ai-warden 0.3.0 → 0.4.0

package/README.md

@@ -5,6 +5,8 @@
 AI-Warden is a fast, zero-dependency security scanner that detects prompt injection vulnerabilities in your AI/LLM applications.
 
 [![npm version](https://img.shields.io/npm/v/ai-warden.svg)](https://www.npmjs.com/package/ai-warden)
+[![Tests](https://github.com/larhog/ai-warden-dev/actions/workflows/test.yml/badge.svg)](https://github.com/larhog/ai-warden-dev/actions/workflows/test.yml)
+[![Security Scan](https://github.com/larhog/ai-warden-dev/actions/workflows/security-scan.yml/badge.svg)](https://github.com/larhog/ai-warden-dev/actions/workflows/security-scan.yml)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
 
 ---
@@ -73,6 +75,9 @@ aiwarden scan . --mode permissive  # Less sensitive (threshold: 250)
 # Verbose output
 aiwarden scan . --verbose
 
+# Interactive mode (whitelist threats as you go)
+aiwarden scan . --interactive
+
 # Show version
 aiwarden version
 
@@ -155,6 +160,68 @@ jobs:
 
 ---
 
+## 🚫 Whitelist / Ignore Files
+
+### Interactive Mode (Recommended)
+
+When scanning, use `--interactive` to whitelist false positives on-the-fly:
+
+```bash
+aiwarden scan . --interactive
+```
+
+**Example workflow:**
+```
+⚠️  Threat detected:
+   File: src/examples.js
+   Pattern: P001 - Ignore Previous Instructions
+   Risk: CRITICAL (Score: 450)
+   Found: "Ignore all previous instructions..."
+
+   [I] Ignore this entire file
+   [P] Ignore pattern P001 only
+   [K] Keep (this is a real threat)
+   [Q] Quit scanning
+
+   Choice: i
+   ✅ Added to .aiwardenignore: src/examples.js
+```
+
+### Manual `.aiwardenignore` File
+
+Create a `.aiwardenignore` file in your project root:
+
+```bash
+# .aiwardenignore
+
+# Ignore entire directories
+docs/
+tests/
+examples/
+
+# Ignore specific files
+src/patterns.js
+src/securityTraining.js
+
+# Wildcard patterns
+**/*.test.js
+**/*.spec.js
+*.md
+
+# Ignore specific patterns in files
+src/config.js:P001,P002  # Only ignore these pattern IDs
+src/examples.js:*        # Ignore all patterns in this file
+```
+
+**Supported formats:**
+- `path/to/file` - Ignore entire file
+- `directory/` - Ignore entire directory
+- `**/*.ext` - Wildcard patterns
+- `file.js:P001,P002` - Ignore specific pattern IDs
+- `file.js:*` - Ignore all patterns in file
+
+---
+
 ## 📊 Example Output
 
 ```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ai-warden",
-  "version": "0.3.0",
+  "version": "0.4.0",
   "description": "AI security scanner - Detect prompt injection attacks before they reach production",
   "main": "src/scanner.js",
   "bin": {

package/src/cli.js

@@ -9,6 +9,8 @@ const fs = require('fs');
 const path = require('path');
 const scanner = require('./scanner');
 const fileClassifier = require('./fileClassifier');
+const IgnoreParser = require('./ignoreParser');
+const InteractivePrompt = require('./interactivePrompt');
 
 const args = process.argv.slice(2);
 const command = args[0];
@@ -31,10 +33,12 @@ Commands:
 Options:
   --mode <mode>        Detection mode (strict|balanced|permissive)
   --verbose            Show detailed output
+  --interactive        Interactive mode (whitelist threats as you go)
 
 Examples:
   aiwarden scan .                    Scan current directory
   aiwarden scan file.txt             Scan single file
+  aiwarden scan . --interactive      Interactive whitelist mode
   aiwarden scan . --mode strict      Strict detection mode
   aiwarden scan . --verbose          Detailed output
 
@@ -49,7 +53,7 @@ function showVersion() {
 }
 
 // Scan command
-function scanCommand(targetPath, options = {}) {
+async function scanCommand(targetPath, options = {}) {
   if (!targetPath) {
     console.error('❌ Error: No path specified');
     console.log('Usage: aiwarden scan <path>');
@@ -63,6 +67,10 @@ function scanCommand(targetPath, options = {}) {
     process.exit(1);
   }
 
+  // Initialize ignore parser
+  const ignoreParser = new IgnoreParser();
+  const interactivePrompt = options.interactive ? new InteractivePrompt(ignoreParser) : null;
+
   console.log(`🔍 AI-Warden scanning: ${fullPath}\n`);
 
   const stat = fs.statSync(fullPath);
@@ -80,15 +88,27 @@ function scanCommand(targetPath, options = {}) {
 
   let totalThreats = 0;
   let scannedCount = 0;
+  let ignoredCount = 0;
 
-  files.forEach(file => {
+  for (const file of files) {
     try {
+      const relativePath = path.relative(process.cwd(), file);
+      
       // Check if file should be skipped
       if (fileClassifier.shouldSkipFile(file)) {
         if (options.verbose) {
-          console.log(`⏭️  ${path.relative(process.cwd(), file)} - Skipped`);
+          console.log(`⏭️  ${relativePath} - Skipped`);
+        }
+        continue;
+      }
+
+      // Check if file is in ignore list
+      if (ignoreParser.shouldIgnoreFile(file)) {
+        ignoredCount++;
+        if (options.verbose) {
+          console.log(`🚫 ${relativePath} - Ignored (.aiwardenignore)`);
         }
-        return;
+        continue;
       }
 
       const content = fs.readFileSync(file, 'utf-8');
@@ -106,29 +126,62 @@ function scanCommand(targetPath, options = {}) {
       scannedCount++;
 
       if (!result.passed) {
+        // Get ignored patterns for this file
+        const ignoredPatterns = ignoreParser.getIgnoredPatterns(file);
+        
+        // Filter out ignored patterns
+        const activeFindings = result.findings.filter(f => 
+          !ignoredPatterns.includes(f.id)
+        );
+
+        if (activeFindings.length === 0) {
+          // All findings are ignored
+          if (options.verbose) {
+            console.log(`🚫 ${relativePath} - Patterns ignored`);
+          }
+          continue;
+        }
+
         totalThreats++;
-        console.log(`⚠️  ${path.relative(process.cwd(), file)}`);
+        console.log(`⚠️  ${relativePath}`);
         console.log(`   Risk: ${result.riskLevel} (Score: ${result.riskScore})`);
         
-        if (options.verbose && result.findings.length > 0) {
-          result.findings.slice(0, 3).forEach(f => {
+        if (options.verbose && activeFindings.length > 0) {
+          activeFindings.slice(0, 3).forEach(f => {
             console.log(`   - ${f.severity}: ${f.description}`);
           });
         }
-        console.log('');
+
+        // Interactive mode: prompt user
+        if (interactivePrompt && activeFindings.length > 0) {
+          const action = await interactivePrompt.promptThreat(file, activeFindings[0]);
+          
+          if (action === 'quit') {
+            console.log('\n🛑 Scan aborted by user\n');
+            process.exit(1);
+          } else if (action === 'ignore-file' || action === 'ignore-pattern') {
+            totalThreats--; // Don't count this as a threat anymore
+            ignoredCount++;
+          }
+        } else {
+          console.log('');
+        }
       } else if (options.verbose) {
-        console.log(`✅ ${path.relative(process.cwd(), file)} - Clean`);
+        console.log(`✅ ${relativePath} - Clean`);
       }
     } catch (err) {
       if (options.verbose) {
         console.log(`⚠️  ${path.relative(process.cwd(), file)} - Skipped (${err.message})`);
       }
     }
-  });
+  }
 
   console.log(`\n${'='.repeat(60)}`);
   console.log(`📊 Scan complete:`);
   console.log(`   Files scanned: ${scannedCount}`);
+  if (ignoredCount > 0) {
+    console.log(`   Files ignored: ${ignoredCount}`);
+  }
   console.log(`   Threats found: ${totalThreats}`);
   console.log(`${'='.repeat(60)}\n`);
 
@@ -183,6 +236,8 @@ function parseArgs() {
       i++;
     } else if (args[i] === '--verbose') {
       options.verbose = true;
+    } else if (args[i] === '--interactive' || args[i] === '-i') {
+      options.interactive = true;
     }
   }
 

package/src/fileClassifier.js

@@ -102,7 +102,7 @@ function getAdjustedThreshold(fileType, baseThreshold) {
   const multipliers = {
     'skip': 0, // Will be skipped anyway
     'documentation': 4.0, // Very permissive (600 for balanced mode)
-    'test': 2.5, // Permissive (375 for balanced)
+    'test': 3.5, // Very permissive (525 for balanced) - test data often triggers patterns
     'api-spec': 5.0, // Extremely permissive (750 for balanced)
     'config': 2.0, // Permissive (300 for balanced)
     'code': 1.0 // Normal threshold

package/src/ignoreParser.js

@@ -0,0 +1,163 @@
+/**
+ * .aiwardenignore Parser
+ * Handles whitelist/ignore rules for files and patterns
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+class IgnoreParser {
+  constructor(ignoreFilePath = '.aiwardenignore') {
+    this.ignoreFilePath = ignoreFilePath;
+    this.rules = [];
+    this.load();
+  }
+
+  /**
+   * Load and parse .aiwardenignore file
+   */
+  load() {
+    if (!fs.existsSync(this.ignoreFilePath)) {
+      return;
+    }
+
+    const content = fs.readFileSync(this.ignoreFilePath, 'utf-8');
+    const lines = content.split('\n');
+
+    lines.forEach(line => {
+      // Skip comments and empty lines
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith('#')) {
+        return;
+      }
+
+      // Check if it's a file:pattern rule
+      if (trimmed.includes(':')) {
+        const [filePath, patterns] = trimmed.split(':');
+        this.rules.push({
+          type: 'file-pattern',
+          filePath: filePath.trim(),
+          patterns: patterns.trim() === '*' ? '*' : patterns.trim().split(',').map(p => p.trim())
+        });
+      } else {
+        // It's a file/directory pattern
+        this.rules.push({
+          type: 'file',
+          pattern: trimmed
+        });
+      }
+    });
+  }
+
+  /**
+   * Check if a file should be ignored completely
+   */
+  shouldIgnoreFile(filePath) {
+    const normalized = path.normalize(filePath);
+    
+    for (const rule of this.rules) {
+      if (rule.type === 'file-pattern' && rule.patterns === '*') {
+        // Check if file matches
+        if (this.matchPath(normalized, rule.filePath)) {
+          return true;
+        }
+      } else if (rule.type === 'file') {
+        if (this.matchPath(normalized, rule.pattern)) {
+          return true;
+        }
+      }
+    }
+    
+    return false;
+  }
+
+  /**
+   * Get patterns to ignore for a specific file
+   */
+  getIgnoredPatterns(filePath) {
+    const normalized = path.normalize(filePath);
+    const ignored = [];
+
+    for (const rule of this.rules) {
+      if (rule.type === 'file-pattern' && rule.patterns !== '*') {
+        if (this.matchPath(normalized, rule.filePath)) {
+          ignored.push(...rule.patterns);
+        }
+      }
+    }
+
+    return ignored;
+  }
+
+  /**
+   * Match a file path against a pattern (supports wildcards)
+   */
+  matchPath(filePath, pattern) {
+    // Exact match
+    if (filePath === pattern || filePath.endsWith(pattern)) {
+      return true;
+    }
+
+    // Directory match (ends with /)
+    if (pattern.endsWith('/')) {
+      const dir = pattern.slice(0, -1);
+      if (filePath.includes(dir + path.sep) || filePath.startsWith(dir + path.sep)) {
+        return true;
+      }
+    }
+
+    // Wildcard patterns
+    if (pattern.includes('*')) {
+      const regex = this.patternToRegex(pattern);
+      return regex.test(filePath);
+    }
+
+    return false;
+  }
+
+  /**
+   * Convert glob pattern to regex
+   */
+  patternToRegex(pattern) {
+    // Escape special regex characters except *
+    let regex = pattern
+      .replace(/\./g, '\\.')
+      .replace(/\//g, '[\\\\/]') // Match both / and \
+      .replace(/\*\*/g, '<<<DOUBLESTAR>>>')
+      .replace(/\*/g, '[^\\\\/]*')
+      .replace(/<<<DOUBLESTAR>>>/g, '.*');
+    
+    return new RegExp('^' + regex + '$');
+  }
+
+  /**
+   * Add a new ignore rule and save to file
+   */
+  addIgnoreRule(filePath, patterns = '*') {
+    const rule = patterns === '*' 
+      ? filePath 
+      : `${filePath}:${Array.isArray(patterns) ? patterns.join(',') : patterns}`;
+
+    // Check if rule already exists
+    const content = fs.existsSync(this.ignoreFilePath) 
+      ? fs.readFileSync(this.ignoreFilePath, 'utf-8') 
+      : '';
+
+    if (content.includes(rule)) {
+      return; // Already exists
+    }
+
+    // Append rule
+    const newContent = content.trim() 
+      ? content.trim() + '\n' + rule + '\n'
+      : rule + '\n';
+
+    fs.writeFileSync(this.ignoreFilePath, newContent, 'utf-8');
+    
+    // Reload rules
+    this.rules = [];
+    this.load();
+  }
+}
+
+module.exports = IgnoreParser;

package/src/interactivePrompt.js

@@ -0,0 +1,89 @@
+/**
+ * Interactive Prompt for Whitelist Management
+ * Allows users to whitelist files/patterns when threats are detected
+ */
+
+const readline = require('readline');
+
+class InteractivePrompt {
+  constructor(ignoreParser) {
+    this.ignoreParser = ignoreParser;
+  }
+
+  /**
+   * Prompt user what to do with a detected threat
+   * Returns: 'ignore-file' | 'ignore-pattern' | 'keep' | 'quit'
+   */
+  async promptThreat(filePath, finding) {
+    return new Promise((resolve) => {
+      const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout
+      });
+
+      console.log('');
+      console.log('\x1b[33m⚠️  Threat detected:\x1b[0m');
+      console.log(`   File: \x1b[36m${filePath}\x1b[0m`);
+      console.log(`   Pattern: \x1b[31m${finding.id}\x1b[0m - ${finding.name}`);
+      console.log(`   Risk: ${finding.severity} (Score: ${finding.score})`);
+      
+      if (finding.match) {
+        const preview = finding.match.length > 60 
+          ? finding.match.substring(0, 60) + '...'
+          : finding.match;
+        console.log(`   Found: "${preview}"`);
+      }
+      
+      console.log('');
+      console.log('   \x1b[32m[I]\x1b[0m Ignore this entire file');
+      console.log(`   \x1b[32m[P]\x1b[0m Ignore pattern ${finding.id} only`);
+      console.log('   \x1b[32m[K]\x1b[0m Keep (this is a real threat)');
+      console.log('   \x1b[32m[Q]\x1b[0m Quit scanning');
+      console.log('');
+
+      rl.question('   Choice: ', (answer) => {
+        rl.close();
+        
+        const choice = answer.toLowerCase().trim();
+        
+        if (choice === 'i') {
+          this.ignoreParser.addIgnoreRule(filePath, '*');
+          console.log(`   ✅ Added to .aiwardenignore: ${filePath}`);
+          resolve('ignore-file');
+        } else if (choice === 'p') {
+          this.ignoreParser.addIgnoreRule(filePath, finding.id);
+          console.log(`   ✅ Added to .aiwardenignore: ${filePath}:${finding.id}`);
+          resolve('ignore-pattern');
+        } else if (choice === 'k') {
+          console.log('   ⚠️  Kept as threat');
+          resolve('keep');
+        } else if (choice === 'q') {
+          console.log('   🛑 Scan aborted');
+          resolve('quit');
+        } else {
+          console.log('   Invalid choice, treating as "keep"');
+          resolve('keep');
+        }
+      });
+    });
+  }
+
+  /**
+   * Show summary at the end
+   */
+  showSummary(addedRules) {
+    if (addedRules.length === 0) {
+      return;
+    }
+
+    console.log('');
+    console.log('\x1b[32m✅ Whitelist updated:\x1b[0m');
+    addedRules.forEach(rule => {
+      console.log(`   - ${rule}`);
+    });
+    console.log('');
+    console.log('   Run scan again to skip these files/patterns.');
+  }
+}
+
+module.exports = InteractivePrompt;