clawsec 0.0.1

package/dist/src/detectors/destructive/cloud-detector.js

@@ -0,0 +1,556 @@
+/**
+ * Cloud Detector
+ * Detects dangerous cloud operations including AWS, GCP, Azure, Kubernetes, and Terraform
+ */
+/**
+ * AWS destructive command patterns
+ */
+const AWS_PATTERNS = [
+    // EC2 terminate instances
+    {
+        pattern: /\baws\s+ec2\s+terminate-instances\b/i,
+        operation: 'terminate-instances',
+        description: 'Terminate EC2 instances',
+    },
+    // S3 bucket removal
+    {
+        pattern: /\baws\s+s3\s+rb\s+(?:--force\s+)?s3:\/\/([^\s]+)/i,
+        operation: 's3 rb',
+        description: 'Remove S3 bucket',
+    },
+    {
+        pattern: /\baws\s+s3api\s+delete-bucket\b/i,
+        operation: 'delete-bucket',
+        description: 'Delete S3 bucket',
+    },
+    // RDS delete
+    {
+        pattern: /\baws\s+rds\s+delete-db-(?:instance|cluster)\b/i,
+        operation: 'delete-db',
+        description: 'Delete RDS database',
+    },
+    // CloudFormation stack deletion
+    {
+        pattern: /\baws\s+cloudformation\s+delete-stack\b/i,
+        operation: 'delete-stack',
+        description: 'Delete CloudFormation stack',
+    },
+    // Lambda function deletion
+    {
+        pattern: /\baws\s+lambda\s+delete-function\b/i,
+        operation: 'delete-function',
+        description: 'Delete Lambda function',
+    },
+    // EKS cluster deletion
+    {
+        pattern: /\baws\s+eks\s+delete-cluster\b/i,
+        operation: 'delete-cluster',
+        description: 'Delete EKS cluster',
+    },
+    // IAM user/role deletion
+    {
+        pattern: /\baws\s+iam\s+delete-(?:user|role)\b/i,
+        operation: 'delete-iam',
+        description: 'Delete IAM user/role',
+    },
+    // VPC deletion
+    {
+        pattern: /\baws\s+ec2\s+delete-vpc\b/i,
+        operation: 'delete-vpc',
+        description: 'Delete VPC',
+    },
+    // DynamoDB table deletion
+    {
+        pattern: /\baws\s+dynamodb\s+delete-table\b/i,
+        operation: 'delete-table',
+        description: 'Delete DynamoDB table',
+    },
+];
+/**
+ * GCP destructive command patterns
+ */
+const GCP_PATTERNS = [
+    // Compute instance deletion
+    {
+        pattern: /\bgcloud\s+compute\s+instances\s+delete\b/i,
+        operation: 'instances delete',
+        description: 'Delete GCP compute instances',
+    },
+    // Project deletion
+    {
+        pattern: /\bgcloud\s+projects\s+delete\b/i,
+        operation: 'projects delete',
+        description: 'Delete GCP project',
+    },
+    // GKE cluster deletion
+    {
+        pattern: /\bgcloud\s+container\s+clusters\s+delete\b/i,
+        operation: 'clusters delete',
+        description: 'Delete GKE cluster',
+    },
+    // Cloud SQL deletion
+    {
+        pattern: /\bgcloud\s+sql\s+instances\s+delete\b/i,
+        operation: 'sql delete',
+        description: 'Delete Cloud SQL instance',
+    },
+    // Cloud Functions deletion
+    {
+        pattern: /\bgcloud\s+functions\s+delete\b/i,
+        operation: 'functions delete',
+        description: 'Delete Cloud Function',
+    },
+    // Storage bucket deletion
+    {
+        pattern: /\bgsutil\s+(?:-m\s+)?rm\s+-r\s+gs:\/\/([^\s]+)/i,
+        operation: 'gsutil rm -r',
+        description: 'Remove GCS bucket recursively',
+    },
+    {
+        pattern: /\bgcloud\s+storage\s+(?:buckets\s+)?delete\b/i,
+        operation: 'storage delete',
+        description: 'Delete GCS bucket',
+    },
+    // Pub/Sub deletion
+    {
+        pattern: /\bgcloud\s+pubsub\s+(?:topics|subscriptions)\s+delete\b/i,
+        operation: 'pubsub delete',
+        description: 'Delete Pub/Sub resource',
+    },
+];
+/**
+ * Azure destructive command patterns
+ */
+const AZURE_PATTERNS = [
+    // VM deletion
+    {
+        pattern: /\baz\s+vm\s+delete\b/i,
+        operation: 'vm delete',
+        description: 'Delete Azure VM',
+    },
+    // Resource group deletion (VERY dangerous - deletes everything in group)
+    {
+        pattern: /\baz\s+group\s+delete\b/i,
+        operation: 'group delete',
+        description: 'Delete Azure resource group',
+    },
+    // Storage account deletion
+    {
+        pattern: /\baz\s+storage\s+account\s+delete\b/i,
+        operation: 'storage delete',
+        description: 'Delete Azure storage account',
+    },
+    // AKS cluster deletion
+    {
+        pattern: /\baz\s+aks\s+delete\b/i,
+        operation: 'aks delete',
+        description: 'Delete AKS cluster',
+    },
+    // SQL database deletion
+    {
+        pattern: /\baz\s+sql\s+(?:db|server)\s+delete\b/i,
+        operation: 'sql delete',
+        description: 'Delete Azure SQL resource',
+    },
+    // Function app deletion
+    {
+        pattern: /\baz\s+functionapp\s+delete\b/i,
+        operation: 'functionapp delete',
+        description: 'Delete Azure Function app',
+    },
+    // App Service deletion
+    {
+        pattern: /\baz\s+webapp\s+delete\b/i,
+        operation: 'webapp delete',
+        description: 'Delete Azure Web App',
+    },
+    // Container registry deletion
+    {
+        pattern: /\baz\s+acr\s+delete\b/i,
+        operation: 'acr delete',
+        description: 'Delete Azure Container Registry',
+    },
+];
+/**
+ * Kubernetes destructive command patterns
+ */
+const KUBERNETES_PATTERNS = [
+    // Delete namespace (deletes everything in it)
+    {
+        pattern: /\bkubectl\s+delete\s+(?:ns|namespace)\s+(\S+)/i,
+        operation: 'delete namespace',
+        description: 'Delete Kubernetes namespace',
+        critical: true,
+    },
+    // Delete all pods
+    {
+        pattern: /\bkubectl\s+delete\s+pods?\s+--all\b/i,
+        operation: 'delete pods --all',
+        description: 'Delete all pods',
+        critical: true,
+    },
+    // Delete all resources of a type
+    {
+        pattern: /\bkubectl\s+delete\s+\S+\s+--all\b/i,
+        operation: 'delete --all',
+        description: 'Delete all resources',
+    },
+    // Delete with -A (all namespaces)
+    {
+        pattern: /\bkubectl\s+delete\s+.*-A\b/i,
+        operation: 'delete -A',
+        description: 'Delete across all namespaces',
+    },
+    // Delete deployment
+    {
+        pattern: /\bkubectl\s+delete\s+(?:deploy|deployment)\s+(\S+)/i,
+        operation: 'delete deployment',
+        description: 'Delete Kubernetes deployment',
+    },
+    // Delete service
+    {
+        pattern: /\bkubectl\s+delete\s+(?:svc|service)\s+(\S+)/i,
+        operation: 'delete service',
+        description: 'Delete Kubernetes service',
+    },
+    // Delete PVC
+    {
+        pattern: /\bkubectl\s+delete\s+pvc\s+(\S+)/i,
+        operation: 'delete pvc',
+        description: 'Delete persistent volume claim',
+    },
+    // Delete from file with force
+    {
+        pattern: /\bkubectl\s+delete\s+-f\s+\S+\s+--force\b/i,
+        operation: 'delete -f --force',
+        description: 'Force delete Kubernetes resources',
+    },
+    // Helm uninstall
+    {
+        pattern: /\bhelm\s+(?:delete|uninstall)\s+(\S+)/i,
+        operation: 'helm uninstall',
+        description: 'Uninstall Helm release',
+    },
+];
+/**
+ * Terraform destructive command patterns
+ */
+const TERRAFORM_PATTERNS = [
+    // Terraform destroy
+    {
+        pattern: /\bterraform\s+destroy\b/i,
+        operation: 'destroy',
+        description: 'Destroy Terraform-managed infrastructure',
+        critical: true,
+    },
+    // Terraform apply with auto-approve (can be destructive)
+    {
+        pattern: /\bterraform\s+apply\s+.*-auto-approve\b/i,
+        operation: 'apply -auto-approve',
+        description: 'Auto-approve Terraform changes',
+    },
+    // Terraform state rm
+    {
+        pattern: /\bterraform\s+state\s+rm\b/i,
+        operation: 'state rm',
+        description: 'Remove resource from Terraform state',
+    },
+    // Terragrunt destroy
+    {
+        pattern: /\bterragrunt\s+destroy\b/i,
+        operation: 'terragrunt destroy',
+        description: 'Destroy Terragrunt-managed infrastructure',
+        critical: true,
+    },
+    // Pulumi destroy
+    {
+        pattern: /\bpulumi\s+destroy\b/i,
+        operation: 'pulumi destroy',
+        description: 'Destroy Pulumi-managed infrastructure',
+        critical: true,
+    },
+];
+/**
+ * Git destructive command patterns
+ */
+const GIT_PATTERNS = [
+    // Force push to main/master
+    {
+        pattern: /\bgit\s+push\s+(?:--force|-f)\s+(?:\S+\s+)?(?:main|master)\b/i,
+        operation: 'push --force main/master',
+        description: 'Force push to main/master branch',
+        critical: true,
+    },
+    {
+        pattern: /\bgit\s+push\s+\S+\s+(?:main|master)\s+(?:--force|-f)\b/i,
+        operation: 'push --force main/master',
+        description: 'Force push to main/master branch',
+        critical: true,
+    },
+    // Git reset --hard
+    {
+        pattern: /\bgit\s+reset\s+--hard\b/i,
+        operation: 'reset --hard',
+        description: 'Hard reset discards local changes',
+    },
+    // Git clean -fd (force delete untracked)
+    {
+        pattern: /\bgit\s+clean\s+(?:-[^\s]*)?-f(?:[^\s]*)?\s*(?:-d)?/i,
+        operation: 'clean -fd',
+        description: 'Force delete untracked files',
+    },
+    // Git branch -D (force delete)
+    {
+        pattern: /\bgit\s+branch\s+(?:-D|--delete\s+--force)\s+(\S+)/i,
+        operation: 'branch -D',
+        description: 'Force delete branch',
+    },
+    // Git checkout . (discard changes)
+    {
+        pattern: /\bgit\s+checkout\s+\.\s*$/i,
+        operation: 'checkout .',
+        description: 'Discard all local changes',
+    },
+    // Git restore . (discard changes)
+    {
+        pattern: /\bgit\s+restore\s+(?:--staged\s+)?\.\s*$/i,
+        operation: 'restore .',
+        description: 'Discard all local changes',
+    },
+    // Git rebase with potential data loss
+    {
+        pattern: /\bgit\s+rebase\s+(?:-i\s+)?(?:main|master|origin\/main|origin\/master)\b/i,
+        operation: 'rebase',
+        description: 'Rebase onto main/master (can rewrite history)',
+    },
+];
+/**
+ * Match AWS commands
+ */
+export function matchAwsCommand(command) {
+    for (const { pattern, operation } of AWS_PATTERNS) {
+        const match = command.match(pattern);
+        if (match) {
+            return {
+                matched: true,
+                command,
+                provider: 'aws',
+                operation,
+                affectedResource: match[1] || undefined,
+                confidence: 0.9,
+            };
+        }
+    }
+    return { matched: false, confidence: 0 };
+}
+/**
+ * Match GCP commands
+ */
+export function matchGcpCommand(command) {
+    for (const { pattern, operation } of GCP_PATTERNS) {
+        const match = command.match(pattern);
+        if (match) {
+            return {
+                matched: true,
+                command,
+                provider: 'gcp',
+                operation,
+                affectedResource: match[1] || undefined,
+                confidence: 0.9,
+            };
+        }
+    }
+    return { matched: false, confidence: 0 };
+}
+/**
+ * Match Azure commands
+ */
+export function matchAzureCommand(command) {
+    for (const { pattern, operation } of AZURE_PATTERNS) {
+        const match = command.match(pattern);
+        if (match) {
+            return {
+                matched: true,
+                command,
+                provider: 'azure',
+                operation,
+                affectedResource: match[1] || undefined,
+                confidence: 0.9,
+            };
+        }
+    }
+    return { matched: false, confidence: 0 };
+}
+/**
+ * Match Kubernetes commands
+ */
+export function matchKubernetesCommand(command) {
+    for (const { pattern, operation, critical } of KUBERNETES_PATTERNS) {
+        const match = command.match(pattern);
+        if (match) {
+            return {
+                matched: true,
+                command,
+                provider: 'kubernetes',
+                operation,
+                affectedResource: match[1] || undefined,
+                confidence: critical ? 0.95 : 0.85,
+            };
+        }
+    }
+    return { matched: false, confidence: 0 };
+}
+/**
+ * Match Terraform/IaC commands
+ */
+export function matchTerraformCommand(command) {
+    for (const { pattern, operation, critical } of TERRAFORM_PATTERNS) {
+        const match = command.match(pattern);
+        if (match) {
+            return {
+                matched: true,
+                command,
+                provider: 'terraform',
+                operation,
+                affectedResource: match[1] || undefined,
+                confidence: critical ? 0.95 : 0.85,
+            };
+        }
+    }
+    return { matched: false, confidence: 0 };
+}
+/**
+ * Match Git destructive commands
+ */
+export function matchGitCommand(command) {
+    for (const { pattern, operation, critical } of GIT_PATTERNS) {
+        const match = command.match(pattern);
+        if (match) {
+            return {
+                matched: true,
+                command,
+                provider: 'git',
+                operation,
+                affectedResource: match[1] || undefined,
+                confidence: critical ? 0.95 : 0.8,
+            };
+        }
+    }
+    return { matched: false, confidence: 0 };
+}
+/**
+ * Comprehensive cloud command matching
+ */
+export function matchCloudCommand(command) {
+    // Try all cloud provider patterns
+    const awsResult = matchAwsCommand(command);
+    if (awsResult.matched)
+        return awsResult;
+    const gcpResult = matchGcpCommand(command);
+    if (gcpResult.matched)
+        return gcpResult;
+    const azureResult = matchAzureCommand(command);
+    if (azureResult.matched)
+        return azureResult;
+    const k8sResult = matchKubernetesCommand(command);
+    if (k8sResult.matched)
+        return k8sResult;
+    const tfResult = matchTerraformCommand(command);
+    if (tfResult.matched)
+        return tfResult;
+    const gitResult = matchGitCommand(command);
+    if (gitResult.matched)
+        return gitResult;
+    return { matched: false, confidence: 0 };
+}
+/**
+ * Cloud detector class
+ */
+export class CloudDetector {
+    severity;
+    constructor(severity = 'critical') {
+        this.severity = severity;
+    }
+    /**
+     * Extract command from tool context
+     */
+    extractCommand(context) {
+        const input = context.toolInput;
+        // Direct command field
+        if (typeof input.command === 'string') {
+            return input.command;
+        }
+        // Shell/bash command field
+        if (typeof input.shell === 'string') {
+            return input.shell;
+        }
+        if (typeof input.bash === 'string') {
+            return input.bash;
+        }
+        // Script field
+        if (typeof input.script === 'string') {
+            return input.script;
+        }
+        // Code field
+        if (typeof input.code === 'string') {
+            return input.code;
+        }
+        // CLI/args field
+        if (typeof input.cli === 'string') {
+            return input.cli;
+        }
+        if (typeof input.args === 'string') {
+            return input.args;
+        }
+        // Text content
+        if (typeof input.text === 'string') {
+            return input.text;
+        }
+        // Content field
+        if (typeof input.content === 'string') {
+            return input.content;
+        }
+        return null;
+    }
+    detect(context) {
+        const command = this.extractCommand(context);
+        if (!command) {
+            return null;
+        }
+        const result = matchCloudCommand(command);
+        if (!result.matched) {
+            return null;
+        }
+        // Determine the metadata type based on provider
+        const metadataType = result.provider === 'git' ? 'git' : 'cloud';
+        const providerDescriptions = {
+            aws: 'AWS',
+            gcp: 'Google Cloud',
+            azure: 'Azure',
+            kubernetes: 'Kubernetes',
+            terraform: 'Terraform/IaC',
+            git: 'Git',
+        };
+        const providerDesc = providerDescriptions[result.provider || 'unknown'] || result.provider;
+        return {
+            detected: true,
+            category: 'destructive',
+            severity: this.severity,
+            confidence: result.confidence,
+            reason: `Dangerous ${providerDesc} operation detected: ${result.operation}`,
+            metadata: {
+                command: result.command,
+                type: metadataType,
+                operation: result.operation,
+                affectedResource: result.affectedResource,
+            },
+        };
+    }
+}
+/**
+ * Create a cloud detector with the given severity
+ */
+export function createCloudDetector(severity = 'critical') {
+    return new CloudDetector(severity);
+}
+//# sourceMappingURL=cloud-detector.js.map

package/dist/src/detectors/destructive/cloud-detector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cloud-detector.js","sourceRoot":"","sources":["../../../../src/detectors/destructive/cloud-detector.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAUH;;GAEG;AACH,MAAM,YAAY,GAAG;IACnB,0BAA0B;IAC1B;QACE,OAAO,EAAE,sCAAsC;QAC/C,SAAS,EAAE,qBAAqB;QAChC,WAAW,EAAE,yBAAyB;KACvC;IACD,oBAAoB;IACpB;QACE,OAAO,EAAE,mDAAmD;QAC5D,SAAS,EAAE,OAAO;QAClB,WAAW,EAAE,kBAAkB;KAChC;IACD;QACE,OAAO,EAAE,kCAAkC;QAC3C,SAAS,EAAE,eAAe;QAC1B,WAAW,EAAE,kBAAkB;KAChC;IACD,aAAa;IACb;QACE,OAAO,EAAE,iDAAiD;QAC1D,SAAS,EAAE,WAAW;QACtB,WAAW,EAAE,qBAAqB;KACnC;IACD,gCAAgC;IAChC;QACE,OAAO,EAAE,0CAA0C;QACnD,SAAS,EAAE,cAAc;QACzB,WAAW,EAAE,6BAA6B;KAC3C;IACD,2BAA2B;IAC3B;QACE,OAAO,EAAE,qCAAqC;QAC9C,SAAS,EAAE,iBAAiB;QAC5B,WAAW,EAAE,wBAAwB;KACtC;IACD,uBAAuB;IACvB;QACE,OAAO,EAAE,iCAAiC;QAC1C,SAAS,EAAE,gBAAgB;QAC3B,WAAW,EAAE,oBAAoB;KAClC;IACD,yBAAyB;IACzB;QACE,OAAO,EAAE,uCAAuC;QAChD,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,sBAAsB;KACpC;IACD,eAAe;IACf;QACE,OAAO,EAAE,6BAA6B;QACtC,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,YAAY;KAC1B;IACD,0BAA0B;IAC1B;QACE,OAAO,EAAE,oCAAoC;QAC7C,SAAS,EAAE,cAAc;QACzB,WAAW,EAAE,uBAAuB;KACrC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,YAAY,GAAG;IACnB,4BAA4B;IAC5B;QACE,OAAO,EAAE,4CAA4C;QACrD,SAAS,EAAE,kBAAkB;QAC7B,WAAW,EAAE,8BAA8B;KAC5C;IACD,mBAAmB;IACnB;QACE,OAAO,EAAE,iCAAiC;QAC1C,SAAS,EAAE,iBAAiB;QAC5B,WAAW,EAAE,oBAAoB;KAClC;IACD,uBAAuB;IACvB;QACE,OAAO,EAAE,6CAA6C;QACtD,SAAS,EAAE,iBAAiB;QAC5B,WAAW,EAAE,oBAAoB;KAClC;IACD,qBAAqB;IACrB;QACE,OAAO,EAAE,wCAAwC;QACjD,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,2BAA2B;KACzC;IACD,2BAA2B;IAC3B;QACE,OAAO,EAAE,kCAAkC;QAC3C,SAAS,EAAE,kBAAkB;QAC7B,WAAW,EAAE,uBAAuB;KACrC;IACD,0BAA0B;IAC1B;QACE,OAAO,EAAE,iDAAiD;QAC1D,SAAS,EAAE,cAAc;QACzB,WAAW,EAAE,+BAA+B;KAC7C;IACD;QACE,OAAO,EAAE,+CAA+C;QACxD,SAAS,EAAE,gBAAgB;QAC3B,WAAW,EAAE,mBAAmB;KACjC;IACD,mBAAmB;IACnB;QACE,OAAO,EAAE,0DAA0D;QACnE,SAAS,EAAE,eAAe;QAC1B,WAAW,EAAE,yBAAyB;KACvC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAG;IACrB,cAAc;IACd;QACE,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,WAAW;QACtB,WAAW,EAAE,iBAAiB;KAC/B;IACD,yEAAyE;IACzE;QACE,OAAO,EAAE,0BAA0B;QACnC,SAAS,EAAE,cAAc;QACzB,WAAW,EAAE,6BAA6B;KAC3C;IACD,2BAA2B;IAC3B;QACE,OAAO,EAAE,sCAAsC;QAC/C,SAAS,EAAE,gBAAgB;QAC3B,WAAW,EAAE,8BAA8B;KAC5C;IACD,uBAAuB;IACvB;QACE,OAAO,EAAE,wBAAwB;QACjC,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,oBAAoB;KAClC;IACD,wBAAwB;IACxB;QACE,OAAO,EAAE,wCAAwC;QACjD,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,2BAA2B;KACzC;IACD,wBAAwB;IACxB;QACE,OAAO,EAAE,gCAAgC;QACzC,SAAS,EAAE,oBAAoB;QAC/B,WAAW,EAAE,2BAA2B;KACzC;IACD,uBAAuB;IACvB;QACE,OAAO,EAAE,2BAA2B;QACpC,SAAS,EAAE,eAAe;QAC1B,WAAW,EAAE,sBAAsB;KACpC;IACD,8BAA8B;IAC9B;QACE,OAAO,EAAE,wBAAwB;QACjC,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,iCAAiC;KAC/C;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAG;IAC1B,8CAA8C;IAC9C;QACE,OAAO,EAAE,gDAAgD;QACzD,SAAS,EAAE,kBAAkB;QAC7B,WAAW,EAAE,6BAA6B;QAC1C,QAAQ,EAAE,IAAI;KACf;IACD,kBAAkB;IAClB;QACE,OAAO,EAAE,uCAAuC;QAChD,SAAS,EAAE,mBAAmB;QAC9B,WAAW,EAAE,iBAAiB;QAC9B,QAAQ,EAAE,IAAI;KACf;IACD,iCAAiC;IACjC;QACE,OAAO,EAAE,qCAAqC;QAC9C,SAAS,EAAE,cAAc;QACzB,WAAW,EAAE,sBAAsB;KACpC;IACD,kCAAkC;IAClC;QACE,OAAO,EAAE,8BAA8B;QACvC,SAAS,EAAE,WAAW;QACtB,WAAW,EAAE,8BAA8B;KAC5C;IACD,oBAAoB;IACpB;QACE,OAAO,EAAE,qDAAqD;QAC9D,SAAS,EAAE,mBAAmB;QAC9B,WAAW,EAAE,8BAA8B;KAC5C;IACD,iBAAiB;IACjB;QACE,OAAO,EAAE,+CAA+C;QACxD,SAAS,EAAE,gBAAgB;QAC3B,WAAW,EAAE,2BAA2B;KACzC;IACD,aAAa;IACb;QACE,OAAO,EAAE,mCAAmC;QAC5C,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,gCAAgC;KAC9C;IACD,8BAA8B;IAC9B;QACE,OAAO,EAAE,4CAA4C;QACrD,SAAS,EAAE,mBAAmB;QAC9B,WAAW,EAAE,mCAAmC;KACjD;IACD,iBAAiB;IACjB;QACE,OAAO,EAAE,wCAAwC;QACjD,SAAS,EAAE,gBAAgB;QAC3B,WAAW,EAAE,wBAAwB;KACtC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,oBAAoB;IACpB;QACE,OAAO,EAAE,0BAA0B;QACnC,SAAS,EAAE,SAAS;QACpB,WAAW,EAAE,0CAA0C;QACvD,QAAQ,EAAE,IAAI;KACf;IACD,yDAAyD;IACzD;QACE,OAAO,EAAE,0CAA0C;QACnD,SAAS,EAAE,qBAAqB;QAChC,WAAW,EAAE,gCAAgC;KAC9C;IACD,qBAAqB;IACrB;QACE,OAAO,EAAE,6BAA6B;QACtC,SAAS,EAAE,UAAU;QACrB,WAAW,EAAE,sCAAsC;KACpD;IACD,qBAAqB;IACrB;QACE,OAAO,EAAE,2BAA2B;QACpC,SAAS,EAAE,oBAAoB;QAC/B,WAAW,EAAE,2CAA2C;QACxD,QAAQ,EAAE,IAAI;KACf;IACD,iBAAiB;IACjB;QACE,OAAO,EAAE,uBAAuB;QAChC,SAAS,EAAE,gBAAgB;QAC3B,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,IAAI;KACf;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,YAAY,GAAG;IACnB,4BAA4B;IAC5B;QACE,OAAO,EAAE,+DAA+D;QACxE,SAAS,EAAE,0BAA0B;QACrC,WAAW,EAAE,kCAAkC;QAC/C,QAAQ,EAAE,IAAI;KACf;IACD;QACE,OAAO,EAAE,0DAA0D;QACnE,SAAS,EAAE,0BAA0B;QACrC,WAAW,EAAE,kCAAkC;QAC/C,QAAQ,EAAE,IAAI;KACf;IACD,mBAAmB;IACnB;QACE,OAAO,EAAE,2BAA2B;QACpC,SAAS,EAAE,cAAc;QACzB,WAAW,EAAE,mCAAmC;KACjD;IACD,yCAAyC;IACzC;QACE,OAAO,EAAE,sDAAsD;QAC/D,SAAS,EAAE,WAAW;QACtB,WAAW,EAAE,8BAA8B;KAC5C;IACD,+BAA+B;IAC/B;QACE,OAAO,EAAE,qDAAqD;QAC9D,SAAS,EAAE,WAAW;QACtB,WAAW,EAAE,qBAAqB;KACnC;IACD,mCAAmC;IACnC;QACE,OAAO,EAAE,4BAA4B;QACrC,SAAS,EAAE,YAAY;QACvB,WAAW,EAAE,2BAA2B;KACzC;IACD,kCAAkC;IAClC;QACE,OAAO,EAAE,2CAA2C;QACpD,SAAS,EAAE,WAAW;QACtB,WAAW,EAAE,2BAA2B;KACzC;IACD,sCAAsC;IACtC;QACE,OAAO,EAAE,2EAA2E;QACpF,SAAS,EAAE,QAAQ;QACnB,WAAW,EAAE,+CAA+C;KAC7D;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,KAAK,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,YAAY,EAAE,CAAC;QAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO;gBACP,QAAQ,EAAE,KAAK;gBACf,SAAS;gBACT,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,SAAS;gBACvC,UAAU,EAAE,GAAG;aAChB,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,KAAK,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,YAAY,EAAE,CAAC;QAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO;gBACP,QAAQ,EAAE,KAAK;gBACf,SAAS;gBACT,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,SAAS;gBACvC,UAAU,EAAE,GAAG;aAChB,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,KAAK,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,cAAc,EAAE,CAAC;QACpD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO;gBACP,QAAQ,EAAE,OAAO;gBACjB,SAAS;gBACT,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,SAAS;gBACvC,UAAU,EAAE,GAAG;aAChB,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,KAAK,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,mBAAmB,EAAE,CAAC;QACnE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO;gBACP,QAAQ,EAAE,YAAY;gBACtB,SAAS;gBACT,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,SAAS;gBACvC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;aACnC,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,OAAe;IACnD,KAAK,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,kBAAkB,EAAE,CAAC;QAClE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO;gBACP,QAAQ,EAAE,WAAW;gBACrB,SAAS;gBACT,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,SAAS;gBACvC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;aACnC,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,KAAK,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;QAC5D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO;gBACP,QAAQ,EAAE,KAAK;gBACf,SAAS;gBACT,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,SAAS;gBACvC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG;aAClC,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,kCAAkC;IAClC,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC3C,IAAI,SAAS,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAExC,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC3C,IAAI,SAAS,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAExC,MAAM,WAAW,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC/C,IAAI,WAAW,CAAC,OAAO;QAAE,OAAO,WAAW,CAAC;IAE5C,MAAM,SAAS,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAClD,IAAI,SAAS,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAExC,MAAM,QAAQ,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;IAChD,IAAI,QAAQ,CAAC,OAAO;QAAE,OAAO,QAAQ,CAAC;IAEtC,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC3C,IAAI,SAAS,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAExC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,MAAM,OAAO,aAAa;IAChB,QAAQ,CAAW;IAE3B,YAAY,WAAqB,UAAU;QACzC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,OAAyB;QAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,CAAC;QAEhC,uBAAuB;QACvB,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,KAAK,CAAC,OAAO,CAAC;QACvB,CAAC;QAED,2BAA2B;QAC3B,IAAI,OAAO,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC,KAAK,CAAC;QACrB,CAAC;QAED,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC,IAAI,CAAC;QACpB,CAAC;QAED,eAAe;QACf,IAAI,OAAO,KAAK,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YACrC,OAAO,KAAK,CAAC,MAAM,CAAC;QACtB,CAAC;QAED,aAAa;QACb,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC,IAAI,CAAC;QACpB,CAAC;QAED,iBAAiB;QACjB,IAAI,OAAO,KAAK,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB,CAAC;QAED,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC,IAAI,CAAC;QACpB,CAAC;QAED,eAAe;QACf,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACnC,OAAO,KAAK,CAAC,IAAI,CAAC;QACpB,CAAC;QAED,gBAAgB;QAChB,IAAI,OAAO,KAAK,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,KAAK,CAAC,OAAO,CAAC;QACvB,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,OAAyB;QAC9B,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAE1C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,gDAAgD;QAChD,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC;QAEjE,MAAM,oBAAoB,GAA2B;YACnD,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,cAAc;YACnB,KAAK,EAAE,OAAO;YACd,UAAU,EAAE,YAAY;YACxB,SAAS,EAAE,eAAe;YAC1B,GAAG,EAAE,KAAK;SACX,CAAC;QAEF,MAAM,YAAY,GAAG,oBAAoB,CAAC,MAAM,CAAC,QAAQ,IAAI,SAAS,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC;QAE3F,OAAO;YACL,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,aAAa;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,MAAM,EAAE,aAAa,YAAY,wBAAwB,MAAM,CAAC,SAAS,EAAE;YAC3E,QAAQ,EAAE;gBACR,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,IAAI,EAAE,YAA+B;gBACrC,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;aAC1C;SACF,CAAC;IACJ,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,WAAqB,UAAU;IACjE,OAAO,IAAI,aAAa,CAAC,QAAQ,CAAC,CAAC;AACrC,CAAC"}

package/dist/src/detectors/destructive/code-detector.d.ts

@@ -0,0 +1,59 @@
+/**
+ * Code Detector
+ * Detects dangerous code patterns for file/directory deletion across multiple languages
+ */
+import type { CodeMatchResult, DetectionContext, DestructiveDetectionResult, SubDetector } from './types.js';
+import type { Severity } from '../../config/index.js';
+/**
+ * Match Python code patterns
+ */
+export declare function matchPythonCode(code: string): CodeMatchResult;
+/**
+ * Match Node.js code patterns
+ */
+export declare function matchNodeCode(code: string): CodeMatchResult;
+/**
+ * Match Go code patterns
+ */
+export declare function matchGoCode(code: string): CodeMatchResult;
+/**
+ * Match Rust code patterns
+ */
+export declare function matchRustCode(code: string): CodeMatchResult;
+/**
+ * Match Ruby code patterns
+ */
+export declare function matchRubyCode(code: string): CodeMatchResult;
+/**
+ * Match Java/Kotlin code patterns
+ */
+export declare function matchJavaCode(code: string): CodeMatchResult;
+/**
+ * Match C# code patterns
+ */
+export declare function matchCSharpCode(code: string): CodeMatchResult;
+/**
+ * Match PHP code patterns
+ */
+export declare function matchPhpCode(code: string): CodeMatchResult;
+/**
+ * Comprehensive code pattern matching
+ */
+export declare function matchCodePattern(code: string): CodeMatchResult;
+/**
+ * Code detector class
+ */
+export declare class CodeDetector implements SubDetector {
+    private severity;
+    constructor(severity?: Severity);
+    /**
+     * Extract code from tool context
+     */
+    private extractCode;
+    detect(context: DetectionContext): DestructiveDetectionResult | null;
+}
+/**
+ * Create a code detector with the given severity
+ */
+export declare function createCodeDetector(severity?: Severity): CodeDetector;
+//# sourceMappingURL=code-detector.d.ts.map

package/dist/src/detectors/destructive/code-detector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-detector.d.ts","sourceRoot":"","sources":["../../../../src/detectors/destructive/code-detector.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,gBAAgB,EAChB,0BAA0B,EAC1B,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAoStD;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAe7D;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAe3D;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAezD;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAe3D;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAe3D;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAe3D;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAe7D;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CAe1D;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,CA2B9D;AAED;;GAEG;AACH,qBAAa,YAAa,YAAW,WAAW;IAC9C,OAAO,CAAC,QAAQ,CAAW;gBAEf,QAAQ,GAAE,QAAqB;IAI3C;;OAEG;IACH,OAAO,CAAC,WAAW;IA8CnB,MAAM,CAAC,OAAO,EAAE,gBAAgB,GAAG,0BAA0B,GAAG,IAAI;CAuCrE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,GAAE,QAAqB,GAAG,YAAY,CAEhF"}