deepseek-coder-agent-cli 1.0.0

package/dist/core/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,kFAAkF;AAClF,kCAAkC;AAClC,kFAAkF;AAElF,OAAO,EACL,OAAO,EACP,MAAM,EACN,QAAQ,GAaT,MAAM,cAAc,CAAC;AAEtB,kFAAkF;AAClF,sBAAsB;AACtB,kFAAkF;AAElF,OAAO,EACL,WAAW,EACX,cAAc,EACd,gBAAgB,EAChB,eAAe,EACf,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,GAUnB,MAAM,kBAAkB,CAAC;AAE1B,kFAAkF;AAClF,oBAAoB;AACpB,kFAAkF;AAElF,OAAO,EACL,SAAS,EACT,YAAY,EACZ,cAAc,EACd,cAAc,EACd,eAAe,EACf,gBAAgB,GAMjB,MAAM,gBAAgB,CAAC;AAExB,kFAAkF;AAClF,wCAAwC;AACxC,kFAAkF;AAElF,OAAO,EACL,eAAe,EACf,eAAe,EACf,wBAAwB,EACxB,kBAAkB,EAClB,iBAAiB,EACjB,4BAA4B,EAC5B,mBAAmB,EACnB,uBAAuB,EACvB,aAAa,EACb,iBAAiB,EACjB,qBAAqB,EACrB,aAAa,EACb,gBAAgB,EAChB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,GAKlB,MAAM,oBAAoB,CAAC;AAE5B,kFAAkF;AAClF,kBAAkB;AAClB,kFAAkF;AAElF,OAAO,EACL,iBAAiB,EACjB,oBAAoB,GAMrB,MAAM,qBAAqB,CAAC;AAE7B,kFAAkF;AAClF,cAAc;AACd,kFAAkF;AAElF,OAAO,EACL,mBAAmB,EACnB,mBAAmB,EACnB,sBAAsB,EACtB,sBAAsB,EACtB,gBAAgB,EAChB,gBAAgB,GAGjB,MAAM,kBAAkB,CAAC;AAE1B,kFAAkF;AAClF,8BAA8B;AAC9B,kFAAkF;AAElF,OAAO,EACL,iBAAiB,EACjB,4BAA4B,GAI7B,MAAM,qBAAqB,CAAC;AAE7B,kFAAkF;AAClF,8BAA8B;AAC9B,kFAAkF;AAElF,OAAO,EACL,yBAAyB,EACzB,oBAAoB,EACpB,aAAa,EACb,oBAAoB,EACpB,mBAAmB,EACnB,kBAAkB,EAClB,mBAAmB,GAGpB,MAAM,sBAAsB,CAAC;AAE9B,kFAAkF;AAClF,iDAAiD;AACjD,kFAAkF;AAElF,OAAO,EACL,cAAc,EACd,wBAAwB,EACxB,iBAAiB,EACjB,cAAc,EACd,kBAAkB,GAInB,MAAM,qBAAqB,CAAC;AAE7B,mBAAmB;AACnB,OAAO,EACL,eAAe,EACf,yBAAyB,EACzB,kBAAkB,EAClB,iBAAiB,EACjB,oBAAoB,GAIrB,MAAM,sBAAsB,CAAC"}

package/dist/core/inputProtection.d.ts

@@ -0,0 +1,122 @@
+/**
+ * Input Protection System - Guards against remote attacks on chat input
+ *
+ * Protects against:
+ * 1. Remote stdin injection attacks
+ * 2. Automated paste attacks (superhuman typing speed)
+ * 3. Escape sequence injection via clipboard
+ * 4. Buffer overflow attempts (massive pastes)
+ * 5. Control character injection
+ * 6. Unicode-based attacks (homoglyphs, RTL override)
+ * 7. Timing-based attacks (burst injection)
+ *
+ * @module inputProtection
+ */
+import { EventEmitter } from 'events';
+/** Input validation result */
+export interface InputValidation {
+    allowed: boolean;
+    sanitized: string;
+    blocked: boolean;
+    reason?: string;
+    attackType?: InputAttackType;
+    riskScore: number;
+}
+/** Types of input attacks */
+export type InputAttackType = 'automated_injection' | 'escape_injection' | 'control_injection' | 'overflow_attempt' | 'unicode_attack' | 'timing_burst' | 'remote_paste' | 'stdin_hijack';
+/** Input protection configuration */
+export interface InputProtectionConfig {
+    /** Maximum characters per second (human ~12 CPS, paste unlimited) */
+    maxCharactersPerSecond?: number;
+    /** Maximum paste size in characters */
+    maxPasteSize?: number;
+    /** Maximum total buffer size */
+    maxBufferSize?: number;
+    /** Enable timing-based attack detection */
+    detectTimingAttacks?: boolean;
+    /** Minimum interval between keystrokes in ms (human ~50ms+) */
+    minKeystrokeInterval?: number;
+    /** Maximum burst size before suspicion */
+    maxBurstSize?: number;
+    /** Enable strict mode (blocks suspicious input instead of sanitizing) */
+    strictMode?: boolean;
+    /** Verbose logging */
+    verbose?: boolean;
+    /** Callback on attack detection */
+    onAttackDetected?: (type: InputAttackType, details: string) => void;
+}
+/**
+ * Input Protection System
+ */
+export declare class InputProtection extends EventEmitter {
+    private config;
+    private inputTimings;
+    private lastKeystroke;
+    private burstCounter;
+    private suspicionScore;
+    private blockedAttacks;
+    private sanitizedInputs;
+    private isInPasteMode;
+    private pasteStartTime;
+    private readonly dangerousEscapes;
+    private readonly dangerousControls;
+    private readonly unicodeAttacks;
+    constructor(config?: InputProtectionConfig);
+    /**
+     * Validate and sanitize input before it enters the chat buffer
+     */
+    validateInput(input: string, isPaste?: boolean): InputValidation;
+    /**
+     * Enter paste mode (more lenient validation)
+     */
+    enterPasteMode(): void;
+    /**
+     * Exit paste mode
+     */
+    exitPasteMode(): void;
+    /**
+     * Check if currently in paste mode
+     */
+    isPasting(): boolean;
+    /**
+     * Validate a complete prompt before submission
+     */
+    validatePromptSubmission(prompt: string): InputValidation;
+    /**
+     * Reset protection state (e.g., after idle period)
+     */
+    reset(): void;
+    /**
+     * Get protection statistics
+     */
+    getStats(): {
+        blockedAttacks: number;
+        sanitizedInputs: number;
+        currentSuspicion: number;
+        currentCPS: number;
+    };
+    private checkEscapeSequences;
+    private checkControlCharacters;
+    private checkUnicodeAttacks;
+    private cleanOldTimings;
+    private getRecentCharCount;
+    private calculateCPS;
+    private log;
+}
+/**
+ * Initialize global input protection (singleton)
+ */
+export declare function initializeInputProtection(config?: InputProtectionConfig): InputProtection;
+/**
+ * Get input protection instance
+ */
+export declare function getInputProtection(): InputProtection | null;
+/**
+ * Quick validate function for input
+ */
+export declare function validateChatInput(input: string, isPaste?: boolean): InputValidation;
+/**
+ * Validate final prompt before submission
+ */
+export declare function validatePromptSubmit(prompt: string): InputValidation;
+//# sourceMappingURL=inputProtection.d.ts.map

package/dist/core/inputProtection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"inputProtection.d.ts","sourceRoot":"","sources":["../../src/core/inputProtection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAEtC,8BAA8B;AAC9B,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,eAAe,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,6BAA6B;AAC7B,MAAM,MAAM,eAAe,GACvB,qBAAqB,GACrB,kBAAkB,GAClB,mBAAmB,GACnB,kBAAkB,GAClB,gBAAgB,GAChB,cAAc,GACd,cAAc,GACd,cAAc,CAAC;AAEnB,qCAAqC;AACrC,MAAM,WAAW,qBAAqB;IACpC,qEAAqE;IACrE,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,uCAAuC;IACvC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,gCAAgC;IAChC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,2CAA2C;IAC3C,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,+DAA+D;IAC/D,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,0CAA0C;IAC1C,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,yEAAyE;IACzE,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,sBAAsB;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,mCAAmC;IACnC,gBAAgB,CAAC,EAAE,CAAC,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;CACrE;AAWD;;GAEG;AACH,qBAAa,eAAgB,SAAQ,YAAY;IAC/C,OAAO,CAAC,MAAM,CAAkC;IAChD,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,aAAa,CAAK;IAC1B,OAAO,CAAC,YAAY,CAAK;IACzB,OAAO,CAAC,cAAc,CAAK;IAC3B,OAAO,CAAC,cAAc,CAAK;IAC3B,OAAO,CAAC,eAAe,CAAK;IAC5B,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,cAAc,CAAK;IAG3B,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAU/B;IAGF,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CA2BhC;IAGF,OAAO,CAAC,QAAQ,CAAC,cAAc,CAc7B;gBAEU,MAAM,GAAE,qBAA0B;IAe9C;;OAEG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,UAAQ,GAAG,eAAe;IAqI9D;;OAEG;IACH,cAAc,IAAI,IAAI;IAMtB;;OAEG;IACH,aAAa,IAAI,IAAI;IAMrB;;OAEG;IACH,SAAS,IAAI,OAAO;IAIpB;;OAEG;IACH,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,eAAe;IAuCzD;;OAEG;IACH,KAAK,IAAI,IAAI;IAQb;;OAEG;IACH,QAAQ,IAAI;QACV,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;QACxB,gBAAgB,EAAE,MAAM,CAAC;QACzB,UAAU,EAAE,MAAM,CAAC;KACpB;IAWD,OAAO,CAAC,oBAAoB;IAgB5B,OAAO,CAAC,sBAAsB;IA6B9B,OAAO,CAAC,mBAAmB;IAoB3B,OAAO,CAAC,eAAe;IAKvB,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,YAAY;IAgBpB,OAAO,CAAC,GAAG;CAKZ;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,MAAM,CAAC,EAAE,qBAAqB,GAAG,eAAe,CAKzF;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,eAAe,GAAG,IAAI,CAE3D;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,UAAQ,GAAG,eAAe,CAGjF;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,MAAM,GAAG,eAAe,CAGpE"}

package/dist/core/inputProtection.js

@@ -0,0 +1,421 @@
+/**
+ * Input Protection System - Guards against remote attacks on chat input
+ *
+ * Protects against:
+ * 1. Remote stdin injection attacks
+ * 2. Automated paste attacks (superhuman typing speed)
+ * 3. Escape sequence injection via clipboard
+ * 4. Buffer overflow attempts (massive pastes)
+ * 5. Control character injection
+ * 6. Unicode-based attacks (homoglyphs, RTL override)
+ * 7. Timing-based attacks (burst injection)
+ *
+ * @module inputProtection
+ */
+import { EventEmitter } from 'events';
+/** Singleton instance */
+let inputProtectionInstance = null;
+/**
+ * Input Protection System
+ */
+export class InputProtection extends EventEmitter {
+    config;
+    inputTimings = [];
+    lastKeystroke = 0;
+    burstCounter = 0;
+    suspicionScore = 0;
+    blockedAttacks = 0;
+    sanitizedInputs = 0;
+    isInPasteMode = false;
+    pasteStartTime = 0;
+    // Dangerous escape sequences to block
+    dangerousEscapes = [
+        /\x1b\][0-9]+;/, // OSC sequences (can change terminal title, etc.)
+        /\x1b[PX^_]/, // DCS, SOS, PM, APC sequences
+        /\x1b\[[\d;]*[pls]/i, // Soft reset, various terminal modes
+        /\x1b\[\?[\d;]*[hl]/, // Private mode sets (can enable dangerous modes)
+        /\x1b\[[\d;]*n/, // Device status queries (info leak)
+        /\x1b\[[\d;]*q/, // Keyboard LED control
+        /\x1bP[^\\]*\x1b\\/, // Complete DCS sequence
+        /\x1b\]0;[^\x07]*\x07/, // Title set sequence
+        /\x1b\]52;/, // Clipboard manipulation sequence
+    ];
+    // Dangerous control characters
+    dangerousControls = [
+        0x00, // NUL - can cause issues
+        0x01, // SOH
+        0x02, // STX
+        0x03, // ETX (Ctrl+C) - allow but track
+        0x04, // EOT (Ctrl+D) - allow but track
+        0x05, // ENQ
+        0x06, // ACK
+        0x07, // BEL - annoying beep
+        0x0E, // SO - shift out
+        0x0F, // SI - shift in
+        0x10, // DLE
+        0x11, // DC1 (XON)
+        0x12, // DC2
+        0x13, // DC3 (XOFF)
+        0x14, // DC4
+        0x15, // NAK
+        0x16, // SYN
+        0x17, // ETB
+        0x18, // CAN
+        0x19, // EM
+        0x1A, // SUB (Ctrl+Z)
+        0x1C, // FS
+        0x1D, // GS
+        0x1E, // RS
+        0x1F, // US
+        0x7F, // DEL
+    ];
+    // Unicode attack patterns
+    unicodeAttacks = [
+        { pattern: /\u202E/, name: 'RTL override' }, // Right-to-left override
+        { pattern: /\u202D/, name: 'LTR override' }, // Left-to-right override
+        { pattern: /\u202A/, name: 'LTR embedding' }, // Left-to-right embedding
+        { pattern: /\u202B/, name: 'RTL embedding' }, // Right-to-left embedding
+        { pattern: /\u202C/, name: 'Pop direction' }, // Pop directional formatting
+        { pattern: /\u2066/, name: 'LTR isolate' }, // Left-to-right isolate
+        { pattern: /\u2067/, name: 'RTL isolate' }, // Right-to-left isolate
+        { pattern: /\u2068/, name: 'First strong isolate' },
+        { pattern: /\u2069/, name: 'Pop isolate' }, // Pop directional isolate
+        { pattern: /\u200E/, name: 'LTR mark' }, // Left-to-right mark
+        { pattern: /\u200F/, name: 'RTL mark' }, // Right-to-left mark
+        { pattern: /\uFEFF/, name: 'BOM' }, // Byte order mark
+        { pattern: /[\u200B-\u200D]/, name: 'Zero-width chars' }, // Zero-width spaces/joiners
+    ];
+    constructor(config = {}) {
+        super();
+        this.config = {
+            maxCharactersPerSecond: config.maxCharactersPerSecond ?? 500, // Allow fast paste
+            maxPasteSize: config.maxPasteSize ?? 100000, // 100KB max paste
+            maxBufferSize: config.maxBufferSize ?? 500000, // 500KB max buffer
+            detectTimingAttacks: config.detectTimingAttacks ?? true,
+            minKeystrokeInterval: config.minKeystrokeInterval ?? 5, // 5ms minimum (200 CPS)
+            maxBurstSize: config.maxBurstSize ?? 1000, // Chars before suspicion
+            strictMode: config.strictMode ?? false,
+            verbose: config.verbose ?? false,
+            onAttackDetected: config.onAttackDetected ?? (() => { }),
+        };
+    }
+    /**
+     * Validate and sanitize input before it enters the chat buffer
+     */
+    validateInput(input, isPaste = false) {
+        const now = Date.now();
+        let sanitized = input;
+        let blocked = false;
+        let reason;
+        let attackType;
+        let riskScore = 0;
+        // Track timing
+        this.inputTimings.push({ timestamp: now, charCount: input.length });
+        this.cleanOldTimings();
+        // === Size validation ===
+        if (isPaste && input.length > this.config.maxPasteSize) {
+            riskScore += 30;
+            if (this.config.strictMode) {
+                blocked = true;
+                reason = `Paste size ${input.length} exceeds limit ${this.config.maxPasteSize}`;
+                attackType = 'overflow_attempt';
+            }
+            else {
+                sanitized = input.slice(0, this.config.maxPasteSize);
+                reason = `Truncated paste from ${input.length} to ${this.config.maxPasteSize}`;
+            }
+            this.sanitizedInputs++;
+        }
+        // === Timing analysis ===
+        if (this.config.detectTimingAttacks && !isPaste) {
+            const interval = now - this.lastKeystroke;
+            if (interval > 0 && interval < this.config.minKeystrokeInterval) {
+                // Suspiciously fast keystrokes
+                this.suspicionScore += 5;
+                riskScore += 10;
+                if (this.suspicionScore > 50) {
+                    attackType = 'automated_injection';
+                    reason = `Automated input detected (${Math.round(1000 / interval)} CPS)`;
+                    this.log(`Suspicion score: ${this.suspicionScore}, interval: ${interval}ms`);
+                }
+            }
+            else {
+                // Normal typing - decrease suspicion
+                this.suspicionScore = Math.max(0, this.suspicionScore - 1);
+            }
+        }
+        this.lastKeystroke = now;
+        // === Burst detection ===
+        const recentChars = this.getRecentCharCount(100); // Last 100ms
+        if (recentChars > this.config.maxBurstSize) {
+            this.burstCounter++;
+            riskScore += 20;
+            if (this.burstCounter > 3) {
+                attackType = 'timing_burst';
+                reason = `Burst injection detected (${recentChars} chars in 100ms)`;
+                if (this.config.strictMode) {
+                    blocked = true;
+                }
+            }
+        }
+        else {
+            this.burstCounter = Math.max(0, this.burstCounter - 1);
+        }
+        // === Escape sequence validation ===
+        const escapeResult = this.checkEscapeSequences(sanitized);
+        if (escapeResult.found) {
+            riskScore += 40;
+            attackType = 'escape_injection';
+            reason = `Dangerous escape sequence: ${escapeResult.type}`;
+            sanitized = escapeResult.sanitized;
+            this.sanitizedInputs++;
+            if (this.config.strictMode) {
+                blocked = true;
+            }
+        }
+        // === Control character validation ===
+        const controlResult = this.checkControlCharacters(sanitized);
+        if (controlResult.found) {
+            riskScore += 15;
+            if (!attackType) {
+                attackType = 'control_injection';
+                reason = `Control characters detected: ${controlResult.chars.join(', ')}`;
+            }
+            sanitized = controlResult.sanitized;
+            this.sanitizedInputs++;
+        }
+        // === Unicode attack detection ===
+        const unicodeResult = this.checkUnicodeAttacks(sanitized);
+        if (unicodeResult.found) {
+            riskScore += 30;
+            if (!attackType) {
+                attackType = 'unicode_attack';
+                reason = `Unicode attack: ${unicodeResult.type}`;
+            }
+            sanitized = unicodeResult.sanitized;
+            this.sanitizedInputs++;
+        }
+        // === Rate limiting check ===
+        const cps = this.calculateCPS();
+        if (cps > this.config.maxCharactersPerSecond && !isPaste) {
+            riskScore += 25;
+            if (!attackType) {
+                attackType = 'automated_injection';
+                reason = `Rate limit exceeded: ${Math.round(cps)} CPS`;
+            }
+            if (this.config.strictMode && cps > this.config.maxCharactersPerSecond * 2) {
+                blocked = true;
+            }
+        }
+        // Log attack detection
+        if (attackType && riskScore > 30) {
+            this.blockedAttacks++;
+            this.config.onAttackDetected?.(attackType, reason || 'Unknown');
+            this.emit('attack_detected', { type: attackType, reason, riskScore });
+            this.log(`Attack detected: ${attackType} - ${reason} (risk: ${riskScore})`);
+        }
+        return {
+            allowed: !blocked,
+            sanitized: blocked ? '' : sanitized,
+            blocked,
+            reason,
+            attackType,
+            riskScore,
+        };
+    }
+    /**
+     * Enter paste mode (more lenient validation)
+     */
+    enterPasteMode() {
+        this.isInPasteMode = true;
+        this.pasteStartTime = Date.now();
+        this.log('Entered paste mode');
+    }
+    /**
+     * Exit paste mode
+     */
+    exitPasteMode() {
+        const duration = Date.now() - this.pasteStartTime;
+        this.isInPasteMode = false;
+        this.log(`Exited paste mode (duration: ${duration}ms)`);
+    }
+    /**
+     * Check if currently in paste mode
+     */
+    isPasting() {
+        return this.isInPasteMode;
+    }
+    /**
+     * Validate a complete prompt before submission
+     */
+    validatePromptSubmission(prompt) {
+        // Final validation before sending to AI
+        let sanitized = prompt;
+        let riskScore = 0;
+        let attackType;
+        let reason;
+        // Check total size
+        if (prompt.length > this.config.maxBufferSize) {
+            riskScore += 50;
+            attackType = 'overflow_attempt';
+            reason = `Prompt exceeds buffer limit`;
+            sanitized = prompt.slice(0, this.config.maxBufferSize);
+        }
+        // Final escape sequence check
+        const escapeResult = this.checkEscapeSequences(sanitized);
+        if (escapeResult.found) {
+            riskScore += 30;
+            sanitized = escapeResult.sanitized;
+        }
+        // Final unicode check
+        const unicodeResult = this.checkUnicodeAttacks(sanitized);
+        if (unicodeResult.found) {
+            riskScore += 20;
+            sanitized = unicodeResult.sanitized;
+        }
+        return {
+            allowed: true,
+            sanitized,
+            blocked: false,
+            reason,
+            attackType,
+            riskScore,
+        };
+    }
+    /**
+     * Reset protection state (e.g., after idle period)
+     */
+    reset() {
+        this.inputTimings = [];
+        this.lastKeystroke = 0;
+        this.burstCounter = 0;
+        this.suspicionScore = 0;
+        this.isInPasteMode = false;
+    }
+    /**
+     * Get protection statistics
+     */
+    getStats() {
+        return {
+            blockedAttacks: this.blockedAttacks,
+            sanitizedInputs: this.sanitizedInputs,
+            currentSuspicion: this.suspicionScore,
+            currentCPS: this.calculateCPS(),
+        };
+    }
+    // === Private helper methods ===
+    checkEscapeSequences(input) {
+        let sanitized = input;
+        let found = false;
+        let type;
+        for (const pattern of this.dangerousEscapes) {
+            if (pattern.test(sanitized)) {
+                found = true;
+                type = pattern.source;
+                sanitized = sanitized.replace(new RegExp(pattern.source, 'g'), '');
+            }
+        }
+        return { found, type, sanitized };
+    }
+    checkControlCharacters(input) {
+        const foundChars = [];
+        let sanitized = '';
+        for (let i = 0; i < input.length; i++) {
+            const code = input.charCodeAt(i);
+            // Allow normal control characters: Tab (9), Newline (10), Carriage Return (13), Escape (27 - for legit sequences)
+            if (code === 9 || code === 10 || code === 13) {
+                sanitized += input[i];
+                continue;
+            }
+            // Block dangerous control characters
+            if (this.dangerousControls.includes(code)) {
+                foundChars.push(`0x${code.toString(16).padStart(2, '0')}`);
+                continue;
+            }
+            sanitized += input[i];
+        }
+        return {
+            found: foundChars.length > 0,
+            chars: foundChars,
+            sanitized,
+        };
+    }
+    checkUnicodeAttacks(input) {
+        let sanitized = input;
+        let found = false;
+        let type;
+        for (const attack of this.unicodeAttacks) {
+            const pattern = typeof attack.pattern === 'string'
+                ? new RegExp(attack.pattern.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'g')
+                : attack.pattern;
+            if (pattern.test(sanitized)) {
+                found = true;
+                type = attack.name;
+                sanitized = sanitized.replace(pattern, '');
+            }
+        }
+        return { found, type, sanitized };
+    }
+    cleanOldTimings() {
+        const cutoff = Date.now() - 1000; // Keep last 1 second
+        this.inputTimings = this.inputTimings.filter(t => t.timestamp > cutoff);
+    }
+    getRecentCharCount(windowMs) {
+        const cutoff = Date.now() - windowMs;
+        return this.inputTimings
+            .filter(t => t.timestamp > cutoff)
+            .reduce((sum, t) => sum + t.charCount, 0);
+    }
+    calculateCPS() {
+        if (this.inputTimings.length < 2)
+            return 0;
+        const now = Date.now();
+        const windowMs = 1000;
+        const cutoff = now - windowMs;
+        const recentTimings = this.inputTimings.filter(t => t.timestamp > cutoff);
+        if (recentTimings.length === 0)
+            return 0;
+        const totalChars = recentTimings.reduce((sum, t) => sum + t.charCount, 0);
+        const timeSpan = now - recentTimings[0].timestamp;
+        return timeSpan > 0 ? (totalChars / timeSpan) * 1000 : 0;
+    }
+    log(message) {
+        if (this.config.verbose || process.env['AGI_DEBUG']) {
+            console.error(`[InputProtection] ${message}`);
+        }
+    }
+}
+/**
+ * Initialize global input protection (singleton)
+ */
+export function initializeInputProtection(config) {
+    if (!inputProtectionInstance) {
+        inputProtectionInstance = new InputProtection(config);
+    }
+    return inputProtectionInstance;
+}
+/**
+ * Get input protection instance
+ */
+export function getInputProtection() {
+    return inputProtectionInstance;
+}
+/**
+ * Quick validate function for input
+ */
+export function validateChatInput(input, isPaste = false) {
+    const protection = inputProtectionInstance ?? new InputProtection();
+    return protection.validateInput(input, isPaste);
+}
+/**
+ * Validate final prompt before submission
+ */
+export function validatePromptSubmit(prompt) {
+    const protection = inputProtectionInstance ?? new InputProtection();
+    return protection.validatePromptSubmission(prompt);
+}
+// Auto-initialize if environment variable is set
+if (process.env['AGI_INPUT_PROTECTION'] === '1' || process.env['AGI_PROTECTED_MODE'] === '1') {
+    initializeInputProtection({ verbose: process.env['AGI_DEBUG'] === '1' });
+}
+//# sourceMappingURL=inputProtection.js.map

package/dist/core/inputProtection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"inputProtection.js","sourceRoot":"","sources":["../../src/core/inputProtection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAmDtC,yBAAyB;AACzB,IAAI,uBAAuB,GAA2B,IAAI,CAAC;AAE3D;;GAEG;AACH,MAAM,OAAO,eAAgB,SAAQ,YAAY;IACvC,MAAM,CAAkC;IACxC,YAAY,GAAkB,EAAE,CAAC;IACjC,aAAa,GAAG,CAAC,CAAC;IAClB,YAAY,GAAG,CAAC,CAAC;IACjB,cAAc,GAAG,CAAC,CAAC;IACnB,cAAc,GAAG,CAAC,CAAC;IACnB,eAAe,GAAG,CAAC,CAAC;IACpB,aAAa,GAAG,KAAK,CAAC;IACtB,cAAc,GAAG,CAAC,CAAC;IAE3B,sCAAsC;IACrB,gBAAgB,GAAa;QAC5C,eAAe,EAAY,kDAAkD;QAC7E,YAAY,EAAe,8BAA8B;QACzD,oBAAoB,EAAO,qCAAqC;QAChE,oBAAoB,EAAO,iDAAiD;QAC5E,eAAe,EAAY,oCAAoC;QAC/D,eAAe,EAAY,uBAAuB;QAClD,mBAAmB,EAAQ,wBAAwB;QACnD,sBAAsB,EAAK,qBAAqB;QAChD,WAAW,EAAgB,kCAAkC;KAC9D,CAAC;IAEF,+BAA+B;IACd,iBAAiB,GAAa;QAC7C,IAAI,EAAE,yBAAyB;QAC/B,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,iCAAiC;QACvC,IAAI,EAAE,iCAAiC;QACvC,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,sBAAsB;QAC5B,IAAI,EAAE,iBAAiB;QACvB,IAAI,EAAE,gBAAgB;QACtB,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,YAAY;QAClB,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,KAAK;QACX,IAAI,EAAE,eAAe;QACrB,IAAI,EAAE,KAAK;QACX,IAAI,EAAE,KAAK;QACX,IAAI,EAAE,KAAK;QACX,IAAI,EAAE,KAAK;QACX,IAAI,EAAE,MAAM;KACb,CAAC;IAEF,0BAA0B;IACT,cAAc,GAAsD;QACnF,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,cAAc,EAAE,EAAO,yBAAyB;QAC3E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,cAAc,EAAE,EAAO,yBAAyB;QAC3E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,eAAe,EAAE,EAAM,0BAA0B;QAC5E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,eAAe,EAAE,EAAM,0BAA0B;QAC5E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,eAAe,EAAE,EAAM,6BAA6B;QAC/E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,aAAa,EAAE,EAAQ,wBAAwB;QAC1E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,aAAa,EAAE,EAAQ,wBAAwB;QAC1E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,sBAAsB,EAAE;QACnD,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,aAAa,EAAE,EAAQ,0BAA0B;QAC5E,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,EAAW,qBAAqB;QACvE,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,EAAW,qBAAqB;QACvE,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAgB,kBAAkB;QACpE,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,kBAAkB,EAAE,EAAE,4BAA4B;KACvF,CAAC;IAEF,YAAY,SAAgC,EAAE;QAC5C,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,MAAM,GAAG;YACZ,sBAAsB,EAAE,MAAM,CAAC,sBAAsB,IAAI,GAAG,EAAG,mBAAmB;YAClF,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,MAAM,EAAoB,kBAAkB;YACjF,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,MAAM,EAAkB,mBAAmB;YAClF,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,IAAI;YACvD,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,IAAI,CAAC,EAAS,wBAAwB;YACvF,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI,EAAsB,yBAAyB;YACxF,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,KAAK;YACtC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK;YAChC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;SACxD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,KAAa,EAAE,OAAO,GAAG,KAAK;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,MAA0B,CAAC;QAC/B,IAAI,UAAuC,CAAC;QAC5C,IAAI,SAAS,GAAG,CAAC,CAAC;QAElB,eAAe;QACf,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,GAAG,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,eAAe,EAAE,CAAC;QAEvB,0BAA0B;QAC1B,IAAI,OAAO,IAAI,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACvD,SAAS,IAAI,EAAE,CAAC;YAChB,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC3B,OAAO,GAAG,IAAI,CAAC;gBACf,MAAM,GAAG,cAAc,KAAK,CAAC,MAAM,kBAAkB,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;gBAChF,UAAU,GAAG,kBAAkB,CAAC;YAClC,CAAC;iBAAM,CAAC;gBACN,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;gBACrD,MAAM,GAAG,wBAAwB,KAAK,CAAC,MAAM,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACjF,CAAC;YACD,IAAI,CAAC,eAAe,EAAE,CAAC;QACzB,CAAC;QAED,0BAA0B;QAC1B,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,IAAI,CAAC,OAAO,EAAE,CAAC;YAChD,MAAM,QAAQ,GAAG,GAAG,GAAG,IAAI,CAAC,aAAa,CAAC;YAC1C,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBAChE,+BAA+B;gBAC/B,IAAI,CAAC,cAAc,IAAI,CAAC,CAAC;gBACzB,SAAS,IAAI,EAAE,CAAC;gBAEhB,IAAI,IAAI,CAAC,cAAc,GAAG,EAAE,EAAE,CAAC;oBAC7B,UAAU,GAAG,qBAAqB,CAAC;oBACnC,MAAM,GAAG,6BAA6B,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC;oBACzE,IAAI,CAAC,GAAG,CAAC,oBAAoB,IAAI,CAAC,cAAc,eAAe,QAAQ,IAAI,CAAC,CAAC;gBAC/E,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,qCAAqC;gBACrC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC;QAEzB,0BAA0B;QAC1B,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa;QAC/D,IAAI,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC3C,IAAI,CAAC,YAAY,EAAE,CAAC;YACpB,SAAS,IAAI,EAAE,CAAC;YAEhB,IAAI,IAAI,CAAC,YAAY,GAAG,CAAC,EAAE,CAAC;gBAC1B,UAAU,GAAG,cAAc,CAAC;gBAC5B,MAAM,GAAG,6BAA6B,WAAW,kBAAkB,CAAC;gBACpE,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;oBAC3B,OAAO,GAAG,IAAI,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC;QACzD,CAAC;QAED,qCAAqC;QACrC,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC;QAC1D,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;YACvB,SAAS,IAAI,EAAE,CAAC;YAChB,UAAU,GAAG,kBAAkB,CAAC;YAChC,MAAM,GAAG,8BAA8B,YAAY,CAAC,IAAI,EAAE,CAAC;YAC3D,SAAS,GAAG,YAAY,CAAC,SAAS,CAAC;YACnC,IAAI,CAAC,eAAe,EAAE,CAAC;YAEvB,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC3B,OAAO,GAAG,IAAI,CAAC;YACjB,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,MAAM,aAAa,GAAG,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAC;QAC7D,IAAI,aAAa,CAAC,KAAK,EAAE,CAAC;YACxB,SAAS,IAAI,EAAE,CAAC;YAChB,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,UAAU,GAAG,mBAAmB,CAAC;gBACjC,MAAM,GAAG,gCAAgC,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5E,CAAC;YACD,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC;YACpC,IAAI,CAAC,eAAe,EAAE,CAAC;QACzB,CAAC;QAED,mCAAmC;QACnC,MAAM,aAAa,GAAG,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAC1D,IAAI,aAAa,CAAC,KAAK,EAAE,CAAC;YACxB,SAAS,IAAI,EAAE,CAAC;YAChB,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,UAAU,GAAG,gBAAgB,CAAC;gBAC9B,MAAM,GAAG,mBAAmB,aAAa,CAAC,IAAI,EAAE,CAAC;YACnD,CAAC;YACD,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC;YACpC,IAAI,CAAC,eAAe,EAAE,CAAC;QACzB,CAAC;QAED,8BAA8B;QAC9B,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QAChC,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,IAAI,CAAC,OAAO,EAAE,CAAC;YACzD,SAAS,IAAI,EAAE,CAAC;YAChB,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,UAAU,GAAG,qBAAqB,CAAC;gBACnC,MAAM,GAAG,wBAAwB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC;YACzD,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,GAAG,CAAC,EAAE,CAAC;gBAC3E,OAAO,GAAG,IAAI,CAAC;YACjB,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,IAAI,UAAU,IAAI,SAAS,GAAG,EAAE,EAAE,CAAC;YACjC,IAAI,CAAC,cAAc,EAAE,CAAC;YACtB,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC,UAAU,EAAE,MAAM,IAAI,SAAS,CAAC,CAAC;YAChE,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;YACtE,IAAI,CAAC,GAAG,CAAC,oBAAoB,UAAU,MAAM,MAAM,WAAW,SAAS,GAAG,CAAC,CAAC;QAC9E,CAAC;QAED,OAAO;YACL,OAAO,EAAE,CAAC,OAAO;YACjB,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;YACnC,OAAO;YACP,MAAM;YACN,UAAU;YACV,SAAS;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,cAAc;QACZ,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAC1B,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACjC,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IACjC,CAAC;IAED;;OAEG;IACH,aAAa;QACX,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC;QAClD,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC;QAC3B,IAAI,CAAC,GAAG,CAAC,gCAAgC,QAAQ,KAAK,CAAC,CAAC;IAC1D,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,MAAc;QACrC,wCAAwC;QACxC,IAAI,SAAS,GAAG,MAAM,CAAC;QACvB,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,IAAI,UAAuC,CAAC;QAC5C,IAAI,MAA0B,CAAC;QAE/B,mBAAmB;QACnB,IAAI,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC9C,SAAS,IAAI,EAAE,CAAC;YAChB,UAAU,GAAG,kBAAkB,CAAC;YAChC,MAAM,GAAG,6BAA6B,CAAC;YACvC,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QACzD,CAAC;QAED,8BAA8B;QAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC;QAC1D,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;YACvB,SAAS,IAAI,EAAE,CAAC;YAChB,SAAS,GAAG,YAAY,CAAC,SAAS,CAAC;QACrC,CAAC;QAED,sBAAsB;QACtB,MAAM,aAAa,GAAG,IAAI,CAAC,mBAAmB,CAAC,SAAS,CAAC,CAAC;QAC1D,IAAI,aAAa,CAAC,KAAK,EAAE,CAAC;YACxB,SAAS,IAAI,EAAE,CAAC;YAChB,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC;QACtC,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,SAAS;YACT,OAAO,EAAE,KAAK;YACd,MAAM;YACN,UAAU;YACV,SAAS;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,CAAC,YAAY,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,aAAa,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC;QACtB,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC;QACxB,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,QAAQ;QAMN,OAAO;YACL,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,gBAAgB,EAAE,IAAI,CAAC,cAAc;YACrC,UAAU,EAAE,IAAI,CAAC,YAAY,EAAE;SAChC,CAAC;IACJ,CAAC;IAED,iCAAiC;IAEzB,oBAAoB,CAAC,KAAa;QACxC,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,KAAK,GAAG,KAAK,CAAC;QAClB,IAAI,IAAwB,CAAC;QAE7B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC5C,IAAI,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC5B,KAAK,GAAG,IAAI,CAAC;gBACb,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC;gBACtB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;IACpC,CAAC;IAEO,sBAAsB,CAAC,KAAa;QAC1C,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,IAAI,SAAS,GAAG,EAAE,CAAC;QAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAEjC,kHAAkH;YAClH,IAAI,IAAI,KAAK,CAAC,IAAI,IAAI,KAAK,EAAE,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;gBAC7C,SAAS,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;gBACtB,SAAS;YACX,CAAC;YAED,qCAAqC;YACrC,IAAI,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1C,UAAU,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC3D,SAAS;YACX,CAAC;YAED,SAAS,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QACxB,CAAC;QAED,OAAO;YACL,KAAK,EAAE,UAAU,CAAC,MAAM,GAAG,CAAC;YAC5B,KAAK,EAAE,UAAU;YACjB,SAAS;SACV,CAAC;IACJ,CAAC;IAEO,mBAAmB,CAAC,KAAa;QACvC,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,KAAK,GAAG,KAAK,CAAC;QAClB,IAAI,IAAwB,CAAC;QAE7B,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,OAAO,MAAM,CAAC,OAAO,KAAK,QAAQ;gBAChD,CAAC,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,EAAE,GAAG,CAAC;gBACxE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC;YAEnB,IAAI,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC5B,KAAK,GAAG,IAAI,CAAC;gBACb,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;gBACnB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;IACpC,CAAC;IAEO,eAAe;QACrB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,qBAAqB;QACvD,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC,CAAC;IAC1E,CAAC;IAEO,kBAAkB,CAAC,QAAgB;QACzC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC;QACrC,OAAO,IAAI,CAAC,YAAY;aACrB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;aACjC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAC9C,CAAC;IAEO,YAAY;QAClB,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,CAAC,CAAC;QAE3C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC;QACtB,MAAM,MAAM,GAAG,GAAG,GAAG,QAAQ,CAAC;QAC9B,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC,CAAC;QAE1E,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,CAAC,CAAC;QAEzC,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAC1E,MAAM,QAAQ,GAAG,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAElD,OAAO,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,GAAG,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,CAAC;IAEO,GAAG,CAAC,OAAe;QACzB,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;YACpD,OAAO,CAAC,KAAK,CAAC,qBAAqB,OAAO,EAAE,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,MAA8B;IACtE,IAAI,CAAC,uBAAuB,EAAE,CAAC;QAC7B,uBAAuB,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,uBAAuB,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,uBAAuB,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,KAAa,EAAE,OAAO,GAAG,KAAK;IAC9D,MAAM,UAAU,GAAG,uBAAuB,IAAI,IAAI,eAAe,EAAE,CAAC;IACpE,OAAO,UAAU,CAAC,aAAa,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAc;IACjD,MAAM,UAAU,GAAG,uBAAuB,IAAI,IAAI,eAAe,EAAE,CAAC;IACpE,OAAO,UAAU,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;AACrD,CAAC;AAED,iDAAiD;AACjD,IAAI,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,KAAK,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,GAAG,EAAE,CAAC;IAC7F,yBAAyB,CAAC,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;AAC3E,CAAC"}

package/dist/core/liveGCPVerification.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Live GCP Verification Engine
+ *
+ * REAL verification against live Google Cloud infrastructure.
+ * Uses actual API calls, real timing measurements, and live configuration checks.
+ *
+ * For authorized red team operations only.
+ */
+export interface LiveVerificationResult {
+    id: string;
+    vulnerability: string;
+    verified: boolean;
+    confidence: number;
+    evidence: string[];
+    rawResponse?: string;
+    timingMs?: number;
+    technique: string;
+    timestamp: string;
+    projectId: string;
+    severity: 'critical' | 'high' | 'medium' | 'low' | 'info';
+}
+export interface GCPConfig {
+    projectId: string;
+    region?: string;
+    accessToken?: string;
+}
+/**
+ * Run all live GCP verification tests
+ */
+export declare function runLiveGCPVerification(projectId?: string): Promise<{
+    results: LiveVerificationResult[];
+    summary: {
+        total: number;
+        verified: number;
+        critical: number;
+        high: number;
+        medium: number;
+    };
+}>;
+export default runLiveGCPVerification;
+//# sourceMappingURL=liveGCPVerification.d.ts.map

package/dist/core/liveGCPVerification.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"liveGCPVerification.d.ts","sourceRoot":"","sources":["../../src/core/liveGCPVerification.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAaH,MAAM,WAAW,sBAAsB;IACrC,EAAE,EAAE,MAAM,CAAC;IACX,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,OAAO,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;CAC3D;AAED,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAqyBD;;GAEG;AACH,wBAAsB,sBAAsB,CAC1C,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC;IACT,OAAO,EAAE,sBAAsB,EAAE,CAAC;IAClC,OAAO,EAAE;QACP,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;CACH,CAAC,CA6GD;AAED,eAAe,sBAAsB,CAAC"}