAC3F,8FAA8F;QAC9F,uBAAuB,IAAI,kBAAkB;QAC7C,wEAAwE,KAAK,MAAM;QACnF,uEAAuE,UAAU,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO;QACxG,YAAY,CACb,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,UAA2B,EAAE,GAAmB;IACpE,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,6DAA6D;IAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC;IAC/D,IAAI,IAAI,IAAI,IAAI,CAAC,KAAK,GAAG,EAAE,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7B,CAAC;IAED,mBAAmB;IACnB,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IAClD,CAAC;IAED,cAAc;IACd,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;IAC9D,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAClC,KAAK,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IAClD,CAAC;SAAM,CAAC;QACN,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC;QAC5C,IAAI,UAAU,IAAI,CAAC,IAAI,UAAU,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;YAC5D,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,YAAY;IACZ,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACzB,KAAK,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IACxD,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,aAAa,CAAC,OAA2B;IACvD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,eAAe,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IAC9C,CAAC;IAED,MAAM,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/D,MAAM,eAAe,GAA2B,EAAE,CAAC;IAEnD,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;QACpC,IAAI,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QACnC,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;YACzD,IAAI,GAAG,IAAI,GAAG,CAAC,KAAK,GAAG,SAAS,EAAE,CAAC;gBACjC,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC;gBACtB,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;YACxB,CAAC;QACH,CAAC;QACD,eAAe,CAAC,OAAO,CAAC,GAAG,UAAU,CAAC;IACxC,CAAC;IAED,gBAAgB;IAChB,MAAM,MAAM,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAC9D,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAExC,MAAM,SAAS,GAA2B,EAAE,CAAC;IAC7C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;QACpD,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3E,MAAM,kBAAkB,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC;IAElF,IAAI,OAAe,CAAC;IACpB,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxB,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;YACtC,OAAO,GAAG,IAAI,IAAI,CAAC,MAAM,WAAW,KAAK,CAAC,MAAM,OAAO,IAAI,YAAY,IAAI,CAAC,KAAK,OAAO,KAAK,CAAC,KAAK,IAAI,CAAC;YACxG,OAAO,IAAI,kCAAkC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,aAAa,IAAI,CAAC,MAAM,eAAe,IAAI,CAAC,KAAK,OAAO,CAAC;YACtF,OAAO,IAAI,kCAAkC,CAAC;YAC9C,OAAO,IAAI,KAAK,KAAK,CAAC,MAAM,cAAc,KAAK,CAAC,KAAK,OAAO,CAAC;QAC/D,CAAC;QACD,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,CAAC;IACtC,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;QACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC;QACxE,MAAM,SAAS,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC;QAE1E,OAAO,GAAG,IAAI,IAAI,CAAC,MAAM,iBAAiB,KAAK,CAAC,MAAM,OAAO,SAAS,CAAC,CAAC,CAAC,kBAAkB,CAAC;QAC5F,IAAI,IAAI,GAAG,GAAG,EAAE,CAAC;YACf,OAAO,IAAI,sBAAsB,IAAI,gBAAgB,IAAI,CAAC,KAAK,OAAO,KAAK,CAAC,KAAK,IAAI,CAAC;QACxF,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,KAAK,IAAI,CAAC,KAAK,OAAO,KAAK,CAAC,KAAK,IAAI,CAAC;QACnD,CAAC;QAED,IAAI,QAAQ,IAAI,SAAS,IAAI,SAAS,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;YAC9D,OAAO,IAAI,cAAc,KAAK,CAAC,MAAM,8BAA8B,SAAS,CAAC,KAAK,OAAO,QAAQ,CAAC,KAAK,IAAI,CAAC;YAC5G,OAAO,IAAI,mDAAmD,KAAK,CAAC,MAAM,oBAAoB,CAAC;QACjG,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,KAAK,IAAI,CAAC,MAAM,2CAA2C,CAAC;QACzE,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,MAAM,MAAM,CAAC,MAAM,aAAa,IAAI,CAAC,MAAM,eAAe,IAAI,CAAC,KAAK,OAAO,CAAC;QACtF,OAAO,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,cAAc,SAAS,CAAC,CAAC,CAAC,mBAAmB,CAAC;QAC1E,OAAO,IAAI,KAAK,KAAK,CAAC,MAAM,cAAc,KAAK,CAAC,KAAK,OAAO,CAAC;QAE7D,IAAI,IAAI,CAAC,cAAc,KAAK,OAAO,EAAE,CAAC;YACpC,OAAO,IAAI,eAAe,IAAI,CAAC,MAAM,0BAA0B,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,qEAAqE,CAAC;QACnF,CAAC;IACH,CAAC;IAED,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,CAAC;AACtC,CAAC"}
|
package/dist/scoring/types.d.ts
CHANGED
|
@@ -16,11 +16,17 @@ export interface AgentScoreResult {
|
|
|
16
16
|
briefing: string;
|
|
17
17
|
flags: string[];
|
|
18
18
|
badge: {
|
|
19
|
+
url: string;
|
|
20
|
+
markdown: string;
|
|
21
|
+
/** @deprecated Use badge.markdown. Kept for backwards compatibility. */
|
|
19
22
|
shields: string;
|
|
20
23
|
text: string;
|
|
21
24
|
};
|
|
25
|
+
artifacts: {
|
|
26
|
+
governanceCardHtml: string;
|
|
27
|
+
};
|
|
22
28
|
scoredAt: string;
|
|
23
|
-
reportUrl
|
|
29
|
+
reportUrl?: string;
|
|
24
30
|
}
|
|
25
31
|
export interface ComparisonResult {
|
|
26
32
|
categoryWinners: Record<string, string>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/scoring/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,IAAI,CAAC;IACX,cAAc,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,KAAK,EAAE;QACL,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/scoring/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,IAAI,CAAC;IACX,cAAc,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,UAAU,CAAC;IACvB,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,KAAK,EAAE;QACL,GAAG,EAAE,MAAM,CAAC;QACZ,QAAQ,EAAE,MAAM,CAAC;QACjB,wEAAwE;QACxE,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,SAAS,EAAE;QACT,kBAAkB,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,IAAI,GAAG,WAAW,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAC;AACvE,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,SAAS,GAAG,OAAO,CAAC;AAC3D,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEnD,MAAM,WAAW,cAAc;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,OAAO,sBAAsB,EAAE,YAAY,CAAC;IACrD,OAAO,EAAE,OAAO,sBAAsB,EAAE,YAAY,EAAE,CAAC;IACvD,YAAY,EAAE,OAAO,sBAAsB,EAAE,YAAY,EAAE,CAAC;CAC7D"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
export interface PolicyAuditEvent {
|
|
2
|
+
ts: string;
|
|
3
|
+
type: "agentscore_policy_decision";
|
|
4
|
+
tool: "agentscore" | "sweep";
|
|
5
|
+
enforced: boolean;
|
|
6
|
+
blocked: boolean;
|
|
7
|
+
reasons: string[];
|
|
8
|
+
policy: {
|
|
9
|
+
minScore: number;
|
|
10
|
+
blockedRecommendations: Array<"TRUST" | "CAUTION" | "AVOID">;
|
|
11
|
+
blockedThreatLevels: Array<"SUSPICIOUS" | "COMPROMISED">;
|
|
12
|
+
blockedFlagPatterns: string[];
|
|
13
|
+
trustedAdapters: string[];
|
|
14
|
+
failOnErrors: boolean;
|
|
15
|
+
};
|
|
16
|
+
metadata: Record<string, unknown>;
|
|
17
|
+
}
|
|
18
|
+
export declare function setAuditStoreMaxEntries(value: number): void;
|
|
19
|
+
export declare function appendPolicyAuditEvent(event: PolicyAuditEvent): void;
|
|
20
|
+
export declare function listPolicyAuditEvents(options?: {
|
|
21
|
+
limit?: number;
|
|
22
|
+
tool?: "agentscore" | "sweep";
|
|
23
|
+
blocked?: boolean;
|
|
24
|
+
}): PolicyAuditEvent[];
|
|
25
|
+
export declare function getPolicyAuditStats(): {
|
|
26
|
+
total: number;
|
|
27
|
+
blocked: number;
|
|
28
|
+
allowed: number;
|
|
29
|
+
byTool: {
|
|
30
|
+
agentscore: number;
|
|
31
|
+
sweep: number;
|
|
32
|
+
};
|
|
33
|
+
};
|
|
34
|
+
//# sourceMappingURL=audit-store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"audit-store.d.ts","sourceRoot":"","sources":["../../src/security/audit-store.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,4BAA4B,CAAC;IACnC,IAAI,EAAE,YAAY,GAAG,OAAO,CAAC;IAC7B,QAAQ,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE;QACN,QAAQ,EAAE,MAAM,CAAC;QACjB,sBAAsB,EAAE,KAAK,CAAC,OAAO,GAAG,SAAS,GAAG,OAAO,CAAC,CAAC;QAC7D,mBAAmB,EAAE,KAAK,CAAC,YAAY,GAAG,aAAa,CAAC,CAAC;QACzD,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,YAAY,EAAE,OAAO,CAAC;KACvB,CAAC;IACF,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAKD,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAM3D;AAED,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,gBAAgB,GAAG,IAAI,CAKpE;AAED,wBAAgB,qBAAqB,CAAC,OAAO,CAAC,EAAE;IAC9C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC;IAC9B,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,GAAG,gBAAgB,EAAE,CAQrB;AAED,wBAAgB,mBAAmB,IAAI;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE;QACN,UAAU,EAAE,MAAM,CAAC;QACnB,KAAK,EAAE,MAAM,CAAC;KACf,CAAC;CACH,CAkBA"}
|
|
@@ -0,0 +1,50 @@
|
|
|
1
|
+
const events = [];
|
|
2
|
+
let maxEntries = 500;
|
|
3
|
+
export function setAuditStoreMaxEntries(value) {
|
|
4
|
+
if (!Number.isFinite(value))
|
|
5
|
+
return;
|
|
6
|
+
maxEntries = Math.max(10, Math.min(10_000, Math.trunc(value)));
|
|
7
|
+
if (events.length > maxEntries) {
|
|
8
|
+
events.splice(0, events.length - maxEntries);
|
|
9
|
+
}
|
|
10
|
+
}
|
|
11
|
+
export function appendPolicyAuditEvent(event) {
|
|
12
|
+
events.push(event);
|
|
13
|
+
if (events.length > maxEntries) {
|
|
14
|
+
events.splice(0, events.length - maxEntries);
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
export function listPolicyAuditEvents(options) {
|
|
18
|
+
const limit = options?.limit ? Math.max(1, Math.min(options.limit, 1000)) : 100;
|
|
19
|
+
const filtered = events.filter((event) => {
|
|
20
|
+
if (options?.tool && event.tool !== options.tool)
|
|
21
|
+
return false;
|
|
22
|
+
if (options?.blocked !== undefined && event.blocked !== options.blocked)
|
|
23
|
+
return false;
|
|
24
|
+
return true;
|
|
25
|
+
});
|
|
26
|
+
return filtered.slice(Math.max(0, filtered.length - limit));
|
|
27
|
+
}
|
|
28
|
+
export function getPolicyAuditStats() {
|
|
29
|
+
let blocked = 0;
|
|
30
|
+
let agentscore = 0;
|
|
31
|
+
let sweep = 0;
|
|
32
|
+
for (const event of events) {
|
|
33
|
+
if (event.blocked)
|
|
34
|
+
blocked++;
|
|
35
|
+
if (event.tool === "agentscore")
|
|
36
|
+
agentscore++;
|
|
37
|
+
else
|
|
38
|
+
sweep++;
|
|
39
|
+
}
|
|
40
|
+
return {
|
|
41
|
+
total: events.length,
|
|
42
|
+
blocked,
|
|
43
|
+
allowed: events.length - blocked,
|
|
44
|
+
byTool: {
|
|
45
|
+
agentscore,
|
|
46
|
+
sweep,
|
|
47
|
+
},
|
|
48
|
+
};
|
|
49
|
+
}
|
|
50
|
+
//# sourceMappingURL=audit-store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"audit-store.js","sourceRoot":"","sources":["../../src/security/audit-store.ts"],"names":[],"mappings":"AAkBA,MAAM,MAAM,GAAuB,EAAE,CAAC;AACtC,IAAI,UAAU,GAAG,GAAG,CAAC;AAErB,MAAM,UAAU,uBAAuB,CAAC,KAAa;IACnD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO;IACpC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/D,IAAI,MAAM,CAAC,MAAM,GAAG,UAAU,EAAE,CAAC;QAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAAuB;IAC5D,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACnB,IAAI,MAAM,CAAC,MAAM,GAAG,UAAU,EAAE,CAAC;QAC/B,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,GAAG,UAAU,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAIrC;IACC,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAChF,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QACvC,IAAI,OAAO,EAAE,IAAI,IAAI,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAC/D,IAAI,OAAO,EAAE,OAAO,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,KAAK,OAAO,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QACtF,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,mBAAmB;IASjC,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,KAAK,CAAC,OAAO;YAAE,OAAO,EAAE,CAAC;QAC7B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY;YAAE,UAAU,EAAE,CAAC;;YACzC,KAAK,EAAE,CAAC;IACf,CAAC;IACD,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,MAAM;QACpB,OAAO;QACP,OAAO,EAAE,MAAM,CAAC,MAAM,GAAG,OAAO;QAChC,MAAM,EAAE;YACN,UAAU;YACV,KAAK;SACN;KACF,CAAC;AACJ,CAAC"}
|