clawsec 0.0.1

package/dist/src/cli/commands/test.js

@@ -0,0 +1,134 @@
+/**
+ * Test Command
+ * Tests a specific rule against sample input
+ */
+import { loadConfig } from '../../config/index.js';
+import { createPurchaseDetector } from '../../detectors/purchase/index.js';
+import { createWebsiteDetector } from '../../detectors/website/index.js';
+import { createDestructiveDetector } from '../../detectors/destructive/index.js';
+import { createSecretsDetector } from '../../detectors/secrets/index.js';
+import { createExfiltrationDetector } from '../../detectors/exfiltration/index.js';
+/** Valid rule names */
+const VALID_RULES = ['purchase', 'website', 'destructive', 'secrets', 'exfiltration'];
+/**
+ * Validate that a string is a valid rule name
+ */
+function isValidRule(rule) {
+    return VALID_RULES.includes(rule);
+}
+/**
+ * Execute the test command
+ *
+ * @param ruleName - Name of the rule to test
+ * @param input - JSON input object to test
+ * @param options - CLI options including optional config path
+ * @returns Test result showing detection status
+ */
+export async function testCommand(ruleName, input, options = {}) {
+    // Validate rule name
+    if (!isValidRule(ruleName)) {
+        throw new Error(`Invalid rule: "${ruleName}". Valid rules are: ${VALID_RULES.join(', ')}`);
+    }
+    // Load config
+    const config = loadConfig(options.config);
+    // Create detection context from input
+    const context = {
+        toolName: input.toolName || 'test',
+        toolInput: input,
+        url: input.url,
+        toolOutput: input.toolOutput,
+    };
+    // Run the appropriate detector
+    let result;
+    switch (ruleName) {
+        case 'purchase': {
+            const detector = createPurchaseDetector(config.rules.purchase);
+            const detection = await detector.detect(context);
+            result = {
+                detected: detection.detected,
+                category: detection.detected ? detection.category : undefined,
+                severity: detection.detected ? detection.severity : undefined,
+                confidence: detection.detected ? detection.confidence : undefined,
+                reason: detection.detected ? detection.reason : undefined,
+            };
+            break;
+        }
+        case 'website': {
+            const detector = createWebsiteDetector(config.rules.website);
+            const detection = await detector.detect(context);
+            result = {
+                detected: detection.detected,
+                category: detection.detected ? detection.category : undefined,
+                severity: detection.detected ? detection.severity : undefined,
+                confidence: detection.detected ? detection.confidence : undefined,
+                reason: detection.detected ? detection.reason : undefined,
+            };
+            break;
+        }
+        case 'destructive': {
+            const detector = createDestructiveDetector(config.rules.destructive);
+            const detection = await detector.detect(context);
+            result = {
+                detected: detection.detected,
+                category: detection.detected ? detection.category : undefined,
+                severity: detection.detected ? detection.severity : undefined,
+                confidence: detection.detected ? detection.confidence : undefined,
+                reason: detection.detected ? detection.reason : undefined,
+            };
+            break;
+        }
+        case 'secrets': {
+            const detector = createSecretsDetector(config.rules.secrets);
+            const detection = await detector.detect(context);
+            result = {
+                detected: detection.detected,
+                category: detection.detected ? detection.category : undefined,
+                severity: detection.detected ? detection.severity : undefined,
+                confidence: detection.detected ? detection.confidence : undefined,
+                reason: detection.detected ? detection.reason : undefined,
+            };
+            break;
+        }
+        case 'exfiltration': {
+            const detector = createExfiltrationDetector(config.rules.exfiltration);
+            const detection = await detector.detect(context);
+            result = {
+                detected: detection.detected,
+                category: detection.detected ? detection.category : undefined,
+                severity: detection.detected ? detection.severity : undefined,
+                confidence: detection.detected ? detection.confidence : undefined,
+                reason: detection.detected ? detection.reason : undefined,
+            };
+            break;
+        }
+        default:
+            // Should never reach here due to isValidRule check
+            throw new Error(`Unknown rule: ${ruleName}`);
+    }
+    return result;
+}
+/**
+ * Format test result for console output
+ *
+ * @param result - Test result to format
+ * @param ruleName - Name of the rule that was tested
+ * @returns Formatted string for display
+ */
+export function formatTestResult(result, ruleName) {
+    const lines = [];
+    lines.push(`=== Test Result: ${ruleName} ===`);
+    lines.push('');
+    if (result.detected) {
+        lines.push('Status: DETECTED');
+        lines.push(`Category: ${result.category}`);
+        lines.push(`Severity: ${result.severity}`);
+        lines.push(`Confidence: ${((result.confidence || 0) * 100).toFixed(1)}%`);
+        lines.push(`Reason: ${result.reason}`);
+    }
+    else {
+        lines.push('Status: NOT DETECTED');
+        lines.push('No threats found for this input.');
+    }
+    return lines.join('\n');
+}
+//# sourceMappingURL=test.js.map

package/dist/src/cli/commands/test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"test.js","sourceRoot":"","sources":["../../../../src/cli/commands/test.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAC3E,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAC;AACjF,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAE,0BAA0B,EAAE,MAAM,uCAAuC,CAAC;AAInF,uBAAuB;AACvB,MAAM,WAAW,GAAG,CAAC,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,CAAU,CAAC;AAG/F;;GAEG;AACH,SAAS,WAAW,CAAC,IAAY;IAC/B,OAAO,WAAW,CAAC,QAAQ,CAAC,IAAgB,CAAC,CAAC;AAChD,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,QAAgB,EAChB,KAA8B,EAC9B,UAAsB,EAAE;IAExB,qBAAqB;IACrB,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,kBAAkB,QAAQ,uBAAuB,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC1E,CAAC;IACJ,CAAC;IAED,cAAc;IACd,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAE1C,sCAAsC;IACtC,MAAM,OAAO,GAAG;QACd,QAAQ,EAAG,KAAK,CAAC,QAAmB,IAAI,MAAM;QAC9C,SAAS,EAAE,KAAK;QAChB,GAAG,EAAE,KAAK,CAAC,GAAyB;QACpC,UAAU,EAAE,KAAK,CAAC,UAAgC;KACnD,CAAC;IAEF,+BAA+B;IAC/B,IAAI,MAAkB,CAAC;IAEvB,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU,CAAC,CAAC,CAAC;YAChB,MAAM,QAAQ,GAAG,sBAAsB,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC/D,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACjD,MAAM,GAAG;gBACP,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAA0B,CAAC,CAAC,CAAC,SAAS;gBAC/E,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;gBAC7D,UAAU,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;gBACjE,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;aAC1D,CAAC;YACF,MAAM;QACR,CAAC;QAED,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,MAAM,QAAQ,GAAG,qBAAqB,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC7D,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACjD,MAAM,GAAG;gBACP,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAA0B,CAAC,CAAC,CAAC,SAAS;gBAC/E,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;gBAC7D,UAAU,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;gBACjE,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;aAC1D,CAAC;YACF,MAAM;QACR,CAAC;QAED,KAAK,aAAa,CAAC,CAAC,CAAC;YACnB,MAAM,QAAQ,GAAG,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YACrE,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACjD,MAAM,GAAG;gBACP,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAA0B,CAAC,CAAC,CAAC,SAAS;gBAC/E,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;gBAC7D,UAAU,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;gBACjE,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;aAC1D,CAAC;YACF,MAAM;QACR,CAAC;QAED,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,MAAM,QAAQ,GAAG,qBAAqB,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC7D,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACjD,MAAM,GAAG;gBACP,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAA0B,CAAC,CAAC,CAAC,SAAS;gBAC/E,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;gBAC7D,UAAU,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;gBACjE,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;aAC1D,CAAC;YACF,MAAM;QACR,CAAC;QAED,KAAK,cAAc,CAAC,CAAC,CAAC;YACpB,MAAM,QAAQ,GAAG,0BAA0B,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YACvE,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACjD,MAAM,GAAG;gBACP,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAA0B,CAAC,CAAC,CAAC,SAAS;gBAC/E,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;gBAC7D,UAAU,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;gBACjE,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;aAC1D,CAAC;YACF,MAAM;QACR,CAAC;QAED;YACE,mDAAmD;YACnD,MAAM,IAAI,KAAK,CAAC,iBAAiB,QAAQ,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAkB,EAAE,QAAgB;IACnE,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,oBAAoB,QAAQ,MAAM,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAC1E,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACnC,KAAK,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/src/cli/commands/types.d.ts

@@ -0,0 +1,81 @@
+/**
+ * CLI Command Types
+ * Type definitions for CLI commands and results
+ */
+import type { ThreatCategory } from '../../engine/index.js';
+import type { Severity } from '../../config/index.js';
+/**
+ * CLI options for all commands
+ */
+export interface CLIOptions {
+    /** Path to clawsec.yaml config file */
+    config?: string;
+}
+/**
+ * Result of the status command
+ */
+export interface StatusResult {
+    /** Path to the config file */
+    configPath: string;
+    /** Whether the config is valid */
+    configValid: boolean;
+    /** List of enabled rule names */
+    enabledRules: string[];
+    /** List of disabled rule names */
+    disabledRules: string[];
+    /** Any issues found with the configuration */
+    issues: string[];
+}
+/**
+ * Result of the test command
+ */
+export interface TestResult {
+    /** Whether a threat was detected */
+    detected: boolean;
+    /** Category of threat detected (if any) */
+    category?: ThreatCategory;
+    /** Severity level */
+    severity?: Severity;
+    /** Confidence score 0-1 */
+    confidence?: number;
+    /** Reason for detection */
+    reason?: string;
+}
+/**
+ * Audit log entry for tracking detections
+ */
+export interface AuditEntry {
+    /** Timestamp of the detection */
+    timestamp: Date;
+    /** Tool that was called */
+    toolName: string;
+    /** Category of threat detected */
+    category: ThreatCategory;
+    /** Severity level */
+    severity: Severity;
+    /** Action taken (block, warn, etc.) */
+    action: string;
+    /** Reason for the detection */
+    reason: string;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Options for the audit command
+ */
+export interface AuditOptions {
+    /** Maximum number of entries to show */
+    limit?: number;
+    /** Filter by category */
+    category?: ThreatCategory;
+}
+/**
+ * Result of the audit command
+ */
+export interface AuditResult {
+    /** Audit entries matching the query */
+    entries: AuditEntry[];
+    /** Total entries in the log */
+    totalEntries: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/cli/commands/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAEtD;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,8BAA8B;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,kCAAkC;IAClC,WAAW,EAAE,OAAO,CAAC;IACrB,iCAAiC;IACjC,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,kCAAkC;IAClC,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,8CAA8C;IAC9C,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,oCAAoC;IACpC,QAAQ,EAAE,OAAO,CAAC;IAClB,2CAA2C;IAC3C,QAAQ,CAAC,EAAE,cAAc,CAAC;IAC1B,qBAAqB;IACrB,QAAQ,CAAC,EAAE,QAAQ,CAAC;IACpB,2BAA2B;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,2BAA2B;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,iCAAiC;IACjC,SAAS,EAAE,IAAI,CAAC;IAChB,2BAA2B;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,kCAAkC;IAClC,QAAQ,EAAE,cAAc,CAAC;IACzB,qBAAqB;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,wCAAwC;IACxC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yBAAyB;IACzB,QAAQ,CAAC,EAAE,cAAc,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,uCAAuC;IACvC,OAAO,EAAE,UAAU,EAAE,CAAC;IACtB,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAC;CACtB"}

package/dist/src/cli/commands/types.js

@@ -0,0 +1,6 @@
+/**
+ * CLI Command Types
+ * Type definitions for CLI commands and results
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/src/cli/commands/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../../src/cli/commands/types.ts"],"names":[],"mappings":"AAAA;;;GAGG"}

package/dist/src/cli/index.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Clawsec CLI Entry Point
+ * Command line interface for interacting with Clawsec
+ */
+export * from './commands/index.js';
+/**
+ * Run the CLI
+ *
+ * @param args - Command line arguments (without node and script path)
+ * @returns Exit code (0 for success, 1 for error)
+ */
+export declare function runCLI(args: string[]): Promise<number>;
+/**
+ * Main entry point when run directly
+ */
+export declare function main(): Promise<void>;
+//# sourceMappingURL=index.d.ts.map

package/dist/src/cli/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/cli/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAiBH,cAAc,qBAAqB,CAAC;AAyHpC;;;;;GAKG;AACH,wBAAsB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CA0J5D;AAED;;GAEG;AACH,wBAAsB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAK1C"}

package/dist/src/cli/index.js

@@ -0,0 +1,267 @@
+/**
+ * Clawsec CLI Entry Point
+ * Command line interface for interacting with Clawsec
+ */
+import { statusCommand, formatStatusResult, testCommand, formatTestResult, auditCommand, formatAuditResult, feedbackCommand, formatFeedbackResult, } from './commands/index.js';
+// Re-export commands and types
+export * from './commands/index.js';
+/**
+ * Show CLI help message
+ */
+function showHelp() {
+    console.log(`
+Clawsec CLI - Security plugin for OpenClaw.ai
+
+Usage: clawsec <command> [options]
+
+Commands:
+  status                  Show configuration status and enabled rules
+  test                    Test a rule against sample input
+  audit                   View audit log of detections
+  feedback                Submit or view feedback on detection accuracy
+
+Options:
+  --config <path>         Path to clawsec.yaml config file
+  --help, -h              Show this help message
+
+Command: status
+  Check configuration status and show enabled/disabled rules.
+  
+  Example:
+    clawsec status
+    clawsec status --config ./my-config.yaml
+
+Command: test
+  Test a specific rule against JSON input.
+  
+  Options:
+    --rule <name>         Rule to test (purchase, website, destructive, secrets, exfiltration)
+    --input <json>        JSON input to test against
+  
+  Examples:
+    clawsec test --rule purchase --input '{"url":"https://amazon.com/checkout"}'
+    clawsec test --rule destructive --input '{"command":"rm -rf /"}'
+    clawsec test --rule secrets --input '{"content":"api_key=sk-abc123"}'
+
+Command: audit
+  View the audit log of recent detections.
+  
+  Options:
+    --limit <n>           Maximum number of entries to show (default: 10)
+    --category <cat>      Filter by category (purchase, website, destructive, secrets, exfiltration)
+  
+  Examples:
+    clawsec audit
+    clawsec audit --limit 20
+    clawsec audit --category secrets
+
+Command: feedback
+  Submit or view feedback on detection accuracy.
+  
+  Options:
+    --false-positive <id> Report a false positive (blocked but shouldn't have been)
+    --false-negative <desc> Report a false negative (missed threat)
+    --category <cat>      Suggested category for false negative
+    --list                List all feedback entries
+    --type <type>         Filter list by type (false-positive, false-negative)
+    --show <id>           Show details of a specific feedback entry
+  
+  Examples:
+    clawsec feedback --false-positive 1
+    clawsec feedback --false-negative "API key leaked" --category secrets
+    clawsec feedback --list
+    clawsec feedback --list --type false-positive
+    clawsec feedback --show abc123
+`);
+}
+function parseArgs(args) {
+    const result = {
+        command: null,
+        options: {},
+    };
+    let i = 0;
+    // First non-option argument is the command
+    while (i < args.length) {
+        const arg = args[i];
+        if (arg.startsWith('--')) {
+            const key = arg.slice(2);
+            const nextArg = args[i + 1];
+            // Check if next arg is a value or another option
+            if (nextArg && !nextArg.startsWith('--') && !nextArg.startsWith('-')) {
+                result.options[key] = nextArg;
+                i += 2;
+            }
+            else {
+                result.options[key] = true;
+                i++;
+            }
+        }
+        else if (arg.startsWith('-')) {
+            // Short option
+            const key = arg.slice(1);
+            result.options[key] = true;
+            i++;
+        }
+        else if (!result.command) {
+            result.command = arg;
+            i++;
+        }
+        else {
+            // Skip unknown positional arguments
+            i++;
+        }
+    }
+    return result;
+}
+/**
+ * Run the CLI
+ *
+ * @param args - Command line arguments (without node and script path)
+ * @returns Exit code (0 for success, 1 for error)
+ */
+export async function runCLI(args) {
+    const parsed = parseArgs(args);
+    // Check for help flag
+    if (parsed.options.help || parsed.options.h) {
+        showHelp();
+        return 0;
+    }
+    // No command provided
+    if (!parsed.command) {
+        console.error('Error: No command specified.\n');
+        showHelp();
+        return 1;
+    }
+    // Build CLI options
+    const cliOptions = {};
+    if (typeof parsed.options.config === 'string') {
+        cliOptions.config = parsed.options.config;
+    }
+    try {
+        switch (parsed.command) {
+            case 'status': {
+                const result = await statusCommand(cliOptions);
+                console.log(formatStatusResult(result));
+                return result.configValid && result.issues.length === 0 ? 0 : 1;
+            }
+            case 'test': {
+                // Validate required options
+                const ruleName = parsed.options.rule;
+                const inputJson = parsed.options.input;
+                if (typeof ruleName !== 'string') {
+                    console.error('Error: --rule is required for test command');
+                    console.error('Example: clawsec test --rule purchase --input \'{"url":"https://example.com"}\'');
+                    return 1;
+                }
+                if (typeof inputJson !== 'string') {
+                    console.error('Error: --input is required for test command');
+                    console.error('Example: clawsec test --rule purchase --input \'{"url":"https://example.com"}\'');
+                    return 1;
+                }
+                // Parse JSON input
+                let input;
+                try {
+                    input = JSON.parse(inputJson);
+                }
+                catch {
+                    console.error('Error: Invalid JSON input');
+                    console.error(`Received: ${inputJson}`);
+                    return 1;
+                }
+                const result = await testCommand(ruleName, input, cliOptions);
+                console.log(formatTestResult(result, ruleName));
+                return result.detected ? 1 : 0;
+            }
+            case 'audit': {
+                const auditOptions = {};
+                // Parse limit
+                if (typeof parsed.options.limit === 'string') {
+                    const limit = parseInt(parsed.options.limit, 10);
+                    if (isNaN(limit) || limit < 1) {
+                        console.error('Error: --limit must be a positive integer');
+                        return 1;
+                    }
+                    auditOptions.limit = limit;
+                }
+                // Parse category
+                if (typeof parsed.options.category === 'string') {
+                    const validCategories = ['purchase', 'website', 'destructive', 'secrets', 'exfiltration'];
+                    if (!validCategories.includes(parsed.options.category)) {
+                        console.error(`Error: Invalid category "${parsed.options.category}"`);
+                        console.error(`Valid categories: ${validCategories.join(', ')}`);
+                        return 1;
+                    }
+                    auditOptions.category = parsed.options.category;
+                }
+                const result = await auditCommand(auditOptions);
+                console.log(formatAuditResult(result, auditOptions));
+                return 0;
+            }
+            case 'feedback': {
+                const feedbackOptions = {};
+                // Check for list operation
+                if (parsed.options.list === true) {
+                    feedbackOptions.list = true;
+                }
+                // Check for show operation
+                if (typeof parsed.options.show === 'string') {
+                    feedbackOptions.show = parsed.options.show;
+                }
+                // Check for false positive
+                if (typeof parsed.options['false-positive'] === 'string') {
+                    feedbackOptions.falsePositive = parsed.options['false-positive'];
+                }
+                // Check for false negative
+                if (typeof parsed.options['false-negative'] === 'string') {
+                    feedbackOptions.falseNegative = parsed.options['false-negative'];
+                }
+                // Parse type filter
+                if (typeof parsed.options.type === 'string') {
+                    const validTypes = ['false-positive', 'false-negative'];
+                    if (!validTypes.includes(parsed.options.type)) {
+                        console.error(`Error: Invalid type "${parsed.options.type}"`);
+                        console.error(`Valid types: ${validTypes.join(', ')}`);
+                        return 1;
+                    }
+                    feedbackOptions.type = parsed.options.type;
+                }
+                // Parse category for false negative
+                if (typeof parsed.options.category === 'string') {
+                    const validCategories = ['purchase', 'website', 'destructive', 'secrets', 'exfiltration'];
+                    if (!validCategories.includes(parsed.options.category)) {
+                        console.error(`Error: Invalid category "${parsed.options.category}"`);
+                        console.error(`Valid categories: ${validCategories.join(', ')}`);
+                        return 1;
+                    }
+                    feedbackOptions.category = parsed.options.category;
+                }
+                const result = await feedbackCommand(feedbackOptions);
+                console.log(formatFeedbackResult(result, feedbackOptions.show !== undefined));
+                return result.success ? 0 : 1;
+            }
+            default:
+                console.error(`Error: Unknown command "${parsed.command}"`);
+                showHelp();
+                return 1;
+        }
+    }
+    catch (error) {
+        if (error instanceof Error) {
+            console.error(`Error: ${error.message}`);
+        }
+        else {
+            console.error('An unknown error occurred');
+        }
+        return 1;
+    }
+}
+/**
+ * Main entry point when run directly
+ */
+export async function main() {
+    // Remove 'node' and script path from arguments
+    const args = process.argv.slice(2);
+    const exitCode = await runCLI(args);
+    process.exit(exitCode);
+}
+//# sourceMappingURL=index.js.map

package/dist/src/cli/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/cli/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,WAAW,EACX,gBAAgB,EAChB,YAAY,EACZ,iBAAiB,EACjB,eAAe,EACf,oBAAoB,GACrB,MAAM,qBAAqB,CAAC;AAK7B,+BAA+B;AAC/B,cAAc,qBAAqB,CAAC;AAEpC;;GAEG;AACH,SAAS,QAAQ;IACf,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+Db,CAAC,CAAC;AACH,CAAC;AAUD,SAAS,SAAS,CAAC,IAAc;IAC/B,MAAM,MAAM,GAAe;QACzB,OAAO,EAAE,IAAI;QACb,OAAO,EAAE,EAAE;KACZ,CAAC;IAEF,IAAI,CAAC,GAAG,CAAC,CAAC;IAEV,2CAA2C;IAC3C,OAAO,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAEpB,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAE5B,iDAAiD;YACjD,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACrE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC;gBAC9B,CAAC,IAAI,CAAC,CAAC;YACT,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;gBAC3B,CAAC,EAAE,CAAC;YACN,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/B,eAAe;YACf,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;YAC3B,CAAC,EAAE,CAAC;QACN,CAAC;aAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAC3B,MAAM,CAAC,OAAO,GAAG,GAAG,CAAC;YACrB,CAAC,EAAE,CAAC;QACN,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,CAAC,EAAE,CAAC;QACN,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAc;IACzC,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAE/B,sBAAsB;IACtB,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAC5C,QAAQ,EAAE,CAAC;QACX,OAAO,CAAC,CAAC;IACX,CAAC;IAED,sBAAsB;IACtB,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAChD,QAAQ,EAAE,CAAC;QACX,OAAO,CAAC,CAAC;IACX,CAAC;IAED,oBAAoB;IACpB,MAAM,UAAU,GAAe,EAAE,CAAC;IAClC,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC9C,UAAU,CAAC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;IAC5C,CAAC;IAED,IAAI,CAAC;QACH,QAAQ,MAAM,CAAC,OAAO,EAAE,CAAC;YACvB,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;gBAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC;gBACxC,OAAO,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAClE,CAAC;YAED,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,4BAA4B;gBAC5B,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC;gBACrC,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC;gBAEvC,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACjC,OAAO,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;oBAC5D,OAAO,CAAC,KAAK,CAAC,iFAAiF,CAAC,CAAC;oBACjG,OAAO,CAAC,CAAC;gBACX,CAAC;gBAED,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;oBAClC,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;oBAC7D,OAAO,CAAC,KAAK,CAAC,iFAAiF,CAAC,CAAC;oBACjG,OAAO,CAAC,CAAC;gBACX,CAAC;gBAED,mBAAmB;gBACnB,IAAI,KAA8B,CAAC;gBACnC,IAAI,CAAC;oBACH,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBAChC,CAAC;gBAAC,MAAM,CAAC;oBACP,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;oBAC3C,OAAO,CAAC,KAAK,CAAC,aAAa,SAAS,EAAE,CAAC,CAAC;oBACxC,OAAO,CAAC,CAAC;gBACX,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;gBAC9D,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;gBAChD,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACjC,CAAC;YAED,KAAK,OAAO,CAAC,CAAC,CAAC;gBACb,MAAM,YAAY,GAAiB,EAAE,CAAC;gBAEtC,cAAc;gBACd,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBAC7C,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;oBACjD,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;wBAC9B,OAAO,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;wBAC3D,OAAO,CAAC,CAAC;oBACX,CAAC;oBACD,YAAY,CAAC,KAAK,GAAG,KAAK,CAAC;gBAC7B,CAAC;gBAED,iBAAiB;gBACjB,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAChD,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;oBAC1F,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACvD,OAAO,CAAC,KAAK,CAAC,4BAA4B,MAAM,CAAC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;wBACtE,OAAO,CAAC,KAAK,CAAC,qBAAqB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;wBACjE,OAAO,CAAC,CAAC;oBACX,CAAC;oBACD,YAAY,CAAC,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,QAA0B,CAAC;gBACpE,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,YAAY,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC;gBACrD,OAAO,CAAC,CAAC;YACX,CAAC;YAED,KAAK,UAAU,CAAC,CAAC,CAAC;gBAChB,MAAM,eAAe,GAAoB,EAAE,CAAC;gBAE5C,2BAA2B;gBAC3B,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;oBACjC,eAAe,CAAC,IAAI,GAAG,IAAI,CAAC;gBAC9B,CAAC;gBAED,2BAA2B;gBAC3B,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC5C,eAAe,CAAC,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC;gBAC7C,CAAC;gBAED,2BAA2B;gBAC3B,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACzD,eAAe,CAAC,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;gBACnE,CAAC;gBAED,2BAA2B;gBAC3B,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACzD,eAAe,CAAC,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;gBACnE,CAAC;gBAED,oBAAoB;gBACpB,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC5C,MAAM,UAAU,GAAG,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;oBACxD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC9C,OAAO,CAAC,KAAK,CAAC,wBAAwB,MAAM,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;wBAC9D,OAAO,CAAC,KAAK,CAAC,gBAAgB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;wBACvD,OAAO,CAAC,CAAC;oBACX,CAAC;oBACD,eAAe,CAAC,IAAI,GAAG,MAAM,CAAC,OAAO,CAAC,IAAoB,CAAC;gBAC7D,CAAC;gBAED,oCAAoC;gBACpC,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAChD,MAAM,eAAe,GAAG,CAAC,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,SAAS,EAAE,cAAc,CAAC,CAAC;oBAC1F,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACvD,OAAO,CAAC,KAAK,CAAC,4BAA4B,MAAM,CAAC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;wBACtE,OAAO,CAAC,KAAK,CAAC,qBAAqB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;wBACjE,OAAO,CAAC,CAAC;oBACX,CAAC;oBACD,eAAe,CAAC,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,QAA0B,CAAC;gBACvE,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,eAAe,CAAC,CAAC;gBACtD,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,MAAM,EAAE,eAAe,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC;gBAC9E,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAChC,CAAC;YAED;gBACE,OAAO,CAAC,KAAK,CAAC,2BAA2B,MAAM,CAAC,OAAO,GAAG,CAAC,CAAC;gBAC5D,QAAQ,EAAE,CAAC;gBACX,OAAO,CAAC,CAAC;QACb,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,IAAI;IACxB,+CAA+C;IAC/C,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACnC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IACpC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzB,CAAC"}

package/dist/src/config/defaults.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Clawsec Default Configuration
+ * Sensible default values for the security plugin
+ */
+import type { ClawsecConfig } from './schema.js';
+/**
+ * Default configuration for Clawsec
+ *
+ * All features enabled by default with conservative settings:
+ * - Purchases are blocked by default
+ * - Destructive commands require confirmation
+ * - Secrets and exfiltration are blocked
+ */
+export declare const defaultConfig: ClawsecConfig;
+/**
+ * Returns a deep clone of the default configuration
+ * to prevent accidental mutations
+ */
+export declare function getDefaultConfig(): ClawsecConfig;
+//# sourceMappingURL=defaults.d.ts.map

package/dist/src/config/defaults.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaults.d.ts","sourceRoot":"","sources":["../../../src/config/defaults.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAEjD;;;;;;;GAOG;AACH,eAAO,MAAM,aAAa,EAAE,aA+G3B,CAAC;AAEF;;;GAGG;AACH,wBAAgB,gBAAgB,IAAI,aAAa,CAEhD"}