circle-ir-ai 1.1.0

package/dist/skills/skill-analyzer.js

@@ -0,0 +1,361 @@
+/**
+ * Skill Analyzer
+ *
+ * Main orchestrator for analyzing AI skill bundles.
+ * Coordinates extraction, taint analysis, and cross-artifact reasoning.
+ */
+import { loadSkillBundle, validateSkillBundle } from './bundle-loader.js';
+import { createDefaultExtractorRegistry } from '../extractors/index.js';
+import { detectCapabilityMismatches } from './capability-mismatch.js';
+/**
+ * Analyze a skill bundle
+ *
+ * @param skillPath - Path to skill directory
+ * @param options - Analysis options
+ * @returns Analysis result with findings and trust score
+ */
+export async function analyzeSkillBundle(skillPath, options = {}) {
+    const startTime = Date.now();
+    // Default options
+    const { enableCrossArtifact = true, enableVerification = true, minConfidence = 0.7, minSeverity = 'low', onProgress, } = options;
+    try {
+        // Phase 1: Load skill bundle
+        onProgress?.({
+            phase: 'loading',
+            progress: 0,
+            message: 'Loading skill bundle...',
+        });
+        const bundle = await loadSkillBundle(skillPath);
+        // Validate bundle structure
+        const validationErrors = await validateSkillBundle(bundle);
+        if (validationErrors.length > 0) {
+            throw new Error(`Invalid skill bundle: ${validationErrors.join(', ')}`);
+        }
+        onProgress?.({
+            phase: 'loading',
+            progress: 10,
+            message: `Loaded skill: ${bundle.name}`,
+        });
+        // Phase 2: Extract CircleIR from all artifacts
+        onProgress?.({
+            phase: 'extracting',
+            progress: 20,
+            message: 'Extracting from artifacts...',
+        });
+        const extracted = await extractAllArtifacts(bundle, onProgress);
+        onProgress?.({
+            phase: 'extracting',
+            progress: 50,
+            message: `Extracted ${extracted.length} artifacts`,
+        });
+        // Phase 3: Run unified taint analysis
+        onProgress?.({
+            phase: 'analyzing',
+            progress: 60,
+            message: 'Running taint analysis...',
+        });
+        const findings = await analyzeExtractedArtifacts(bundle, extracted, enableCrossArtifact, onProgress);
+        onProgress?.({
+            phase: 'analyzing',
+            progress: 80,
+            message: `Found ${findings.length} potential issues`,
+        });
+        // Phase 4: Filter by confidence and severity
+        const filteredFindings = findings.filter((f) => f.confidence >= minConfidence && compareSeverity(f.severity, minSeverity) >= 0);
+        // Phase 5: Calculate trust score
+        const score = calculateTrustScore(filteredFindings);
+        // Phase 6: Generate recommendations
+        const recommendations = generateRecommendations(filteredFindings);
+        onProgress?.({
+            phase: 'reporting',
+            progress: 100,
+            message: 'Analysis complete',
+        });
+        const endTime = Date.now();
+        return {
+            skillId: bundle.skillId,
+            name: bundle.name,
+            version: bundle.version,
+            findings: filteredFindings,
+            score,
+            recommendations,
+            metadata: {
+                timestamp: new Date().toISOString(),
+                durationMs: endTime - startTime,
+                artifactsAnalyzed: extracted.map((e) => e.artifact),
+                extractorsUsed: [...new Set(extracted.map((e) => e.extractor))],
+            },
+        };
+    }
+    catch (error) {
+        throw new Error(`Skill analysis failed: ${error instanceof Error ? error.message : error}`);
+    }
+}
+/**
+ * Extract CircleIR from all artifacts in the bundle
+ */
+async function extractAllArtifacts(bundle, onProgress) {
+    const extracted = [];
+    const registry = await createDefaultExtractorRegistry();
+    // Extract from SKILL.md
+    const skillMdExtractor = registry.findExtractor('SKILL.md');
+    if (skillMdExtractor) {
+        onProgress?.({
+            phase: 'extracting',
+            artifact: 'SKILL.md',
+            progress: 25,
+            message: 'Extracting from SKILL.md...',
+        });
+        const startTime = Date.now();
+        const ir = await skillMdExtractor.extract(bundle.skillMd, 'SKILL.md');
+        const extractionTimeMs = Date.now() - startTime;
+        extracted.push({
+            artifact: 'SKILL.md',
+            ir,
+            extractor: skillMdExtractor.name,
+            extractionTimeMs,
+        });
+    }
+    // Extract from code files
+    let codeProgress = 0;
+    for (const file of bundle.codeFiles) {
+        const extractor = registry.findExtractor(file.path);
+        if (extractor) {
+            codeProgress++;
+            const progressPercent = 25 + (codeProgress / bundle.codeFiles.length) * 20;
+            onProgress?.({
+                phase: 'extracting',
+                artifact: file.path,
+                progress: progressPercent,
+                message: `Extracting from ${file.path}...`,
+            });
+            const startTime = Date.now();
+            const ir = await extractor.extract(file.content, file.path);
+            const extractionTimeMs = Date.now() - startTime;
+            extracted.push({
+                artifact: file.path,
+                ir,
+                extractor: extractor.name,
+                extractionTimeMs,
+            });
+        }
+    }
+    return extracted;
+}
+/**
+ * Analyze extracted artifacts and generate findings
+ */
+async function analyzeExtractedArtifacts(bundle, extracted, enableCrossArtifact, onProgress) {
+    const findings = [];
+    // Collect all vulnerabilities from individual artifacts
+    // IMPORTANT: Skip SKILL.md - it declares capabilities, not vulnerabilities
+    for (const artifact of extracted) {
+        if (artifact.artifact === 'SKILL.md') {
+            // SKILL.md is only used for capability mismatch detection (cross-artifact analysis)
+            // Its sinks represent DECLARED capabilities, not actual vulnerabilities
+            continue;
+        }
+        const artifactFindings = extractFindingsFromIR(artifact.ir, artifact.artifact);
+        findings.push(...artifactFindings);
+    }
+    // Cross-artifact analysis (capability mismatch detection)
+    if (enableCrossArtifact) {
+        onProgress?.({
+            phase: 'analyzing',
+            progress: 70,
+            message: 'Detecting capability mismatches...',
+        });
+        const skillMdIR = extracted.find((e) => e.artifact === 'SKILL.md')?.ir;
+        const codeIRs = extracted.filter((e) => e.artifact !== 'SKILL.md');
+        if (skillMdIR && codeIRs.length > 0) {
+            const mismatches = await detectCapabilityMismatches(skillMdIR, codeIRs);
+            findings.push(...mismatches);
+        }
+    }
+    // Deduplicate findings (same vulnerability detected multiple times)
+    const deduplicated = deduplicateFindings(findings);
+    return deduplicated;
+}
+/**
+ * Extract findings from CircleIR
+ */
+function extractFindingsFromIR(ir, artifact) {
+    const findings = [];
+    // Extract vulnerability findings from sources/sinks
+    const { sources, sinks } = ir.taint;
+    // For now, create findings from sinks (vulnerabilities)
+    for (const sink of sinks || []) {
+        // FILTER: Skip common false positives in validation functions
+        if (isLikelyValidationCodeFalsePositive(sink)) {
+            continue;
+        }
+        // Determine severity from CWE (simplified)
+        const severity = getSeverityFromCWE(sink.cwe);
+        findings.push({
+            type: 'vulnerability',
+            severity,
+            artifact,
+            title: `${sink.type} vulnerability`,
+            description: `Potential ${sink.type} at ${sink.location}`,
+            evidence: {
+                sink,
+                cwe: sink.cwe,
+                location: sink.location,
+            },
+            confidence: sink.confidence || 0.8,
+            cwe: sink.cwe,
+            location: {
+                line: sink.line,
+                snippet: sink.location,
+            },
+        });
+    }
+    return findings;
+}
+/**
+ * Check if a sink is likely a false positive from validation code
+ *
+ * Common patterns:
+ * - path.resolve() inside validatePath() function
+ * - path.resolve() followed by startsWith() check
+ * - File operations inside validation functions
+ */
+function isLikelyValidationCodeFalsePositive(sink) {
+    const location = sink.location?.toLowerCase() || '';
+    // Path traversal in validation functions (path.resolve in validatePath, validateInput, etc.)
+    if (sink.type === 'path_traversal' && sink.cwe === 'CWE-22') {
+        if (location.includes('validatepath') ||
+            location.includes('validateinput') ||
+            location.includes('sanitizepath') ||
+            location.includes('sanitizeinput') ||
+            location.includes('validate(') ||
+            location.includes('sanitize(')) {
+            return true;
+        }
+        // path.resolve() in validation contexts
+        if (location.includes('path.resolve') && location.includes('validate')) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Get severity from CWE code (simplified heuristic)
+ */
+function getSeverityFromCWE(cwe) {
+    // SQL injection, command injection, code injection = critical
+    if (cwe.match(/CWE-(89|78|94)/)) {
+        return 'critical';
+    }
+    // XSS, path traversal, SSRF = high
+    if (cwe.match(/CWE-(79|22|918)/)) {
+        return 'high';
+    }
+    // Others = medium
+    return 'medium';
+}
+/**
+ * Calculate trust score from findings (0.0-1.0)
+ *
+ * Perfect score: 1.0 (no issues)
+ * Failing score: 0.0 (critical issues)
+ */
+function calculateTrustScore(findings) {
+    if (findings.length === 0) {
+        return 1.0; // Perfect score
+    }
+    // Severity weights
+    const weights = {
+        critical: 1.0,
+        high: 0.7,
+        medium: 0.4,
+        low: 0.2,
+        info: 0.1,
+    };
+    // Calculate weighted penalty
+    let penalty = 0;
+    for (const finding of findings) {
+        const weight = weights[finding.severity];
+        const confidenceAdjusted = weight * finding.confidence;
+        penalty += confidenceAdjusted;
+    }
+    // Normalize to 0-1 scale (assuming max 10 critical issues = 0.0 score)
+    const maxPenalty = 10.0;
+    const score = Math.max(0, 1.0 - penalty / maxPenalty);
+    return Math.round(score * 100) / 100; // Round to 2 decimal places
+}
+/**
+ * Generate actionable recommendations based on findings
+ */
+function generateRecommendations(findings) {
+    const recommendations = [];
+    // Group findings by type
+    const byType = new Map();
+    for (const finding of findings) {
+        const existing = byType.get(finding.type) || [];
+        existing.push(finding);
+        byType.set(finding.type, existing);
+    }
+    // Generate recommendations per type
+    if (byType.has('capability_mismatch')) {
+        recommendations.push('Update SKILL.md to accurately describe all capabilities and data access patterns');
+    }
+    if (byType.has('vulnerability')) {
+        const vulnFindings = byType.get('vulnerability');
+        const hasCritical = vulnFindings.some((f) => f.severity === 'critical');
+        if (hasCritical) {
+            recommendations.push('Fix critical vulnerabilities before deployment');
+        }
+        recommendations.push('Add input validation and sanitization for all user-controlled data');
+    }
+    if (byType.has('excessive_permission')) {
+        recommendations.push('Review and minimize MCP permissions to principle of least privilege');
+    }
+    if (byType.has('prompt_injection')) {
+        recommendations.push('Add prompt injection defenses to SKILL.md instructions');
+    }
+    if (recommendations.length === 0) {
+        recommendations.push('No critical issues found - skill passes security analysis');
+    }
+    return recommendations;
+}
+/**
+ * Compare severity levels
+ * Returns: 1 if a > b, 0 if a === b, -1 if a < b
+ */
+function compareSeverity(a, b) {
+    const order = ['info', 'low', 'medium', 'high', 'critical'];
+    const aIndex = order.indexOf(a);
+    const bIndex = order.indexOf(b);
+    return Math.sign(aIndex - bIndex);
+}
+/**
+ * Deduplicate findings based on unique characteristics
+ *
+ * Two findings are considered duplicates if they have:
+ * - Same artifact
+ * - Same type
+ * - Same CWE (if present)
+ * - Same location line (if present)
+ *
+ * When duplicates are found, keeps the one with highest confidence.
+ */
+function deduplicateFindings(findings) {
+    const uniqueMap = new Map();
+    for (const finding of findings) {
+        // Create unique key
+        const key = [
+            finding.artifact,
+            finding.type,
+            finding.cwe || 'no-cwe',
+            finding.location?.line || 'no-line',
+        ].join('|');
+        const existing = uniqueMap.get(key);
+        // Keep the finding with higher confidence
+        if (!existing || finding.confidence > existing.confidence) {
+            uniqueMap.set(key, finding);
+        }
+    }
+    return Array.from(uniqueMap.values());
+}
+//# sourceMappingURL=skill-analyzer.js.map

package/dist/skills/skill-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"skill-analyzer.js","sourceRoot":"","sources":["../../src/skills/skill-analyzer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAUH,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,EAAE,8BAA8B,EAAE,MAAM,wBAAwB,CAAC;AACxE,OAAO,EAAE,0BAA0B,EAAE,MAAM,0BAA0B,CAAC;AAEtE;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,SAAiB,EACjB,UAAgC,EAAE;IAElC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,kBAAkB;IAClB,MAAM,EACJ,mBAAmB,GAAG,IAAI,EAC1B,kBAAkB,GAAG,IAAI,EACzB,aAAa,GAAG,GAAG,EACnB,WAAW,GAAG,KAAK,EACnB,UAAU,GACX,GAAG,OAAO,CAAC;IAEZ,IAAI,CAAC;QACH,6BAA6B;QAC7B,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,SAAS;YAChB,QAAQ,EAAE,CAAC;YACX,OAAO,EAAE,yBAAyB;SACnC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,SAAS,CAAC,CAAC;QAEhD,4BAA4B;QAC5B,MAAM,gBAAgB,GAAG,MAAM,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC3D,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,yBAAyB,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1E,CAAC;QAED,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,SAAS;YAChB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,iBAAiB,MAAM,CAAC,IAAI,EAAE;SACxC,CAAC,CAAC;QAEH,+CAA+C;QAC/C,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,YAAY;YACnB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,8BAA8B;SACxC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,MAAM,mBAAmB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAEhE,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,YAAY;YACnB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,aAAa,SAAS,CAAC,MAAM,YAAY;SACnD,CAAC,CAAC;QAEH,sCAAsC;QACtC,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,2BAA2B;SACrC,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,yBAAyB,CAC9C,MAAM,EACN,SAAS,EACT,mBAAmB,EACnB,UAAU,CACX,CAAC;QAEF,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,SAAS,QAAQ,CAAC,MAAM,mBAAmB;SACrD,CAAC,CAAC;QAEH,6CAA6C;QAC7C,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CACtC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,IAAI,aAAa,IAAI,eAAe,CAAC,CAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,IAAI,CAAC,CACtF,CAAC;QAEF,iCAAiC;QACjC,MAAM,KAAK,GAAG,mBAAmB,CAAC,gBAAgB,CAAC,CAAC;QAEpD,oCAAoC;QACpC,MAAM,eAAe,GAAG,uBAAuB,CAAC,gBAAgB,CAAC,CAAC;QAElE,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,GAAG;YACb,OAAO,EAAE,mBAAmB;SAC7B,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE3B,OAAO;YACL,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,QAAQ,EAAE,gBAAgB;YAC1B,KAAK;YACL,eAAe;YACf,QAAQ,EAAE;gBACR,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,UAAU,EAAE,OAAO,GAAG,SAAS;gBAC/B,iBAAiB,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;gBACnD,cAAc,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;aAChE;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,0BAA0B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;IAC9F,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAChC,MAAmB,EACnB,UAAkC;IAElC,MAAM,SAAS,GAAwB,EAAE,CAAC;IAC1C,MAAM,QAAQ,GAAG,MAAM,8BAA8B,EAAE,CAAC;IAExD,wBAAwB;IACxB,MAAM,gBAAgB,GAAG,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;IAC5D,IAAI,gBAAgB,EAAE,CAAC;QACrB,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,YAAY;YACnB,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,6BAA6B;SACvC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QACtE,MAAM,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAEhD,SAAS,CAAC,IAAI,CAAC;YACb,QAAQ,EAAE,UAAU;YACpB,EAAE;YACF,SAAS,EAAE,gBAAgB,CAAC,IAAI;YAChC,gBAAgB;SACjB,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACpC,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpD,IAAI,SAAS,EAAE,CAAC;YACd,YAAY,EAAE,CAAC;YACf,MAAM,eAAe,GAAG,EAAE,GAAG,CAAC,YAAY,GAAG,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAE3E,UAAU,EAAE,CAAC;gBACX,KAAK,EAAE,YAAY;gBACnB,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,QAAQ,EAAE,eAAe;gBACzB,OAAO,EAAE,mBAAmB,IAAI,CAAC,IAAI,KAAK;aAC3C,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAC7B,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5D,MAAM,gBAAgB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAEhD,SAAS,CAAC,IAAI,CAAC;gBACb,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,EAAE;gBACF,SAAS,EAAE,SAAS,CAAC,IAAI;gBACzB,gBAAgB;aACjB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,yBAAyB,CACtC,MAAmB,EACnB,SAA8B,EAC9B,mBAA4B,EAC5B,UAAkC;IAElC,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,wDAAwD;IACxD,2EAA2E;IAC3E,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,IAAI,QAAQ,CAAC,QAAQ,KAAK,UAAU,EAAE,CAAC;YACrC,oFAAoF;YACpF,wEAAwE;YACxE,SAAS;QACX,CAAC;QAED,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC/E,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAC;IACrC,CAAC;IAED,0DAA0D;IAC1D,IAAI,mBAAmB,EAAE,CAAC;QACxB,UAAU,EAAE,CAAC;YACX,KAAK,EAAE,WAAW;YAClB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,oCAAoC;SAC9C,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,EAAE,EAAE,CAAC;QACvE,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QAEnE,IAAI,SAAS,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,MAAM,UAAU,GAAG,MAAM,0BAA0B,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACxE,QAAQ,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,MAAM,YAAY,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAEnD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,EAAY,EAAE,QAAgB;IAC3D,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,oDAAoD;IACpD,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC;IAEpC,wDAAwD;IACxD,KAAK,MAAM,IAAI,IAAI,KAAK,IAAI,EAAE,EAAE,CAAC;QAC/B,8DAA8D;QAC9D,IAAI,mCAAmC,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9C,SAAS;QACX,CAAC;QAED,2CAA2C;QAC3C,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAE9C,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,eAAe;YACrB,QAAQ;YACR,QAAQ;YACR,KAAK,EAAE,GAAG,IAAI,CAAC,IAAI,gBAAgB;YACnC,WAAW,EAAE,aAAa,IAAI,CAAC,IAAI,OAAO,IAAI,CAAC,QAAQ,EAAE;YACzD,QAAQ,EAAE;gBACR,IAAI;gBACJ,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB;YACD,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,GAAG;YAClC,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,QAAQ,EAAE;gBACR,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,OAAO,EAAE,IAAI,CAAC,QAAQ;aACvB;SACF,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,mCAAmC,CAAC,IAAS;IACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;IAEpD,6FAA6F;IAC7F,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB,IAAI,IAAI,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5D,IACE,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC;YACjC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC;YAClC,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC;YACjC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC;YAClC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC9B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,EAC9B,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,wCAAwC;QACxC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,8DAA8D;IAC9D,IAAI,GAAG,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAChC,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,mCAAmC;IACnC,IAAI,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACjC,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,kBAAkB;IAClB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;GAKG;AACH,SAAS,mBAAmB,CAAC,QAAwB;IACnD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,GAAG,CAAC,CAAC,gBAAgB;IAC9B,CAAC;IAED,mBAAmB;IACnB,MAAM,OAAO,GAAG;QACd,QAAQ,EAAE,GAAG;QACb,IAAI,EAAE,GAAG;QACT,MAAM,EAAE,GAAG;QACX,GAAG,EAAE,GAAG;QACR,IAAI,EAAE,GAAG;KACV,CAAC;IAEF,6BAA6B;IAC7B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,kBAAkB,GAAG,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;QACvD,OAAO,IAAI,kBAAkB,CAAC;IAChC,CAAC;IAED,uEAAuE;IACvE,MAAM,UAAU,GAAG,IAAI,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,OAAO,GAAG,UAAU,CAAC,CAAC;IAEtD,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,CAAC,CAAC,4BAA4B;AACpE,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAAC,QAAwB;IACvD,MAAM,eAAe,GAAa,EAAE,CAAC;IAErC,yBAAyB;IACzB,MAAM,MAAM,GAAG,IAAI,GAAG,EAA0B,CAAC;IACjD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAChD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACrC,CAAC;IAED,oCAAoC;IACpC,IAAI,MAAM,CAAC,GAAG,CAAC,qBAAqB,CAAC,EAAE,CAAC;QACtC,eAAe,CAAC,IAAI,CAClB,kFAAkF,CACnF,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;QAChC,MAAM,YAAY,GAAG,MAAM,CAAC,GAAG,CAAC,eAAe,CAAE,CAAC;QAClD,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACxE,IAAI,WAAW,EAAE,CAAC;YAChB,eAAe,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;QACzE,CAAC;QACD,eAAe,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IAC7F,CAAC;IAED,IAAI,MAAM,CAAC,GAAG,CAAC,sBAAsB,CAAC,EAAE,CAAC;QACvC,eAAe,CAAC,IAAI,CAAC,qEAAqE,CAAC,CAAC;IAC9F,CAAC;IAED,IAAI,MAAM,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACnC,eAAe,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IACjF,CAAC;IAED,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAC;IACpF,CAAC;IAED,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CACtB,CAAkD,EAClD,CAAkD;IAElD,MAAM,KAAK,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;IAC5D,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAChC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAChC,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;AACpC,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,mBAAmB,CAAC,QAAwB;IACnD,MAAM,SAAS,GAAG,IAAI,GAAG,EAAwB,CAAC;IAElD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,oBAAoB;QACpB,MAAM,GAAG,GAAG;YACV,OAAO,CAAC,QAAQ;YAChB,OAAO,CAAC,IAAI;YACZ,OAAO,CAAC,GAAG,IAAI,QAAQ;YACvB,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,SAAS;SACpC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEZ,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEpC,0CAA0C;QAC1C,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,UAAU,GAAG,QAAQ,CAAC,UAAU,EAAE,CAAC;YAC1D,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;AACxC,CAAC"}

package/dist/skills/types.d.ts

@@ -0,0 +1,195 @@
+/**
+ * Skills Analysis Types
+ *
+ * Type definitions for AI skill bundles and analysis results.
+ */
+import type { CircleIR } from 'circle-ir';
+/**
+ * Skill Bundle - A complete AI skill package
+ *
+ * Skills are multi-artifact bundles containing:
+ * - SKILL.md: Natural language instructions (executed by LLM)
+ * - Code files: Implementation (executed by runtime)
+ * - MCP config: Permissions and tool definitions
+ * - Plugin files: Additional code
+ */
+export interface SkillBundle {
+    /** Unique skill identifier */
+    skillId: string;
+    /** Human-readable name */
+    name: string;
+    /** Semantic version */
+    version: string;
+    /** SKILL.md content (instructions executed by LLM) */
+    skillMd: string;
+    /** Code implementation files */
+    codeFiles: SkillCodeFile[];
+    /** MCP server configuration (optional) */
+    mcpConfig?: MCPServerConfig;
+    /** Plugin files (optional) */
+    pluginFiles: SkillCodeFile[];
+    /** Root filesystem path */
+    rootPath: string;
+}
+/**
+ * Code file within a skill
+ */
+export interface SkillCodeFile {
+    /** Relative path within skill bundle */
+    path: string;
+    /** File content */
+    content: string;
+    /** Programming language */
+    language: 'java' | 'javascript' | 'typescript' | 'python' | 'rust';
+}
+/**
+ * MCP (Model Context Protocol) Server Configuration
+ */
+export interface MCPServerConfig {
+    /** Server name */
+    name: string;
+    /** Server version */
+    version: string;
+    /** Requested permissions */
+    permissions: MCPPermission[];
+    /** Available tools */
+    tools: MCPTool[];
+    /** Available resources (optional) */
+    resources?: MCPResource[];
+}
+/**
+ * MCP Permission request
+ */
+export interface MCPPermission {
+    /** Permission type */
+    type: 'filesystem' | 'network' | 'env' | 'process';
+    /** Scope (path, URL pattern, env var name, etc.) */
+    scope: string;
+    /** Operations allowed */
+    operations: string[];
+}
+/**
+ * MCP Tool definition
+ */
+export interface MCPTool {
+    /** Tool name */
+    name: string;
+    /** Tool description */
+    description: string;
+    /** Input schema (JSON Schema) */
+    inputSchema: Record<string, unknown>;
+    /** Output schema (JSON Schema, optional) */
+    outputSchema?: Record<string, unknown>;
+}
+/**
+ * MCP Resource definition
+ */
+export interface MCPResource {
+    /** Resource URI */
+    uri: string;
+    /** Resource name */
+    name: string;
+    /** MIME type (optional) */
+    mimeType?: string;
+}
+/**
+ * Skill Analysis Result
+ */
+export interface SkillAnalysisResult {
+    /** Skill identifier */
+    skillId: string;
+    /** Skill name */
+    name: string;
+    /** Skill version */
+    version: string;
+    /** All findings */
+    findings: SkillFinding[];
+    /** Trust score (0.0-1.0) */
+    score: number;
+    /** Actionable recommendations */
+    recommendations: string[];
+    /** Analysis metadata */
+    metadata: {
+        /** Analysis timestamp */
+        timestamp: string;
+        /** Analysis duration (ms) */
+        durationMs: number;
+        /** Artifacts analyzed */
+        artifactsAnalyzed: string[];
+        /** Extractors used */
+        extractorsUsed: string[];
+    };
+}
+/**
+ * Skill Finding - A security issue or observation
+ */
+export interface SkillFinding {
+    /** Finding type */
+    type: SkillFindingType;
+    /** Severity level */
+    severity: 'critical' | 'high' | 'medium' | 'low' | 'info';
+    /** Which artifact contains the issue */
+    artifact: string;
+    /** Short title */
+    title: string;
+    /** Detailed description */
+    description: string;
+    /** Supporting evidence */
+    evidence: Record<string, unknown>;
+    /** Confidence score (0.0-1.0) */
+    confidence: number;
+    /** CWE identifier (if applicable) */
+    cwe?: string;
+    /** Location in artifact */
+    location?: {
+        line?: number;
+        column?: number;
+        snippet?: string;
+    };
+}
+/**
+ * Skill Finding Types
+ */
+export type SkillFindingType = 'capability_mismatch' | 'excessive_permission' | 'undisclosed_exfiltration' | 'vulnerability' | 'prompt_injection' | 'social_engineering' | 'capability_escalation' | 'missing_sanitization' | 'insecure_defaults';
+/**
+ * Skill Analysis Options
+ */
+export interface SkillAnalysisOptions {
+    /** Enable cross-artifact analysis (default: true) */
+    enableCrossArtifact?: boolean;
+    /** Enable LLM verification (default: true) */
+    enableVerification?: boolean;
+    /** Minimum confidence threshold for findings (default: 0.7) */
+    minConfidence?: number;
+    /** Minimum severity to report (default: 'low') */
+    minSeverity?: 'critical' | 'high' | 'medium' | 'low' | 'info';
+    /** Progress callback */
+    onProgress?: (status: AnalysisProgress) => void;
+}
+/**
+ * Analysis progress status
+ */
+export interface AnalysisProgress {
+    /** Current phase */
+    phase: 'loading' | 'extracting' | 'analyzing' | 'verifying' | 'reporting';
+    /** Current artifact being processed */
+    artifact?: string;
+    /** Progress percentage (0-100) */
+    progress: number;
+    /** Status message */
+    message: string;
+}
+/**
+ * Extracted artifact (intermediate result)
+ */
+export interface ExtractedArtifact {
+    /** Artifact path */
+    artifact: string;
+    /** Extracted CircleIR */
+    ir: CircleIR;
+    /** Extractor used */
+    extractor: string;
+    /** Extraction time (ms) */
+    extractionTimeMs: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/skills/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/skills/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAE1C;;;;;;;;GAQG;AACH,MAAM,WAAW,WAAW;IAC1B,8BAA8B;IAC9B,OAAO,EAAE,MAAM,CAAC;IAEhB,0BAA0B;IAC1B,IAAI,EAAE,MAAM,CAAC;IAEb,uBAAuB;IACvB,OAAO,EAAE,MAAM,CAAC;IAEhB,sDAAsD;IACtD,OAAO,EAAE,MAAM,CAAC;IAEhB,gCAAgC;IAChC,SAAS,EAAE,aAAa,EAAE,CAAC;IAE3B,0CAA0C;IAC1C,SAAS,CAAC,EAAE,eAAe,CAAC;IAE5B,8BAA8B;IAC9B,WAAW,EAAE,aAAa,EAAE,CAAC;IAE7B,2BAA2B;IAC3B,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,wCAAwC;IACxC,IAAI,EAAE,MAAM,CAAC;IAEb,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAEhB,2BAA2B;IAC3B,QAAQ,EAAE,MAAM,GAAG,YAAY,GAAG,YAAY,GAAG,QAAQ,GAAG,MAAM,CAAC;CACpE;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IAEb,qBAAqB;IACrB,OAAO,EAAE,MAAM,CAAC;IAEhB,4BAA4B;IAC5B,WAAW,EAAE,aAAa,EAAE,CAAC;IAE7B,sBAAsB;IACtB,KAAK,EAAE,OAAO,EAAE,CAAC;IAEjB,qCAAqC;IACrC,SAAS,CAAC,EAAE,WAAW,EAAE,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,sBAAsB;IACtB,IAAI,EAAE,YAAY,GAAG,SAAS,GAAG,KAAK,GAAG,SAAS,CAAC;IAEnD,oDAAoD;IACpD,KAAK,EAAE,MAAM,CAAC;IAEd,yBAAyB;IACzB,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IAEb,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IAEpB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAErC,4CAA4C;IAC5C,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACxC;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,mBAAmB;IACnB,GAAG,EAAE,MAAM,CAAC;IAEZ,oBAAoB;IACpB,IAAI,EAAE,MAAM,CAAC;IAEb,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,uBAAuB;IACvB,OAAO,EAAE,MAAM,CAAC;IAEhB,iBAAiB;IACjB,IAAI,EAAE,MAAM,CAAC;IAEb,oBAAoB;IACpB,OAAO,EAAE,MAAM,CAAC;IAEhB,mBAAmB;IACnB,QAAQ,EAAE,YAAY,EAAE,CAAC;IAEzB,4BAA4B;IAC5B,KAAK,EAAE,MAAM,CAAC;IAEd,iCAAiC;IACjC,eAAe,EAAE,MAAM,EAAE,CAAC;IAE1B,wBAAwB;IACxB,QAAQ,EAAE;QACR,yBAAyB;QACzB,SAAS,EAAE,MAAM,CAAC;QAElB,6BAA6B;QAC7B,UAAU,EAAE,MAAM,CAAC;QAEnB,yBAAyB;QACzB,iBAAiB,EAAE,MAAM,EAAE,CAAC;QAE5B,sBAAsB;QACtB,cAAc,EAAE,MAAM,EAAE,CAAC;KAC1B,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,mBAAmB;IACnB,IAAI,EAAE,gBAAgB,CAAC;IAEvB,qBAAqB;IACrB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAE1D,wCAAwC;IACxC,QAAQ,EAAE,MAAM,CAAC;IAEjB,kBAAkB;IAClB,KAAK,EAAE,MAAM,CAAC;IAEd,2BAA2B;IAC3B,WAAW,EAAE,MAAM,CAAC;IAEpB,0BAA0B;IAC1B,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAElC,iCAAiC;IACjC,UAAU,EAAE,MAAM,CAAC;IAEnB,qCAAqC;IACrC,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,2BAA2B;IAC3B,QAAQ,CAAC,EAAE;QACT,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,MAAM,gBAAgB,GACxB,qBAAqB,GACrB,sBAAsB,GACtB,0BAA0B,GAC1B,eAAe,GACf,kBAAkB,GAClB,oBAAoB,GACpB,uBAAuB,GACvB,sBAAsB,GACtB,mBAAmB,CAAC;AAExB;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,qDAAqD;IACrD,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAE9B,8CAA8C;IAC9C,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAE7B,+DAA+D;IAC/D,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB,kDAAkD;IAClD,WAAW,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAE9D,wBAAwB;IACxB,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,gBAAgB,KAAK,IAAI,CAAC;CACjD;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,oBAAoB;IACpB,KAAK,EAAE,SAAS,GAAG,YAAY,GAAG,WAAW,GAAG,WAAW,GAAG,WAAW,CAAC;IAE1E,uCAAuC;IACvC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,kCAAkC;IAClC,QAAQ,EAAE,MAAM,CAAC;IAEjB,qBAAqB;IACrB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,oBAAoB;IACpB,QAAQ,EAAE,MAAM,CAAC;IAEjB,yBAAyB;IACzB,EAAE,EAAE,QAAQ,CAAC;IAEb,qBAAqB;IACrB,SAAS,EAAE,MAAM,CAAC;IAElB,2BAA2B;IAC3B,gBAAgB,EAAE,MAAM,CAAC;CAC1B"}

package/dist/skills/types.js

@@ -0,0 +1,7 @@
+/**
+ * Skills Analysis Types
+ *
+ * Type definitions for AI skill bundles and analysis results.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/skills/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/skills/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG"}

package/dist/specifica/conflict-resolver.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Conflict Resolver
+ *
+ * Handles conflicts when .specifica/ files already exist
+ */
+import type { ConflictResolution } from './types.js';
+/**
+ * Resolve conflict when spec file already exists
+ */
+export declare function resolveConflict(filePath: string, resolution: ConflictResolution): Promise<'skip' | 'overwrite' | 'merge' | 'rename'>;
+/**
+ * Check if file exists
+ */
+export declare function fileExists(filePath: string): boolean;
+/**
+ * Get conflict strategy from CLI flags
+ */
+export declare function getConflictStrategy(flags: {
+    overwrite?: boolean;
+    skip?: boolean;
+    backup?: boolean;
+}): ConflictResolution;
+//# sourceMappingURL=conflict-resolver.d.ts.map

package/dist/specifica/conflict-resolver.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"conflict-resolver.d.ts","sourceRoot":"","sources":["../../src/specifica/conflict-resolver.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAErD;;GAEG;AACH,wBAAsB,eAAe,CACnC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,kBAAkB,GAC7B,OAAO,CAAC,MAAM,GAAG,WAAW,GAAG,OAAO,GAAG,QAAQ,CAAC,CA0BpD;AAiFD;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAEpD;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE;IACzC,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB,GAAG,kBAAkB,CAiBrB"}