agentseal 0.9.0 → 0.9.1

package/dist/index.d.cts

@@ -898,7 +898,7 @@ interface AgentDef {
 declare function getWellKnownConfigs(): AgentDef[];
 /** Strip // and /* * / comments from JSONC. Preserves URLs inside strings. */
 declare function stripJsonComments(text: string): string;
-interface MCPServerConfig {
+interface MCPServerConfig$1 {
     name: string;
     source_file: string;
     agent_type: string;
@@ -906,7 +906,7 @@ interface MCPServerConfig {
 }
 interface DiscoveryResult {
     agents: AgentConfigResult[];
-    mcpServers: MCPServerConfig[];
+    mcpServers: MCPServerConfig$1[];
     skillPaths: string[];
 }
 /**
@@ -1337,4 +1337,170 @@ declare class Shield {
     stop(): void;
 }
 
-export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, type GuardOptions, type GuardProgressFn, type GuardReport, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadCustomProbes, loadGuardReport, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveReport, scanDirectory, scanMachine, scanSkillFile, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };
+interface MCPServerConfig {
+    name: string;
+    command: string;
+    args: string[];
+    env: Record<string, string>;
+    sourceFile: string | null;
+    transport: string;
+    url: string | null;
+    packageId: string | null;
+    agents: string[];
+}
+interface SkillPath {
+    path: string;
+    platform: string;
+    format: string;
+}
+interface CollectedAgent {
+    name: string;
+    agentType: string;
+    configPath: string;
+    mcpServers: MCPServerConfig[];
+    skills: SkillPath[];
+    status: string;
+}
+interface Finding {
+    code: string;
+    title: string;
+    description: string;
+    severity: string;
+    source: string | null;
+    serverName: string;
+    agentNames: string[];
+    evidence: string;
+    remediation: string;
+    confidence: number;
+}
+interface RegistryData {
+    trustScore: number;
+    findings: Finding[];
+    capabilityLabels: Set<string>;
+    analyzedVersion: string | null;
+    analyzedAt: string | null;
+    tools: string[];
+}
+interface MatchResult {
+    server: MCPServerConfig;
+    registryHit: RegistryData | null;
+    needsRuntime: boolean;
+    versionGap: string | null;
+    analysisMethod: string;
+}
+interface GuardScanResult {
+    agents: CollectedAgent[];
+    matchResults: MatchResult[];
+    findings: Finding[];
+    machineScore: number;
+    serversScanned: number;
+    fromRegistry: number;
+    failed: number;
+    scanDurationSeconds: number;
+    deepAnalysis: Record<string, unknown> | null;
+}
+
+interface GuardEngineOptions {
+    skipRuntime?: boolean;
+    deep?: boolean;
+    deepAll?: boolean;
+    deepTimeout?: number;
+    model?: string;
+    apiKey?: string;
+    baselinePath?: string;
+    cachePath?: string;
+    projectPath?: string;
+    noProcessScan?: boolean;
+    interactive?: boolean;
+}
+declare class GuardEngine {
+    private opts;
+    constructor(opts?: GuardEngineOptions);
+    run(): Promise<GuardScanResult>;
+    private deduplicateServers;
+    static ciExitCode(result: GuardScanResult, failOn?: string): number;
+}
+
+declare function formatTerminal(result: GuardScanResult): string;
+
+declare function formatJson(result: GuardScanResult): string;
+
+declare function formatSarif(result: GuardScanResult): Record<string, unknown>;
+
+declare function computeMachineScore(opts: {
+    matchResults: MatchResult[];
+    findings: Finding[];
+}): number;
+
+declare function collectAll(): CollectedAgent[];
+
+declare function extractPackageId(server: MCPServerConfig): string | null;
+
+interface CacheEntry {
+    trust_score?: number;
+    trustScore?: number;
+    findings?: unknown[];
+    capability_labels?: string[];
+    capabilityLabels?: string[];
+    analyzed_version?: string | null;
+    analyzedVersion?: string | null;
+    analyzed_at?: string | null;
+    analyzedAt?: string | null;
+    tools?: string[];
+}
+interface CacheData {
+    fetchedAt?: number;
+    fetched_at?: number;
+    updated_at?: number;
+    servers: Record<string, CacheEntry>;
+}
+declare class RegistryCache {
+    private cachePath;
+    private baseUrl;
+    private skipFetch;
+    private data;
+    constructor(opts?: {
+        path?: string;
+        baseUrl?: string;
+        skipFetch?: boolean;
+    });
+    private _loadFromDisk;
+    isStale(): boolean;
+    serverCount(): number;
+    fetchRemote(): Promise<number>;
+    ensureFresh(): Promise<void>;
+    lookup(packageId: string | null): RegistryData | null;
+    _setData(data: CacheData): void;
+}
+
+declare abstract class Analyzer {
+    abstract name: string;
+    requiresRuntime: boolean;
+    requiresLlm: boolean;
+    abstract analyze(opts: {
+        agents?: CollectedAgent[];
+        matchResults?: MatchResult[];
+        findings?: Finding[];
+        skills?: SkillPath[];
+        toolHashes?: Record<string, Record<string, [string, string]>>;
+    }): Finding[];
+}
+
+declare class PatternAnalyzer extends Analyzer {
+    name: string;
+    analyze(opts: {
+        agents?: CollectedAgent[];
+    }): Finding[];
+    private _checkServer;
+    private _finding;
+    private _checkConf001;
+    private _checkConf002;
+    private _checkConf003;
+    private _checkConf004;
+    private _checkConf005;
+    private _checkConf006;
+    private _checkConf007;
+    private _checkConf008;
+}
+
+export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CollectedAgent, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, GuardEngine, type GuardEngineOptions, type Finding as GuardFinding, type MCPServerConfig as GuardMCPServerConfig, type GuardOptions, type GuardProgressFn, type GuardReport, type GuardScanResult, type SkillPath as GuardSkillPath, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, type MatchResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, PatternAnalyzer, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, RegistryCache, type RegistryData, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, classifyPath, classifyServer, collectAll, collectWatchPaths, compareReports, computeDelta, computeMachineScore, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageId, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, formatJson, formatSarif, formatTerminal, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadCustomProbes, loadGuardReport, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveReport, scanDirectory, scanMachine, scanSkillFile, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };

package/dist/index.d.ts

@@ -898,7 +898,7 @@ interface AgentDef {
 declare function getWellKnownConfigs(): AgentDef[];
 /** Strip // and /* * / comments from JSONC. Preserves URLs inside strings. */
 declare function stripJsonComments(text: string): string;
-interface MCPServerConfig {
+interface MCPServerConfig$1 {
     name: string;
     source_file: string;
     agent_type: string;
@@ -906,7 +906,7 @@ interface MCPServerConfig {
 }
 interface DiscoveryResult {
     agents: AgentConfigResult[];
-    mcpServers: MCPServerConfig[];
+    mcpServers: MCPServerConfig$1[];
     skillPaths: string[];
 }
 /**
@@ -1337,4 +1337,170 @@ declare class Shield {
     stop(): void;
 }
 
-export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, type GuardOptions, type GuardProgressFn, type GuardReport, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, classifyPath, classifyServer, collectWatchPaths, compareReports, computeDelta, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadCustomProbes, loadGuardReport, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveReport, scanDirectory, scanMachine, scanSkillFile, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };
+interface MCPServerConfig {
+    name: string;
+    command: string;
+    args: string[];
+    env: Record<string, string>;
+    sourceFile: string | null;
+    transport: string;
+    url: string | null;
+    packageId: string | null;
+    agents: string[];
+}
+interface SkillPath {
+    path: string;
+    platform: string;
+    format: string;
+}
+interface CollectedAgent {
+    name: string;
+    agentType: string;
+    configPath: string;
+    mcpServers: MCPServerConfig[];
+    skills: SkillPath[];
+    status: string;
+}
+interface Finding {
+    code: string;
+    title: string;
+    description: string;
+    severity: string;
+    source: string | null;
+    serverName: string;
+    agentNames: string[];
+    evidence: string;
+    remediation: string;
+    confidence: number;
+}
+interface RegistryData {
+    trustScore: number;
+    findings: Finding[];
+    capabilityLabels: Set<string>;
+    analyzedVersion: string | null;
+    analyzedAt: string | null;
+    tools: string[];
+}
+interface MatchResult {
+    server: MCPServerConfig;
+    registryHit: RegistryData | null;
+    needsRuntime: boolean;
+    versionGap: string | null;
+    analysisMethod: string;
+}
+interface GuardScanResult {
+    agents: CollectedAgent[];
+    matchResults: MatchResult[];
+    findings: Finding[];
+    machineScore: number;
+    serversScanned: number;
+    fromRegistry: number;
+    failed: number;
+    scanDurationSeconds: number;
+    deepAnalysis: Record<string, unknown> | null;
+}
+
+interface GuardEngineOptions {
+    skipRuntime?: boolean;
+    deep?: boolean;
+    deepAll?: boolean;
+    deepTimeout?: number;
+    model?: string;
+    apiKey?: string;
+    baselinePath?: string;
+    cachePath?: string;
+    projectPath?: string;
+    noProcessScan?: boolean;
+    interactive?: boolean;
+}
+declare class GuardEngine {
+    private opts;
+    constructor(opts?: GuardEngineOptions);
+    run(): Promise<GuardScanResult>;
+    private deduplicateServers;
+    static ciExitCode(result: GuardScanResult, failOn?: string): number;
+}
+
+declare function formatTerminal(result: GuardScanResult): string;
+
+declare function formatJson(result: GuardScanResult): string;
+
+declare function formatSarif(result: GuardScanResult): Record<string, unknown>;
+
+declare function computeMachineScore(opts: {
+    matchResults: MatchResult[];
+    findings: Finding[];
+}): number;
+
+declare function collectAll(): CollectedAgent[];
+
+declare function extractPackageId(server: MCPServerConfig): string | null;
+
+interface CacheEntry {
+    trust_score?: number;
+    trustScore?: number;
+    findings?: unknown[];
+    capability_labels?: string[];
+    capabilityLabels?: string[];
+    analyzed_version?: string | null;
+    analyzedVersion?: string | null;
+    analyzed_at?: string | null;
+    analyzedAt?: string | null;
+    tools?: string[];
+}
+interface CacheData {
+    fetchedAt?: number;
+    fetched_at?: number;
+    updated_at?: number;
+    servers: Record<string, CacheEntry>;
+}
+declare class RegistryCache {
+    private cachePath;
+    private baseUrl;
+    private skipFetch;
+    private data;
+    constructor(opts?: {
+        path?: string;
+        baseUrl?: string;
+        skipFetch?: boolean;
+    });
+    private _loadFromDisk;
+    isStale(): boolean;
+    serverCount(): number;
+    fetchRemote(): Promise<number>;
+    ensureFresh(): Promise<void>;
+    lookup(packageId: string | null): RegistryData | null;
+    _setData(data: CacheData): void;
+}
+
+declare abstract class Analyzer {
+    abstract name: string;
+    requiresRuntime: boolean;
+    requiresLlm: boolean;
+    abstract analyze(opts: {
+        agents?: CollectedAgent[];
+        matchResults?: MatchResult[];
+        findings?: Finding[];
+        skills?: SkillPath[];
+        toolHashes?: Record<string, Record<string, [string, string]>>;
+    }): Finding[];
+}
+
+declare class PatternAnalyzer extends Analyzer {
+    name: string;
+    analyze(opts: {
+        agents?: CollectedAgent[];
+    }): Finding[];
+    private _checkServer;
+    private _finding;
+    private _checkConf001;
+    private _checkConf002;
+    private _checkConf003;
+    private _checkConf004;
+    private _checkConf005;
+    private _checkConf006;
+    private _checkConf007;
+    private _checkConf008;
+}
+
+export { type AffectedProbe, type AgentConfigResult, AgentSealError, AgentValidator, type AttackChain, BACKUPS_DIR, BOUNDARY_CATEGORIES, BOUNDARY_WEIGHT, type BaselineChange, type BaselineChangeResult, type BaselineEntry, BaselineStore, Blocklist, COMMON_WORDS, CONSISTENCY_WEIGHT, type ChainStep, type ChatFn, type CollectedAgent, type CompareResult, type CustomFinding, DANGER_CONCEPTS, DATA_EXTRACTION_WEIGHT, DebouncedHandler, type DefenseProfile, type DeltaEntry, DeltaResult, type DiscoveryResult, EXTRACTION_WEIGHT, type EmbedFn, type FixResult, Guard, GuardEngine, type GuardEngineOptions, type Finding as GuardFinding, type MCPServerConfig as GuardMCPServerConfig, type GuardOptions, type GuardProgressFn, type GuardReport, type GuardScanResult, type SkillPath as GuardSkillPath, GuardVerdict, HistoryStore, INJECTION_WEIGHT, type IgnoreFindingEntry, KNOWN_SERVER_LABELS, LABEL_DESTRUCTIVE, LABEL_PRIVATE, LABEL_PUBLIC_SINK, LABEL_UNTRUSTED, LLMJudge, type LLMJudgeFinding, type LLMJudgeOptions, type LLMJudgeResult, MAX_CONTENT_BYTES, MCPConfigChecker, type MCPFinding, type MCPRuntimeFinding, type MCPRuntimeResult, type MCPServerResult, type MatchResult, Notifier, PROFILES, PROJECT_MCP_CONFIGS, PROJECT_SKILL_DIRS, PROJECT_SKILL_FILES, PatternAnalyzer, type Probe, type ProbeResult, ProbeTimeoutError, type ProfileConfig, type ProgressFn, type ProjectConfig, ProviderError, QUARANTINE_DIR, type QuarantineEntry, REFUSAL_PHRASES, REPORTS_DIR, RegistryCache, type RegistryData, type RemediationItem, type RemediationReport, type Rule, RuleEngine, type RuleTest, type RuleTestResult, SEMANTIC_HIGH_THRESHOLD, SEMANTIC_MODERATE_THRESHOLD, SEVERITY_ORDER, SYSTEM_PROMPT, type ScanReport, type ScoreBreakdown, Severity, Shield, type ShieldCallback, type ShieldOptions, type SkillFinding, type SkillResult, SkillScanner, TRANSFORMS, type ToxicFlowResult, TrustLevel, type UnlistedFinding, ValidationError, type ValidatorOptions, Verdict, allActions, analyzeToxicFlows, applyProfile, base64Wrap, buildExtractionProbes, buildInjectionProbes, buildProbe, bulkCheck, caseScramble, classifyPath, classifyServer, collectAll, collectWatchPaths, compareReports, computeDelta, computeMachineScore, computeScores, computeSemanticSimilarity, computeVerdict, customFindingFromDict, customFindingToDict, decodeBase64Blocks, decodeHtmlEntities, deltaEntryToDict, deobfuscate, detectCanary, detectChains, detectExtraction, detectExtractionWithSemantic, detectProvider, enrichMcpResults, expandStringConcat, extractPackageId, extractPackageSlug, extractSkillName, extractUniquePhrases, fingerprintDefense, fnmatchCase, formatJson, formatSarif, formatTerminal, fromAnthropic, fromEndpoint, fromLangChain, fromOllama, fromOpenAI, fromVercelAI, fuseVerdicts, generateCanary, generateConfigYaml, generateMutations, generateRemediation, generateUnlistedFindings, getFixableSkills, getWellKnownConfigs, guardReportFromDict, hasCritical, hasInvisibleChars, isRefusal, leetspeak, listProfiles, listQuarantine, loadAllCustomProbes, loadCustomProbes, loadGuardReport, loadProjectConfig, loadScanReport, normalizeSkillPath, normalizeUnicode, parseProbeFile, parseResponse, prefixPadding, quarantineSkill, resolveProfile, resolveProjectConfig, restoreSkill, reverseEmbed, rot13Wrap, runGuardInit, saveReport, scanDirectory, scanMachine, scanSkillFile, sha256, shannonEntropy, shouldFail, shouldIgnoreFinding, shouldIgnorePath, slugify, stripBidiControls, stripHtmlComments, stripJsonComments, stripModelPrefix, stripTagChars, stripVariationSelectors, stripZeroWidth, topMCPFinding, topSkillFinding, totalDangers, totalSafe, totalWarnings, truncateContent, trustLevelFromScore, unescapeSequences, unicodeHomoglyphs, unlistedFindingToDict, validateProbe, verdictFromFindings, verdictScore, zeroWidthInject };