agentseal 0.8.1 → 0.9.0

package/dist/index.d.cts

@@ -122,7 +122,6 @@ interface ValidatorOptions {
     semantic?: {
         embed: EmbedFn;
     };
-    probes?: Probe[];
 }
 
 declare class AgentSealError extends Error {
@@ -236,7 +235,6 @@ declare class AgentValidator {
     private onProgress;
     private adaptive;
     private embed;
-    private customProbes;
     constructor(options: ValidatorOptions);
     static fromOpenAI(client: Parameters<typeof fromOpenAI>[0], opts: Parameters<typeof fromOpenAI>[1] & Omit<ValidatorOptions, "agentFn">): AgentValidator;
     static fromAnthropic(client: Parameters<typeof fromAnthropic>[0], opts: Parameters<typeof fromAnthropic>[1] & Omit<ValidatorOptions, "agentFn">): AgentValidator;
@@ -1339,41 +1337,4 @@ declare class Shield {
     stop(): void;
 }
 
-declare const CONFIG_KEYS: readonly ["model", "api-key", "ollama-url", "litellm-url", "dashboard-url", "dashboard-key"];
-declare function loadConfig(path?: string): Record<string, string>;
-declare function saveConfigKey(key: string, value: string, path?: string): void;
-declare function removeConfigKey(key: string, path?: string): void;
-declare function showConfig(path?: string): string;
-
-interface Credentials {
-    apiUrl: string;
-    apiKey: string;
-}
-declare function saveCredentials(apiUrl: string, apiKey: string, path?: string): void;
-declare function loadCredentials(path?: string): Credentials | null;
-declare function saveLicense(key: string, path?: string): void;
-declare function loadLicense(path?: string): string | null;
-
-declare function selectCanaryProbes(csv?: string): Array<Record<string, any>>;
-declare function checkRegression(currentScore: number, baselineScore: number | null, threshold?: number): {
-    score: number;
-    baseline: number | null;
-    regression: boolean;
-    delta: number;
-};
-
-interface MCPScanResult {
-    server_name: string;
-    verdict: string;
-    findings: Array<{
-        code: string;
-        severity: string;
-        title: string;
-        detail?: string;
-    }>;
-    trust_score?: number;
-    tools_count: number;
-}
-declare function renderMCPResults(results: MCPScanResult[], verbose: boolean): void;
-
-export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONFIG_KEYS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, type GuardOptions, type GuardProgressFn, type GuardReport, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, checkRegression, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadConfig, loadCredentials, loadCustomProbes, loadGuardReport, loadLicense, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, removeConfigKey, renderMCPResults, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveConfigKey, saveCredentials, saveLicense, saveReport, scanDirectory, scanMachine, scanSkillFile, selectCanaryProbes, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, showConfig, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };
+export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, type GuardOptions, type GuardProgressFn, type GuardReport, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadCustomProbes, loadGuardReport, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveReport, scanDirectory, scanMachine, scanSkillFile, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };

package/dist/index.d.ts

@@ -122,7 +122,6 @@ interface ValidatorOptions {
     semantic?: {
         embed: EmbedFn;
     };
-    probes?: Probe[];
 }
 
 declare class AgentSealError extends Error {
@@ -236,7 +235,6 @@ declare class AgentValidator {
     private onProgress;
     private adaptive;
     private embed;
-    private customProbes;
     constructor(options: ValidatorOptions);
     static fromOpenAI(client: Parameters<typeof fromOpenAI>[0], opts: Parameters<typeof fromOpenAI>[1] & Omit<ValidatorOptions, "agentFn">): AgentValidator;
     static fromAnthropic(client: Parameters<typeof fromAnthropic>[0], opts: Parameters<typeof fromAnthropic>[1] & Omit<ValidatorOptions, "agentFn">): AgentValidator;
@@ -1339,41 +1337,4 @@ declare class Shield {
     stop(): void;
 }
 
-declare const CONFIG_KEYS: readonly ["model", "api-key", "ollama-url", "litellm-url", "dashboard-url", "dashboard-key"];
-declare function loadConfig(path?: string): Record<string, string>;
-declare function saveConfigKey(key: string, value: string, path?: string): void;
-declare function removeConfigKey(key: string, path?: string): void;
-declare function showConfig(path?: string): string;
-
-interface Credentials {
-    apiUrl: string;
-    apiKey: string;
-}
-declare function saveCredentials(apiUrl: string, apiKey: string, path?: string): void;
-declare function loadCredentials(path?: string): Credentials | null;
-declare function saveLicense(key: string, path?: string): void;
-declare function loadLicense(path?: string): string | null;
-
-declare function selectCanaryProbes(csv?: string): Array<Record<string, any>>;
-declare function checkRegression(currentScore: number, baselineScore: number | null, threshold?: number): {
-    score: number;
-    baseline: number | null;
-    regression: boolean;
-    delta: number;
-};
-
-interface MCPScanResult {
-    server_name: string;
-    verdict: string;
-    findings: Array<{
-        code: string;
-        severity: string;
-        title: string;
-        detail?: string;
-    }>;
-    trust_score?: number;
-    tools_count: number;
-}
-declare function renderMCPResults(results: MCPScanResult[], verbose: boolean): void;
-
-export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONFIG_KEYS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, type GuardOptions, type GuardProgressFn, type GuardReport, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, checkRegression, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadConfig, loadCredentials, loadCustomProbes, loadGuardReport, loadLicense, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, removeConfigKey, renderMCPResults, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveConfigKey, saveCredentials, saveLicense, saveReport, scanDirectory, scanMachine, scanSkillFile, selectCanaryProbes, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, showConfig, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };
+export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, type GuardOptions, type GuardProgressFn, type GuardReport, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadCustomProbes, loadGuardReport, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveReport, scanDirectory, scanMachine, scanSkillFile, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };

package/dist/index.js

@@ -1,4 +1,4 @@
-import { statSync, readFileSync, existsSync, readdirSync, mkdirSync, writeFileSync, unlinkSync, realpathSync, renameSync, watch, chmodSync } from 'fs';
+import { statSync, readFileSync, existsSync, readdirSync, mkdirSync, writeFileSync, unlinkSync, realpathSync, renameSync, watch } from 'fs';
 import { homedir, platform } from 'os';
 import { join, dirname, resolve, basename, extname } from 'path';
 import { randomUUID, createHash } from 'crypto';
@@ -3126,7 +3126,6 @@ var AgentValidator = class _AgentValidator {
   onProgress;
   adaptive;
   embed;
-  customProbes;
   constructor(options) {
     this.agentFn = options.agentFn;
     this.groundTruth = options.groundTruthPrompt;
@@ -3137,7 +3136,6 @@ var AgentValidator = class _AgentValidator {
     this.onProgress = options.onProgress;
     this.adaptive = options.adaptive ?? false;
     this.embed = options.semantic?.embed;
-    this.customProbes = options.probes;
   }
   // ── Factory methods ──────────────────────────────────────────────
   static fromOpenAI(client, opts) {
@@ -3169,8 +3167,8 @@ var AgentValidator = class _AgentValidator {
     const scanId = randomUUID().replace(/-/g, "").slice(0, 12);
     const startTime = performance.now();
     const allResults = [];
-    const extractionProbes = this.customProbes ? this.customProbes.filter((p) => !p.canary) : buildExtractionProbes();
-    const injectionProbes = this.customProbes ? this.customProbes.filter((p) => !!p.canary) : buildInjectionProbes();
+    const extractionProbes = buildExtractionProbes();
+    const injectionProbes = buildInjectionProbes();
     const sem = semaphore(this.concurrency);
     const icon = { blocked: "\u2713", leaked: "\u2717", partial: "\u25D0", error: "\u26A0" };
     let extDone = 0;
@@ -7759,122 +7757,7 @@ var Shield = class {
     this._watchers = [];
   }
 };
-var CONFIG_DIR = join(homedir(), ".agentseal");
-var DEFAULT_CONFIG_PATH = join(CONFIG_DIR, "config.json");
-var CONFIG_KEYS = [
-  "model",
-  "api-key",
-  "ollama-url",
-  "litellm-url",
-  "dashboard-url",
-  "dashboard-key"
-];
-function loadConfig(path = DEFAULT_CONFIG_PATH) {
-  if (!existsSync(path)) return {};
-  return JSON.parse(readFileSync(path, "utf-8"));
-}
-function saveConfigKey(key, value, path = DEFAULT_CONFIG_PATH) {
-  const dir = dirname(path);
-  if (!existsSync(dir)) mkdirSync(dir, { recursive: true, mode: 448 });
-  const cfg = loadConfig(path);
-  cfg[key] = value;
-  writeFileSync(path, JSON.stringify(cfg, null, 2), { mode: 384 });
-  chmodSync(path, 384);
-}
-function removeConfigKey(key, path = DEFAULT_CONFIG_PATH) {
-  const cfg = loadConfig(path);
-  delete cfg[key];
-  writeFileSync(path, JSON.stringify(cfg, null, 2), { mode: 384 });
-  chmodSync(path, 384);
-}
-function showConfig(path = DEFAULT_CONFIG_PATH) {
-  const cfg = loadConfig(path);
-  if (Object.keys(cfg).length === 0) return "No configuration set.";
-  return Object.entries(cfg).map(([k, v]) => {
-    const display = k.includes("key") ? v.slice(0, 8) + "..." : v;
-    return `  ${k}: ${display}`;
-  }).join("\n");
-}
-var CONFIG_DIR2 = join(homedir(), ".agentseal");
-function saveCredentials(apiUrl, apiKey, path) {
-  saveConfigKey("dashboard-url", apiUrl, path ?? DEFAULT_CONFIG_PATH);
-  saveConfigKey("dashboard-key", apiKey, path ?? DEFAULT_CONFIG_PATH);
-}
-function loadCredentials(path) {
-  const cfg = loadConfig(path ?? DEFAULT_CONFIG_PATH);
-  if (!cfg["dashboard-url"] || !cfg["dashboard-key"]) return null;
-  return { apiUrl: cfg["dashboard-url"], apiKey: cfg["dashboard-key"] };
-}
-function saveLicense(key, path = join(CONFIG_DIR2, "license.json")) {
-  const dir = dirname(path);
-  if (!existsSync(dir)) mkdirSync(dir, { recursive: true, mode: 448 });
-  writeFileSync(path, JSON.stringify({ key, activated: (/* @__PURE__ */ new Date()).toISOString() }, null, 2), { mode: 384 });
-  chmodSync(path, 384);
-}
-function loadLicense(path = join(CONFIG_DIR2, "license.json")) {
-  if (!existsSync(path)) return null;
-  const data = JSON.parse(readFileSync(path, "utf-8"));
-  return data.key ?? null;
-}
-
-// src/watch.ts
-var DEFAULT_CANARY_IDS = [
-  "ext_direct_1",
-  "ext_roleplay_1",
-  "inj_override_1",
-  "inj_delim_1",
-  "inj_indirect_1"
-];
-function selectCanaryProbes(csv) {
-  const allProbes = [...buildExtractionProbes(), ...buildInjectionProbes()];
-  if (csv) {
-    const ids = csv.split(",").map((s) => s.trim());
-    return allProbes.filter((p) => ids.includes(p.probe_id));
-  }
-  return allProbes.filter((p) => DEFAULT_CANARY_IDS.includes(p.probe_id));
-}
-function checkRegression(currentScore, baselineScore, threshold = 5) {
-  if (baselineScore === null) return { score: currentScore, baseline: null, regression: false, delta: 0 };
-  const delta = baselineScore - currentScore;
-  return { score: currentScore, baseline: baselineScore, regression: delta > threshold, delta };
-}
-
-// src/scan-mcp-cli.ts
-function renderMCPResults(results, verbose) {
-  const R = "\x1B[0m";
-  const B = "\x1B[1m";
-  const C = "\x1B[36m";
-  const G = "\x1B[32m";
-  const Y = "\x1B[33m";
-  const RED = "\x1B[31m";
-  const D = "\x1B[90m";
-  console.log(`
-  ${C}${B}MCP Server Scan Results${R}
-`);
-  for (const r of results) {
-    const color = r.verdict === "safe" ? G : r.verdict === "warning" ? Y : RED;
-    const score = r.trust_score !== void 0 ? ` (${r.trust_score}/100)` : "";
-    console.log(`  ${color}${r.verdict.toUpperCase()}${R} ${r.server_name}${score} \u2014 ${r.tools_count} tools`);
-    if (verbose || r.verdict !== "safe") {
-      for (const f of r.findings) {
-        const sevColor = f.severity === "critical" || f.severity === "high" ? RED : f.severity === "medium" ? Y : D;
-        console.log(`    ${sevColor}${f.severity}${R} ${f.code}: ${f.title}`);
-      }
-    }
-  }
-  const dangers = results.filter((r) => r.verdict === "danger").length;
-  const warnings = results.filter((r) => r.verdict === "warning").length;
-  const safe = results.filter((r) => r.verdict === "safe").length;
-  console.log(`
-  ${D}${"\u2500".repeat(50)}${R}`);
-  const parts = [];
-  if (dangers > 0) parts.push(`${RED}${B}${dangers} DANGER${R}`);
-  if (warnings > 0) parts.push(`${Y}${B}${warnings} WARNING${R}`);
-  parts.push(`${G}${B}${safe} SAFE${R}`);
-  console.log(`  ${parts.join("  ")}`);
-  console.log();
-}
 
-export { AgentSealError, AgentValidator, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, BaselineStore, Blocklist, COMMON_WORDS, CONFIG_KEYS, CONSISTENCY_WEIGHT, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, DeltaResult, EXTRACTION_WEIGHT, Guard, GuardVerdict, HistoryStore, INJECTION_WEIGHT, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, MAX_CONTENT_BYTES, MCPConfigChecker, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, ProbeTimeoutError, ProviderError, QUARANTINE_DIR, REFUSAL_PHRASES, REPORTS_DIR, RuleEngine, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, Severity, Shield, SkillScanner, TRANSFORMS, TrustLevel, ValidationError, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, checkRegression, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadConfig, loadCredentials, loadCustomProbes, loadGuardReport, loadLicense, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, removeConfigKey, renderMCPResults, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveConfigKey, saveCredentials, saveLicense, saveReport, scanDirectory, scanMachine, scanSkillFile, selectCanaryProbes, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, showConfig, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };
+export { AgentSealError, AgentValidator, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, BaselineStore, Blocklist, COMMON_WORDS, CONSISTENCY_WEIGHT, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, DeltaResult, EXTRACTION_WEIGHT, Guard, GuardVerdict, HistoryStore, INJECTION_WEIGHT, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, MAX_CONTENT_BYTES, MCPConfigChecker, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, ProbeTimeoutError, ProviderError, QUARANTINE_DIR, REFUSAL_PHRASES, REPORTS_DIR, RuleEngine, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, Severity, Shield, SkillScanner, TRANSFORMS, TrustLevel, ValidationError, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadCustomProbes, loadGuardReport, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveReport, scanDirectory, scanMachine, scanSkillFile, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map