agentshield-sdk 8.0.0 → 10.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. package/CHANGELOG.md +19 -0
  2. package/LICENSE +21 -21
  3. package/README.md +26 -60
  4. package/bin/agentshield-audit +51 -0
  5. package/package.json +7 -10
  6. package/src/adaptive.js +330 -330
  7. package/src/alert-tuning.js +480 -480
  8. package/src/audit-streaming.js +1 -1
  9. package/src/badges.js +196 -196
  10. package/src/behavioral-dna.js +12 -0
  11. package/src/canary.js +2 -3
  12. package/src/certification.js +563 -563
  13. package/src/circuit-breaker.js +2 -2
  14. package/src/confused-deputy.js +4 -0
  15. package/src/conversation.js +494 -494
  16. package/src/cross-turn.js +3 -17
  17. package/src/ctf.js +462 -462
  18. package/src/detector-core.js +71 -152
  19. package/src/document-scanner.js +795 -795
  20. package/src/drift-monitor.js +344 -0
  21. package/src/encoding.js +429 -429
  22. package/src/enterprise.js +405 -405
  23. package/src/flight-recorder.js +2 -0
  24. package/src/i18n-patterns.js +523 -523
  25. package/src/index.js +19 -0
  26. package/src/main.js +61 -41
  27. package/src/mcp-guard.js +974 -0
  28. package/src/micro-model.js +762 -0
  29. package/src/ml-detector.js +316 -0
  30. package/src/model-finetuning.js +884 -884
  31. package/src/multimodal.js +296 -296
  32. package/src/nist-mapping.js +2 -2
  33. package/src/observability.js +330 -330
  34. package/src/openclaw.js +450 -450
  35. package/src/otel.js +544 -544
  36. package/src/owasp-2025.js +1 -1
  37. package/src/owasp-agentic.js +420 -0
  38. package/src/plugin-marketplace.js +628 -628
  39. package/src/plugin-system.js +349 -349
  40. package/src/policy-extended.js +635 -635
  41. package/src/policy.js +443 -443
  42. package/src/prompt-leakage.js +2 -2
  43. package/src/real-attack-datasets.js +2 -2
  44. package/src/redteam-cli.js +439 -0
  45. package/src/supply-chain-scanner.js +691 -0
  46. package/src/testing.js +5 -1
  47. package/src/threat-encyclopedia.js +629 -629
  48. package/src/threat-intel-network.js +1017 -1017
  49. package/src/token-analysis.js +467 -467
  50. package/src/tool-output-validator.js +354 -354
  51. package/src/watermark.js +1 -2
package/src/testing.js CHANGED
@@ -184,7 +184,7 @@ class TestSuiteGenerator {
184
184
  for (const [category, catTests] of Object.entries(byCategory)) {
185
185
  lines.push(` describe('${category}', () => {`);
186
186
  for (const test of catTests) {
187
- const escaped = test.input.replace(/\\/g, '\\\\').replace(/'/g, "\\'").replace(/\n/g, '\\n');
187
+ const escaped = test.input.replace(/\\/g, '\\\\').replace(/'/g, "\\'").replace(/\n/g, '\\n').replace(/`/g, '\\`').replace(/\$\{/g, '\\${');
188
188
  if (test.expectBlocked) {
189
189
  lines.push(` test('should detect: ${escaped.substring(0, 50)}', () => {`);
190
190
  lines.push(` const result = scanText('${escaped}', 'high');`);
@@ -371,6 +371,10 @@ class BreakglassProtocol {
371
371
  * Activate breakglass — temporarily bypass all security checks.
372
372
  */
373
373
  activate(params = {}) {
374
+ if (this.requireAuth && !params.user) {
375
+ this._log('activate_denied', null, 'User required when requireAuth is enabled');
376
+ return { success: false, reason: 'User identification required' };
377
+ }
374
378
  if (this.requireAuth && params.user && !this.authorizedUsers.has(params.user)) {
375
379
  this._log('activate_denied', params.user, 'Unauthorized user');
376
380
  return { success: false, reason: 'Unauthorized user' };