agentspd 1.0.0

package/dist/commands/policies.js

@@ -0,0 +1,362 @@
+import { Command } from 'commander';
+import inquirer from 'inquirer';
+import ora from 'ora';
+import * as fs from 'node:fs';
+import { api } from '../api.js';
+import * as output from '../output.js';
+const DEFAULT_POLICY_TEMPLATE = `# Emotos Security Policy
+# Version 1.0
+
+version: "1.0"
+name: "my-policy"
+description: "My security policy"
+
+settings:
+  default_action: deny
+  require_identity: true
+
+# Tool permissions
+tools:
+  # Allow read operations
+  - pattern: "read_*"
+    action: allow
+    
+  # Block dangerous operations
+  - pattern: "exec_*"
+    action: deny
+    reason: "Shell execution not permitted"
+    
+  # Allow with rate limiting
+  - pattern: "web_*"
+    action: allow
+    rate_limit:
+      requests_per_minute: 10
+
+# Prompt injection protection
+prompt_injection:
+  enabled: true
+  action: block
+  
+# Data exfiltration prevention
+exfiltration:
+  enabled: true
+  block_patterns:
+    - name: "aws_keys"
+      pattern: "AKIA[0-9A-Z]{16}"
+    - name: "private_keys"
+      pattern: "-----BEGIN (RSA|DSA|EC|OPENSSH) PRIVATE KEY-----"
+`;
+export function createPoliciesCommand() {
+    const policies = new Command('policies')
+        .alias('policy')
+        .description('Manage security policies');
+    policies
+        .command('create')
+        .description('Create a new security policy')
+        .option('-n, --name <name>', 'Policy name')
+        .option('-d, --description <desc>', 'Policy description')
+        .option('-f, --file <path>', 'Read policy content from file')
+        .option('-t, --template', 'Start with a template')
+        .option('--json', 'Output as JSON')
+        .action(async (options) => {
+        let name = options.name;
+        let description = options.description;
+        let content;
+        // Get policy content
+        if (options.file) {
+            if (!fs.existsSync(options.file)) {
+                output.error(`File not found: ${options.file}`);
+                return;
+            }
+            content = fs.readFileSync(options.file, 'utf-8');
+        }
+        else if (options.template) {
+            content = DEFAULT_POLICY_TEMPLATE;
+        }
+        else {
+            output.info('Enter policy YAML (end with Ctrl+D on a new line):');
+            console.log();
+            const answers = await inquirer.prompt([
+                {
+                    type: 'editor',
+                    name: 'content',
+                    message: 'Policy content:',
+                    default: DEFAULT_POLICY_TEMPLATE,
+                },
+            ]);
+            content = answers.content;
+        }
+        // Get name and description if not provided
+        if (!name) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'input',
+                    name: 'name',
+                    message: 'Policy name:',
+                    validate: (input) => input.length > 0 || 'Name is required',
+                },
+            ]);
+            name = answers.name;
+        }
+        if (!description) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'input',
+                    name: 'description',
+                    message: 'Description (optional):',
+                },
+            ]);
+            description = answers.description || undefined;
+        }
+        // Validate first
+        const validateSpinner = ora('Validating policy...').start();
+        const validateResult = await api.validatePolicy(content);
+        if (validateResult.error || (validateResult.data && !validateResult.data.valid)) {
+            validateSpinner.fail('Policy validation failed');
+            if (validateResult.data?.errors) {
+                for (const err of validateResult.data.errors) {
+                    output.error(err);
+                }
+            }
+            else if (validateResult.error) {
+                output.error(validateResult.error.message);
+            }
+            return;
+        }
+        validateSpinner.succeed('Policy validated');
+        // Create policy
+        const spinner = ora('Creating policy...').start();
+        const result = await api.createPolicy({ name, description, content });
+        if (result.error) {
+            spinner.fail('Failed to create policy');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.succeed('Policy created successfully!');
+        if (options.json) {
+            output.printJson(result.data);
+        }
+        else if (result.data) {
+            console.log();
+            output.printKeyValue([
+                ['Policy ID', result.data.id],
+                ['Name', result.data.name],
+                ['Version', result.data.version],
+                ['Active', result.data.isActive ? 'Yes' : 'No'],
+                ['Created', output.formatDate(result.data.createdAt)],
+            ]);
+            console.log();
+            output.info('Next steps:');
+            console.log(`  1. Activate policy: ${output.highlight(`emotos policies activate ${result.data.id}`)}`);
+            console.log(`  2. Assign to agent: ${output.highlight(`emotos agents create --policy ${result.data.id}`)}`);
+        }
+    });
+    policies
+        .command('list')
+        .alias('ls')
+        .description('List all policies')
+        .option('--json', 'Output as JSON')
+        .action(async (options) => {
+        const spinner = ora('Fetching policies...').start();
+        const result = await api.listPolicies();
+        if (result.error) {
+            spinner.fail('Failed to fetch policies');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.stop();
+        if (options.json) {
+            output.printJson(result.data);
+        }
+        else if (result.data) {
+            if (result.data.policies.length === 0) {
+                output.info('No policies found');
+                output.info('Create one with: emotos policies create');
+                return;
+            }
+            output.heading('Security Policies');
+            output.printPolicyTable(result.data.policies);
+        }
+    });
+    policies
+        .command('get <policyId>')
+        .alias('show')
+        .description('Get policy details')
+        .option('--json', 'Output as JSON')
+        .option('--content', 'Show policy content only')
+        .action(async (policyId, options) => {
+        const spinner = ora('Fetching policy...').start();
+        const result = await api.getPolicy(policyId);
+        if (result.error) {
+            spinner.fail('Failed to fetch policy');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.stop();
+        if (options.content && result.data) {
+            console.log(result.data.content);
+            return;
+        }
+        if (options.json) {
+            output.printJson(result.data);
+        }
+        else if (result.data) {
+            output.heading(`Policy: ${result.data.name}`);
+            output.printKeyValue([
+                ['ID', result.data.id],
+                ['Name', result.data.name],
+                ['Description', result.data.description],
+                ['Version', result.data.version],
+                ['Active', result.data.isActive ? 'Yes' : 'No'],
+                ['Created', output.formatDate(result.data.createdAt)],
+                ['Updated', result.data.updatedAt ? output.formatDate(result.data.updatedAt) : undefined],
+            ]);
+            console.log();
+            output.heading('Content');
+            console.log(result.data.content);
+        }
+    });
+    policies
+        .command('update <policyId>')
+        .description('Update a policy')
+        .option('-f, --file <path>', 'Read policy content from file')
+        .option('--json', 'Output as JSON')
+        .action(async (policyId, options) => {
+        let content;
+        if (options.file) {
+            if (!fs.existsSync(options.file)) {
+                output.error(`File not found: ${options.file}`);
+                return;
+            }
+            content = fs.readFileSync(options.file, 'utf-8');
+        }
+        else {
+            // Fetch current content
+            const current = await api.getPolicy(policyId);
+            if (current.error) {
+                output.error(current.error.message);
+                return;
+            }
+            const answers = await inquirer.prompt([
+                {
+                    type: 'editor',
+                    name: 'content',
+                    message: 'Policy content:',
+                    default: current.data?.content,
+                },
+            ]);
+            content = answers.content;
+        }
+        // Validate first
+        const validateSpinner = ora('Validating policy...').start();
+        const validateResult = await api.validatePolicy(content);
+        if (validateResult.error || (validateResult.data && !validateResult.data.valid)) {
+            validateSpinner.fail('Policy validation failed');
+            if (validateResult.data?.errors) {
+                for (const err of validateResult.data.errors) {
+                    output.error(err);
+                }
+            }
+            return;
+        }
+        validateSpinner.succeed('Policy validated');
+        // Update policy
+        const spinner = ora('Updating policy...').start();
+        const result = await api.updatePolicy(policyId, content);
+        if (result.error) {
+            spinner.fail('Failed to update policy');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.succeed('Policy updated successfully!');
+        if (options.json) {
+            output.printJson(result.data);
+        }
+        else if (result.data) {
+            output.printKeyValue([
+                ['Version', result.data.version],
+                ['Updated', result.data.updatedAt ? output.formatDate(result.data.updatedAt) : 'Now'],
+            ]);
+        }
+    });
+    policies
+        .command('validate')
+        .description('Validate a policy file')
+        .argument('<file>', 'Policy file to validate')
+        .action(async (file) => {
+        if (!fs.existsSync(file)) {
+            output.error(`File not found: ${file}`);
+            return;
+        }
+        const content = fs.readFileSync(file, 'utf-8');
+        const spinner = ora('Validating policy...').start();
+        const result = await api.validatePolicy(content);
+        if (result.error) {
+            spinner.fail('Validation failed');
+            output.error(result.error.message);
+            return;
+        }
+        if (result.data?.valid) {
+            spinner.succeed('Policy is valid!');
+        }
+        else {
+            spinner.fail('Policy is invalid');
+            if (result.data?.errors) {
+                for (const err of result.data.errors) {
+                    output.error(err);
+                }
+            }
+        }
+    });
+    policies
+        .command('activate <policyId>')
+        .description('Activate a policy')
+        .action(async (policyId) => {
+        const spinner = ora('Activating policy...').start();
+        const result = await api.activatePolicy(policyId);
+        if (result.error) {
+            spinner.fail('Failed to activate policy');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.succeed('Policy activated!');
+    });
+    policies
+        .command('deactivate <policyId>')
+        .description('Deactivate a policy')
+        .action(async (policyId) => {
+        const spinner = ora('Deactivating policy...').start();
+        const result = await api.deactivatePolicy(policyId);
+        if (result.error) {
+            spinner.fail('Failed to deactivate policy');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.succeed('Policy deactivated');
+    });
+    policies
+        .command('init')
+        .description('Initialize a new policy file from template')
+        .option('-o, --output <path>', 'Output file path', 'emotos-policy.yaml')
+        .action(async (options) => {
+        if (fs.existsSync(options.output)) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'confirm',
+                    name: 'overwrite',
+                    message: `File ${options.output} already exists. Overwrite?`,
+                    default: false,
+                },
+            ]);
+            if (!answers.overwrite) {
+                output.info('Operation cancelled');
+                return;
+            }
+        }
+        fs.writeFileSync(options.output, DEFAULT_POLICY_TEMPLATE);
+        output.success(`Policy template created: ${options.output}`);
+        output.info('Edit this file to customize your security policy');
+        output.info(`Then upload with: emotos policies create --file ${options.output}`);
+    });
+    return policies;
+}

package/dist/commands/threats.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createThreatsCommand(): Command;
+//# sourceMappingURL=threats.d.ts.map

package/dist/commands/threats.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"threats.d.ts","sourceRoot":"","sources":["../../src/commands/threats.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAMpC,wBAAgB,oBAAoB,IAAI,OAAO,CAoL9C"}

package/dist/commands/threats.js

@@ -0,0 +1,161 @@
+import { Command } from 'commander';
+import inquirer from 'inquirer';
+import ora from 'ora';
+import { api } from '../api.js';
+import * as output from '../output.js';
+export function createThreatsCommand() {
+    const threats = new Command('threats')
+        .alias('threat')
+        .description('Monitor and respond to security threats');
+    threats
+        .command('list')
+        .alias('ls')
+        .description('List detected threats')
+        .option('-a, --agent <agentId>', 'Filter by agent ID')
+        .option('-s, --severity <severity>', 'Filter by severity (low, medium, high, critical)')
+        .option('--status <status>', 'Filter by status (detected, blocked, escalated, resolved)')
+        .option('-l, --limit <n>', 'Limit results', '20')
+        .option('--json', 'Output as JSON')
+        .action(async (options) => {
+        const spinner = ora('Fetching threats...').start();
+        const result = await api.listThreats({
+            agentId: options.agent,
+            severity: options.severity,
+            status: options.status,
+            limit: Number.parseInt(options.limit, 10),
+        });
+        if (result.error) {
+            spinner.fail('Failed to fetch threats');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.stop();
+        if (options.json) {
+            output.printJson(result.data);
+        }
+        else if (result.data) {
+            if (result.data.items.length === 0) {
+                output.success('No threats detected!');
+                return;
+            }
+            output.heading(`Security Threats (${result.data.total} total)`);
+            output.printThreatTable(result.data.items);
+        }
+    });
+    threats
+        .command('resolve <threatId>')
+        .description('Mark a threat as resolved')
+        .option('-f, --force', 'Skip confirmation')
+        .action(async (threatId, options) => {
+        if (!options.force) {
+            const answers = await inquirer.prompt([
+                {
+                    type: 'confirm',
+                    name: 'confirm',
+                    message: `Mark threat ${threatId} as resolved?`,
+                    default: true,
+                },
+            ]);
+            if (!answers.confirm) {
+                output.info('Operation cancelled');
+                return;
+            }
+        }
+        const spinner = ora('Resolving threat...').start();
+        const result = await api.resolveThreat(threatId);
+        if (result.error) {
+            spinner.fail('Failed to resolve threat');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.succeed('Threat resolved');
+        if (result.data) {
+            output.info(`Resolved at: ${output.formatDate(result.data.resolvedAt || new Date().toISOString())}`);
+        }
+    });
+    threats
+        .command('watch')
+        .description('Watch for threats in real-time')
+        .option('-a, --agent <agentId>', 'Filter by agent ID')
+        .option('-s, --severity <severity>', 'Minimum severity to show')
+        .action(async (options) => {
+        output.heading('Threat Monitor');
+        output.info('Press Ctrl+C to stop');
+        console.log();
+        let lastSeen = null;
+        const fetchThreats = async () => {
+            const result = await api.listThreats({
+                agentId: options.agent,
+                severity: options.severity,
+                limit: 10,
+            });
+            if (result.data && result.data.items.length > 0) {
+                const newThreats = lastSeen
+                    ? result.data.items.filter(t => t.id !== lastSeen && new Date(t.createdAt) > new Date(lastSeen))
+                    : result.data.items;
+                if (newThreats.length > 0) {
+                    for (const threat of newThreats) {
+                        const severityStr = output.formatSeverity(threat.severity);
+                        const statusStr = output.formatStatus(threat.status);
+                        console.log(`[${output.formatDate(threat.createdAt)}] ${severityStr} ${threat.threatType} - Agent: ${threat.agentId} - Status: ${statusStr}`);
+                    }
+                    lastSeen = result.data.items[0].id;
+                }
+            }
+        };
+        // Initial fetch
+        await fetchThreats();
+        // Poll every 3 seconds
+        const interval = setInterval(fetchThreats, 3000);
+        // Handle Ctrl+C
+        process.on('SIGINT', () => {
+            clearInterval(interval);
+            console.log();
+            output.info('Monitoring stopped');
+            process.exit(0);
+        });
+    });
+    threats
+        .command('stats')
+        .description('Show threat statistics')
+        .action(async () => {
+        const spinner = ora('Fetching threat statistics...').start();
+        const result = await api.listThreats({ limit: 1000 });
+        if (result.error) {
+            spinner.fail('Failed to fetch threats');
+            output.error(result.error.message);
+            return;
+        }
+        spinner.stop();
+        if (result.data) {
+            const threats = result.data.items;
+            const bySeverity = {};
+            const byStatus = {};
+            const byType = {};
+            for (const threat of threats) {
+                bySeverity[threat.severity] = (bySeverity[threat.severity] || 0) + 1;
+                byStatus[threat.status] = (byStatus[threat.status] || 0) + 1;
+                byType[threat.threatType] = (byType[threat.threatType] || 0) + 1;
+            }
+            output.heading('Threat Statistics');
+            output.printKeyValue([
+                ['Total Threats', result.data.total],
+                ['Blocked', byStatus['blocked'] || 0],
+                ['Resolved', byStatus['resolved'] || 0],
+            ]);
+            console.log();
+            output.heading('By Severity');
+            const severityRows = Object.entries(bySeverity)
+                .map(([sev, count]) => [output.formatSeverity(sev), String(count)]);
+            output.printTable(['Severity', 'Count'], severityRows);
+            console.log();
+            output.heading('By Type');
+            const typeRows = Object.entries(byType)
+                .sort((a, b) => b[1] - a[1])
+                .slice(0, 10)
+                .map(([type, count]) => [type, String(count)]);
+            output.printTable(['Threat Type', 'Count'], typeRows);
+        }
+    });
+    return threats;
+}

package/dist/commands/webhooks.d.ts

@@ -0,0 +1,3 @@
+import { Command } from 'commander';
+export declare function createWebhooksCommand(): Command;
+//# sourceMappingURL=webhooks.d.ts.map

package/dist/commands/webhooks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhooks.d.ts","sourceRoot":"","sources":["../../src/commands/webhooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAoBpC,wBAAgB,qBAAqB,IAAI,OAAO,CAkO/C"}