appsec-agent 2.7.0 → 2.8.0

package/dist/src/schemas/fp_adversary_pass.d.ts

@@ -0,0 +1,188 @@
+/**
+ * fp_adversary second-pass input/output (v2.8.0) — full-repo review false-positive filter.
+ *
+ * Used by the parent app Lane-2 (full-repo scheduled scans) Phase 2.5. Parent app
+ * passes a JSON file containing candidate findings from the first-pass
+ * `code_reviewer` plus structured project posture inputs sourced from the
+ * `projects.*_context` columns and an optional `similar_dismissed` array
+ * (top-3 prior dismissals for the same CWE, pre-built via the parent app's
+ * `queryFindingsHistory` MCP tool).
+ *
+ * Output schema is deliberately distinct from `SECURITY_REPORT_SCHEMA` so the
+ * verdict contract (`fingerprint`, `verdict`, numeric `confidence`,
+ * `rationale`, optional `cost_usd_estimate`) is locked down separately from
+ * the primary security-report shape that may drift across model upgrades.
+ * Each verdict round-trips on `fingerprint` so the parent app maps verdicts
+ * back to its `repo_finding_ledger` rows without depending on string IDs.
+ *
+ * Decision rationale: see [docs/FULL_REPO_REVIEW_QUALITY_PLAN.md] §6 and the
+ * sibling parent app plan (Phase 2.5, G1 — Option (a) "separate schema").
+ */
+export interface FpAdversaryPassFinding {
+    /**
+     * Stable parent-app fingerprint (sha256 of `cwe + file + normalised
+     * snippet + line range`). Required — the round-trip key the parent app
+     * uses to map each verdict back to its ledger row.
+     */
+    fingerprint: string;
+    id?: string;
+    title: string;
+    file: string;
+    line_numbers?: string;
+    severity?: string;
+    confidence?: string;
+    category?: string;
+    cwe_id?: string;
+    cwe?: string;
+    description: string;
+    recommendation?: string;
+    code_snippet?: string;
+    impact?: string;
+}
+export interface FpAdversaryPassContext {
+    findings: FpAdversaryPassFinding[];
+    /** Free-form summary of the repo's purpose, tech stack, primary entry points. */
+    project_summary?: string;
+    /** Concrete security mechanisms in use: libraries, middleware, auth patterns. */
+    security_context?: string;
+    /** Deployment posture: hosted/self-hosted, network exposure, multi-tenant model. */
+    deployment_context?: string;
+    /** Security-relevant developer guidance: PHI handling rules, SQL injection conventions. */
+    developer_context?: string;
+    /**
+     * Top-3 similar dismissed findings (pre-built by parent app via
+     * `queryFindingsHistory`). The adversary uses these as a precedent
+     * check: "this CWE was dismissed before for {reason} — does that apply?"
+     */
+    similar_dismissed?: Array<{
+        fingerprint: string;
+        file: string;
+        cwe?: string;
+        dismissal_reason?: string;
+    }>;
+    metadata?: {
+        project_name?: string;
+    };
+}
+export interface FpAdversaryVerdict {
+    /** Round-trip key matching one of the input findings' fingerprints. */
+    fingerprint: string;
+    verdict: 'confirm' | 'dismiss';
+    /** 0.0 (no confidence) — 1.0 (highest confidence). */
+    confidence: number;
+    /** ≤500-char justification surfaced in the auto_dismissed_findings audit row. */
+    rationale: string;
+    /**
+     * Threaded through from the Claude Agent SDK's `total_cost_usd` so the
+     * parent app's cost-cap accumulator can stop the loop deterministically
+     * without re-counting tokens. Optional for backward-compat.
+     */
+    cost_usd_estimate?: number;
+}
+export interface FpAdversaryReport {
+    fp_adversary_report: {
+        verdicts: FpAdversaryVerdict[];
+    };
+}
+/**
+ * JSON Schema enforced by the Claude Agent SDK at generation time.
+ *
+ * The schema deliberately allows zero verdicts (an empty findings input → empty
+ * verdicts output) and requires every verdict to round-trip on `fingerprint`
+ * so the parent app can detect schema violations without per-finding heuristics.
+ */
+export declare const FP_ADVERSARY_REPORT_SCHEMA: {
+    readonly type: "object";
+    readonly required: readonly ["fp_adversary_report"];
+    readonly additionalProperties: false;
+    readonly properties: {
+        readonly fp_adversary_report: {
+            readonly type: "object";
+            readonly required: readonly ["verdicts"];
+            readonly additionalProperties: false;
+            readonly properties: {
+                readonly verdicts: {
+                    readonly type: "array";
+                    readonly items: {
+                        readonly type: "object";
+                        readonly required: readonly ["fingerprint", "verdict", "confidence", "rationale"];
+                        readonly additionalProperties: false;
+                        readonly properties: {
+                            readonly fingerprint: {
+                                readonly type: "string";
+                                readonly description: "Round-trip key matching one of the input findings' fingerprints. Required.";
+                            };
+                            readonly verdict: {
+                                readonly type: "string";
+                                readonly enum: readonly ["confirm", "dismiss"];
+                                readonly description: "`confirm` keeps the finding in scan_findings; `dismiss` routes it to auto_dismissed_findings (subject to confidence threshold + severity floor on the parent side).";
+                            };
+                            readonly confidence: {
+                                readonly type: "number";
+                                readonly minimum: 0;
+                                readonly maximum: 1;
+                                readonly description: "Numeric 0.0-1.0 (NOT enum HIGH/MED/LOW). Drives the auto-dismiss vs pre_dismissed branch on the parent side.";
+                            };
+                            readonly rationale: {
+                                readonly type: "string";
+                                readonly maxLength: 500;
+                                readonly description: "Plain-English justification surfaced in the auto_dismissed_findings audit row + Restore UI.";
+                            };
+                            readonly cost_usd_estimate: {
+                                readonly type: "number";
+                                readonly minimum: 0;
+                                readonly description: "Per-finding USD cost threaded from agent-run's SDK output. Optional for backward-compat.";
+                            };
+                        };
+                    };
+                };
+            };
+        };
+    };
+};
+/**
+ * Parse and validate the fp_adversary input JSON.
+ *
+ * Required: top-level `findings` array, each with non-empty `fingerprint`,
+ * `title`, `file`, `description`. Other fields are normalized but not required.
+ * Throws on invalid input — the CLI dispatcher in `main.ts` catches and exits 1.
+ */
+export declare function parseFpAdversaryPassContext(data: unknown): FpAdversaryPassContext;
+/**
+ * Normalize fingerprint-keyed findings into a stable shape for the prompt's
+ * JSON block. Mirrors `toSecurityFindings` for `pr_adversary` but preserves
+ * the parent-app `fingerprint` field that drives the verdict round-trip.
+ */
+export declare function toFpAdversaryFindings(ctx: FpAdversaryPassContext): Array<{
+    fingerprint: string;
+    title: string;
+    severity: string;
+    confidence: string;
+    category: string;
+    file: string;
+    line_numbers?: string;
+    cwe_id?: string;
+    cwe?: string;
+    description: string;
+    recommendation: string;
+    code_snippet?: string;
+    impact?: string;
+}>;
+/**
+ * Build the user message for the fp_adversary role.
+ *
+ * Layout:
+ *   1. Adversarial-review framing (verdict criteria, threshold guidance).
+ *   2. `### Project posture (from extraction)` block with the four
+ *      structured context fields if present (precedes the integrator's `-c`
+ *      additional context to keep parent-app posture authoritative).
+ *   3. `-c` additional context block.
+ *   4. Similar-dismissed precedent block (if any).
+ *   5. Candidate findings JSON.
+ */
+export declare function buildFpAdversaryUserPrompt(ctx: FpAdversaryPassContext, opts?: {
+    additionalContext?: string;
+}): string;
+/** Empty report shell for tests / fallbacks. */
+export declare function emptyFpAdversaryReport(): FpAdversaryReport;
+//# sourceMappingURL=fp_adversary_pass.d.ts.map

package/dist/src/schemas/fp_adversary_pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fp_adversary_pass.d.ts","sourceRoot":"","sources":["../../../src/schemas/fp_adversary_pass.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,WAAW,sBAAsB;IACrC;;;;OAIG;IACH,WAAW,EAAE,MAAM,CAAC;IACpB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,sBAAsB,EAAE,CAAC;IACnC,iFAAiF;IACjF,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iFAAiF;IACjF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,oFAAoF;IACpF,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,2FAA2F;IAC3F,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B;;;;OAIG;IACH,iBAAiB,CAAC,EAAE,KAAK,CAAC;QACxB,WAAW,EAAE,MAAM,CAAC;QACpB,IAAI,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC3B,CAAC,CAAC;IACH,QAAQ,CAAC,EAAE;QAAE,YAAY,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CACtC;AAED,MAAM,WAAW,kBAAkB;IACjC,uEAAuE;IACvE,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,SAAS,GAAG,SAAS,CAAC;IAC/B,sDAAsD;IACtD,UAAU,EAAE,MAAM,CAAC;IACnB,iFAAiF;IACjF,SAAS,EAAE,MAAM,CAAC;IAClB;;;;OAIG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,iBAAiB;IAChC,mBAAmB,EAAE;QACnB,QAAQ,EAAE,kBAAkB,EAAE,CAAC;KAChC,CAAC;CACH;AAED;;;;;;GAMG;AACH,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqD7B,CAAC;AAIX;;;;;;GAMG;AACH,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,OAAO,GAAG,sBAAsB,CA+DjF;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CACnC,GAAG,EAAE,sBAAsB,GAC1B,KAAK,CAAC;IACP,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB,CAAC,CAsBD;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,0BAA0B,CACxC,GAAG,EAAE,sBAAsB,EAC3B,IAAI,GAAE;IAAE,iBAAiB,CAAC,EAAE,MAAM,CAAA;CAAO,GACxC,MAAM,CAqER;AAED,gDAAgD;AAChD,wBAAgB,sBAAsB,IAAI,iBAAiB,CAE1D"}

package/dist/src/schemas/fp_adversary_pass.js

@@ -0,0 +1,258 @@
+"use strict";
+/**
+ * fp_adversary second-pass input/output (v2.8.0) — full-repo review false-positive filter.
+ *
+ * Used by the parent app Lane-2 (full-repo scheduled scans) Phase 2.5. Parent app
+ * passes a JSON file containing candidate findings from the first-pass
+ * `code_reviewer` plus structured project posture inputs sourced from the
+ * `projects.*_context` columns and an optional `similar_dismissed` array
+ * (top-3 prior dismissals for the same CWE, pre-built via the parent app's
+ * `queryFindingsHistory` MCP tool).
+ *
+ * Output schema is deliberately distinct from `SECURITY_REPORT_SCHEMA` so the
+ * verdict contract (`fingerprint`, `verdict`, numeric `confidence`,
+ * `rationale`, optional `cost_usd_estimate`) is locked down separately from
+ * the primary security-report shape that may drift across model upgrades.
+ * Each verdict round-trips on `fingerprint` so the parent app maps verdicts
+ * back to its `repo_finding_ledger` rows without depending on string IDs.
+ *
+ * Decision rationale: see [docs/FULL_REPO_REVIEW_QUALITY_PLAN.md] §6 and the
+ * sibling parent app plan (Phase 2.5, G1 — Option (a) "separate schema").
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FP_ADVERSARY_REPORT_SCHEMA = void 0;
+exports.parseFpAdversaryPassContext = parseFpAdversaryPassContext;
+exports.toFpAdversaryFindings = toFpAdversaryFindings;
+exports.buildFpAdversaryUserPrompt = buildFpAdversaryUserPrompt;
+exports.emptyFpAdversaryReport = emptyFpAdversaryReport;
+/**
+ * JSON Schema enforced by the Claude Agent SDK at generation time.
+ *
+ * The schema deliberately allows zero verdicts (an empty findings input → empty
+ * verdicts output) and requires every verdict to round-trip on `fingerprint`
+ * so the parent app can detect schema violations without per-finding heuristics.
+ */
+exports.FP_ADVERSARY_REPORT_SCHEMA = {
+    type: 'object',
+    required: ['fp_adversary_report'],
+    additionalProperties: false,
+    properties: {
+        fp_adversary_report: {
+            type: 'object',
+            required: ['verdicts'],
+            additionalProperties: false,
+            properties: {
+                verdicts: {
+                    type: 'array',
+                    items: {
+                        type: 'object',
+                        required: ['fingerprint', 'verdict', 'confidence', 'rationale'],
+                        additionalProperties: false,
+                        properties: {
+                            fingerprint: {
+                                type: 'string',
+                                description: "Round-trip key matching one of the input findings' fingerprints. Required.",
+                            },
+                            verdict: {
+                                type: 'string',
+                                enum: ['confirm', 'dismiss'],
+                                description: '`confirm` keeps the finding in scan_findings; `dismiss` routes it to auto_dismissed_findings (subject to confidence threshold + severity floor on the parent side).',
+                            },
+                            confidence: {
+                                type: 'number',
+                                minimum: 0,
+                                maximum: 1,
+                                description: 'Numeric 0.0-1.0 (NOT enum HIGH/MED/LOW). Drives the auto-dismiss vs pre_dismissed branch on the parent side.',
+                            },
+                            rationale: {
+                                type: 'string',
+                                maxLength: 500,
+                                description: 'Plain-English justification surfaced in the auto_dismissed_findings audit row + Restore UI.',
+                            },
+                            cost_usd_estimate: {
+                                type: 'number',
+                                minimum: 0,
+                                description: "Per-finding USD cost threaded from agent-run's SDK output. Optional for backward-compat.",
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    },
+};
+const MAX_FINDINGS_PER_RUN = 500;
+/**
+ * Parse and validate the fp_adversary input JSON.
+ *
+ * Required: top-level `findings` array, each with non-empty `fingerprint`,
+ * `title`, `file`, `description`. Other fields are normalized but not required.
+ * Throws on invalid input — the CLI dispatcher in `main.ts` catches and exits 1.
+ */
+function parseFpAdversaryPassContext(data) {
+    if (!data || typeof data !== 'object') {
+        throw new Error('fp_adversary context must be a JSON object');
+    }
+    const o = data;
+    if (!Array.isArray(o.findings)) {
+        throw new Error('fp_adversary context must include a "findings" array');
+    }
+    if (o.findings.length > MAX_FINDINGS_PER_RUN) {
+        throw new Error(`fp_adversary supports at most ${MAX_FINDINGS_PER_RUN} findings per run`);
+    }
+    for (const item of o.findings) {
+        if (!item || typeof item !== 'object') {
+            throw new Error('Each finding must be an object');
+        }
+        const f = item;
+        for (const k of ['fingerprint', 'title', 'file', 'description']) {
+            if (typeof f[k] !== 'string' || !String(f[k]).trim()) {
+                throw new Error(`Each finding must have a non-empty string "${k}"`);
+            }
+        }
+    }
+    const optionalString = (key) => {
+        const v = o[key];
+        return typeof v === 'string' && v.trim() ? v : undefined;
+    };
+    let similarDismissed;
+    if (Array.isArray(o.similar_dismissed)) {
+        similarDismissed = [];
+        for (const item of o.similar_dismissed) {
+            if (!item || typeof item !== 'object')
+                continue;
+            const s = item;
+            if (typeof s.fingerprint !== 'string' || !s.fingerprint.trim())
+                continue;
+            if (typeof s.file !== 'string' || !s.file.trim())
+                continue;
+            similarDismissed.push({
+                fingerprint: s.fingerprint,
+                file: s.file,
+                cwe: typeof s.cwe === 'string' ? s.cwe : undefined,
+                dismissal_reason: typeof s.dismissal_reason === 'string' ? s.dismissal_reason : undefined,
+            });
+        }
+    }
+    return {
+        findings: o.findings,
+        project_summary: optionalString('project_summary'),
+        security_context: optionalString('security_context'),
+        deployment_context: optionalString('deployment_context'),
+        developer_context: optionalString('developer_context'),
+        similar_dismissed: similarDismissed,
+        metadata: o.metadata && typeof o.metadata === 'object'
+            ? {
+                project_name: typeof o.metadata.project_name === 'string'
+                    ? o.metadata.project_name
+                    : undefined,
+            }
+            : undefined,
+    };
+}
+/**
+ * Normalize fingerprint-keyed findings into a stable shape for the prompt's
+ * JSON block. Mirrors `toSecurityFindings` for `pr_adversary` but preserves
+ * the parent-app `fingerprint` field that drives the verdict round-trip.
+ */
+function toFpAdversaryFindings(ctx) {
+    const ALLOWED_SEVERITY = new Set(['CRITICAL', 'HIGH', 'MEDIUM', 'LOW', 'INFO']);
+    const ALLOWED_CONFIDENCE = new Set(['HIGH', 'MEDIUM', 'LOW']);
+    return ctx.findings.map((f) => {
+        const sev = (f.severity || 'MEDIUM').toUpperCase();
+        const conf = (f.confidence || 'MEDIUM').toUpperCase();
+        return {
+            fingerprint: f.fingerprint,
+            title: f.title,
+            severity: ALLOWED_SEVERITY.has(sev) ? sev : 'MEDIUM',
+            confidence: ALLOWED_CONFIDENCE.has(conf) ? conf : 'MEDIUM',
+            category: f.category && f.category.trim() ? f.category : 'Security',
+            file: f.file,
+            line_numbers: f.line_numbers,
+            cwe_id: f.cwe_id,
+            cwe: f.cwe,
+            description: f.description,
+            recommendation: f.recommendation || '',
+            code_snippet: f.code_snippet,
+            impact: f.impact,
+        };
+    });
+}
+/**
+ * Build the user message for the fp_adversary role.
+ *
+ * Layout:
+ *   1. Adversarial-review framing (verdict criteria, threshold guidance).
+ *   2. `### Project posture (from extraction)` block with the four
+ *      structured context fields if present (precedes the integrator's `-c`
+ *      additional context to keep parent-app posture authoritative).
+ *   3. `-c` additional context block.
+ *   4. Similar-dismissed precedent block (if any).
+ *   5. Candidate findings JSON.
+ */
+function buildFpAdversaryUserPrompt(ctx, opts = {}) {
+    const lines = [
+        '## Adversarial false-positive review (full-repo, second pass)',
+        '',
+        'You are given candidate findings from an initial full-repo security scan. For each finding, return a verdict: **confirm** (a real, exploitable issue) or **dismiss** (a likely false positive).',
+        '',
+        '**Confirm** only when you can name a *concrete failure path*: a plausible input or trigger, the relevant call site in the repo, and a security-relevant outcome (data leak, RCE, auth bypass, privilege escalation, etc.). Use Read/Grep to verify reachability.',
+        '**Dismiss** when the finding is vague, already mitigated by code you can see, test-only/example code, configuration-only with no production impact, or you cannot name a specific exploit or failure path.',
+        '',
+        'For each verdict provide:',
+        '- `fingerprint` — copy verbatim from the input.',
+        '- `verdict` — `confirm` or `dismiss`.',
+        '- `confidence` — numeric 0.0–1.0. Use ≥0.85 for dismissals only when the evidence is strong (mitigation seen, code is test-only, etc.). Lower values route the finding to a pre-dismissed UI state instead of full auto-dismissal on the parent side.',
+        '- `rationale` — ≤500 chars. State the concrete evidence (which file, which mitigation, which reachability gap).',
+        '',
+        'Return one JSON object matching the `fp_adversary_report` schema. Include exactly one verdict per input finding; missing verdicts are treated as `confirm` by the parent app (no silent drops).',
+        '',
+    ];
+    const posture = [];
+    if (ctx.project_summary)
+        posture.push(`**Project summary:**\n${ctx.project_summary}`);
+    if (ctx.security_context)
+        posture.push(`**Security context:**\n${ctx.security_context}`);
+    if (ctx.deployment_context)
+        posture.push(`**Deployment context:**\n${ctx.deployment_context}`);
+    if (ctx.developer_context)
+        posture.push(`**Developer context:**\n${ctx.developer_context}`);
+    if (posture.length > 0) {
+        lines.push('### Project posture (from extraction)');
+        lines.push(...posture);
+        lines.push('');
+        lines.push('Weight the posture above when assessing each finding: e.g., if `security_context` names a parameterized-query library, a SQL-injection finding on that path should require concrete evidence of bypass before confirming.');
+        lines.push('');
+    }
+    if (opts.additionalContext) {
+        lines.push('### Additional context (from integrator)');
+        lines.push(opts.additionalContext);
+        lines.push('');
+    }
+    if (ctx.similar_dismissed && ctx.similar_dismissed.length > 0) {
+        lines.push('### Similar prior dismissals (precedent)');
+        lines.push('These fingerprints were previously dismissed on this project. If a candidate finding mirrors the pattern, consider the same dismissal — but verify the code still matches.');
+        for (const s of ctx.similar_dismissed) {
+            const cweTag = s.cwe ? `, CWE=${s.cwe}` : '';
+            const reasonTag = s.dismissal_reason ? ` — ${s.dismissal_reason}` : '';
+            lines.push(`- \`${s.fingerprint}\` (${s.file}${cweTag})${reasonTag}`);
+        }
+        lines.push('');
+    }
+    if (ctx.metadata?.project_name) {
+        lines.push(`**Project:** ${ctx.metadata.project_name}`);
+        lines.push('');
+    }
+    lines.push('### Candidate findings (input)');
+    lines.push('```json');
+    lines.push(JSON.stringify({ findings: toFpAdversaryFindings(ctx) }, null, 2));
+    lines.push('```');
+    lines.push('');
+    lines.push('Analyze with Read/Grep against the source tree (and MCP tools if available — queryImportGraph for reachability, queryCodebaseGraph for callers/callees, queryRuntimeEnrichment for runtime-incident overlap) as needed, then output the verdict array JSON only (structured output).');
+    return lines.join('\n');
+}
+/** Empty report shell for tests / fallbacks. */
+function emptyFpAdversaryReport() {
+    return { fp_adversary_report: { verdicts: [] } };
+}
+//# sourceMappingURL=fp_adversary_pass.js.map

package/dist/src/schemas/fp_adversary_pass.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fp_adversary_pass.js","sourceRoot":"","sources":["../../../src/schemas/fp_adversary_pass.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;GAmBG;;;AA6IH,kEA+DC;AAOD,sDAsCC;AAcD,gEAwEC;AAGD,wDAEC;AA9QD;;;;;;GAMG;AACU,QAAA,0BAA0B,GAAG;IACxC,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,CAAC,qBAAqB,CAAC;IACjC,oBAAoB,EAAE,KAAK;IAC3B,UAAU,EAAE;QACV,mBAAmB,EAAE;YACnB,IAAI,EAAE,QAAQ;YACd,QAAQ,EAAE,CAAC,UAAU,CAAC;YACtB,oBAAoB,EAAE,KAAK;YAC3B,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,QAAQ,EAAE,CAAC,aAAa,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,CAAC;wBAC/D,oBAAoB,EAAE,KAAK;wBAC3B,UAAU,EAAE;4BACV,WAAW,EAAE;gCACX,IAAI,EAAE,QAAQ;gCACd,WAAW,EACT,4EAA4E;6BAC/E;4BACD,OAAO,EAAE;gCACP,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;gCAC5B,WAAW,EACT,qKAAqK;6BACxK;4BACD,UAAU,EAAE;gCACV,IAAI,EAAE,QAAQ;gCACd,OAAO,EAAE,CAAC;gCACV,OAAO,EAAE,CAAC;gCACV,WAAW,EACT,8GAA8G;6BACjH;4BACD,SAAS,EAAE;gCACT,IAAI,EAAE,QAAQ;gCACd,SAAS,EAAE,GAAG;gCACd,WAAW,EACT,6FAA6F;6BAChG;4BACD,iBAAiB,EAAE;gCACjB,IAAI,EAAE,QAAQ;gCACd,OAAO,EAAE,CAAC;gCACV,WAAW,EACT,0FAA0F;6BAC7F;yBACF;qBACF;iBACF;aACF;SACF;KACF;CACO,CAAC;AAEX,MAAM,oBAAoB,GAAG,GAAG,CAAC;AAEjC;;;;;;GAMG;AACH,SAAgB,2BAA2B,CAAC,IAAa;IACvD,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChE,CAAC;IACD,MAAM,CAAC,GAAG,IAA+B,CAAC;IAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IAC1E,CAAC;IACD,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,oBAAoB,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,iCAAiC,oBAAoB,mBAAmB,CAAC,CAAC;IAC5F,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QACD,MAAM,CAAC,GAAG,IAA+B,CAAC;QAC1C,KAAK,MAAM,CAAC,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,MAAM,EAAE,aAAa,CAAU,EAAE,CAAC;YACzE,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;gBACrD,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,CAAC,GAAW,EAAsB,EAAE;QACzD,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;QACjB,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC3D,CAAC,CAAC;IAEF,IAAI,gBAA6D,CAAC;IAClE,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACvC,gBAAgB,GAAG,EAAE,CAAC;QACtB,KAAK,MAAM,IAAI,IAAI,CAAC,CAAC,iBAAiB,EAAE,CAAC;YACvC,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;gBAAE,SAAS;YAChD,MAAM,CAAC,GAAG,IAA+B,CAAC;YAC1C,IAAI,OAAO,CAAC,CAAC,WAAW,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,EAAE;gBAAE,SAAS;YACzE,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE;gBAAE,SAAS;YAC3D,gBAAgB,CAAC,IAAI,CAAC;gBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,GAAG,EAAE,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;gBAClD,gBAAgB,EACd,OAAO,CAAC,CAAC,gBAAgB,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS;aAC1E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,CAAC,CAAC,QAA8C;QAC1D,eAAe,EAAE,cAAc,CAAC,iBAAiB,CAAC;QAClD,gBAAgB,EAAE,cAAc,CAAC,kBAAkB,CAAC;QACpD,kBAAkB,EAAE,cAAc,CAAC,oBAAoB,CAAC;QACxD,iBAAiB,EAAE,cAAc,CAAC,mBAAmB,CAAC;QACtD,iBAAiB,EAAE,gBAAgB;QACnC,QAAQ,EACN,CAAC,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,QAAQ,KAAK,QAAQ;YAC1C,CAAC,CAAC;gBACE,YAAY,EACV,OAAQ,CAAC,CAAC,QAAsC,CAAC,YAAY,KAAK,QAAQ;oBACxE,CAAC,CAAE,CAAC,CAAC,QAAqC,CAAC,YAAY;oBACvD,CAAC,CAAC,SAAS;aAChB;YACH,CAAC,CAAC,SAAS;KAChB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAgB,qBAAqB,CACnC,GAA2B;IAgB3B,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;IAChF,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;IAC9D,OAAO,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QAC5B,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;QACnD,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,UAAU,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;QACtD,OAAO;YACL,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ;YACpD,UAAU,EAAE,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ;YAC1D,QAAQ,EAAE,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU;YACnE,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,YAAY,EAAE,CAAC,CAAC,YAAY;YAC5B,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,cAAc,EAAE,CAAC,CAAC,cAAc,IAAI,EAAE;YACtC,YAAY,EAAE,CAAC,CAAC,YAAY;YAC5B,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAgB,0BAA0B,CACxC,GAA2B,EAC3B,OAAuC,EAAE;IAEzC,MAAM,KAAK,GAAa;QACtB,+DAA+D;QAC/D,EAAE;QACF,iMAAiM;QACjM,EAAE;QACF,kQAAkQ;QAClQ,4MAA4M;QAC5M,EAAE;QACF,2BAA2B;QAC3B,iDAAiD;QACjD,uCAAuC;QACvC,uPAAuP;QACvP,iHAAiH;QACjH,EAAE;QACF,iMAAiM;QACjM,EAAE;KACH,CAAC;IAEF,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,GAAG,CAAC,eAAe;QAAE,OAAO,CAAC,IAAI,CAAC,yBAAyB,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC;IACtF,IAAI,GAAG,CAAC,gBAAgB;QAAE,OAAO,CAAC,IAAI,CAAC,0BAA0B,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC;IACzF,IAAI,GAAG,CAAC,kBAAkB;QACxB,OAAO,CAAC,IAAI,CAAC,4BAA4B,GAAG,CAAC,kBAAkB,EAAE,CAAC,CAAC;IACrE,IAAI,GAAG,CAAC,iBAAiB;QAAE,OAAO,CAAC,IAAI,CAAC,2BAA2B,GAAG,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC5F,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QACpD,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CACR,2NAA2N,CAC5N,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACnC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9D,KAAK,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CACR,4KAA4K,CAC7K,CAAC;QACF,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,iBAAiB,EAAE,CAAC;YACtC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7C,MAAM,SAAS,GAAG,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,OAAO,CAAC,CAAC,IAAI,GAAG,MAAM,IAAI,SAAS,EAAE,CAAC,CAAC;QACxE,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,EAAE,YAAY,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,gBAAgB,GAAG,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;IAC7C,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACtB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,qBAAqB,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC9E,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CACR,sRAAsR,CACvR,CAAC;IAEF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,gDAAgD;AAChD,SAAgB,sBAAsB;IACpC,OAAO,EAAE,mBAAmB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,EAAE,CAAC;AACnD,CAAC"}

package/package.json

@@ -1,9 +1,9 @@
 {
   "name": "appsec-agent",
-  "version": "2.7.0",
+  "version": "2.8.0",
   "description": "TypeScript package for AppSec AI Agent management",
   "author": "Sam Li",
-  "date": "May 13 2026",
+  "date": "May 27 2026",
   "license": "Apache-2.0",
   "main": "dist/src/index.js",
   "types": "dist/src/index.d.ts",