deepseek-coder-cli 1.0.0

package/dist/capabilities/appleSecurityCapability.js

@@ -0,0 +1,197 @@
+/**
+ * Apple Security Capability Module
+ *
+ * Provides AGI Core with Apple security auditing, exploitation analysis,
+ * and remediation capabilities for comprehensive Apple security management.
+ */
+import { AppleSecurityIntegration } from '../core/appleSecurityIntegration.js';
+export class AppleSecurityCapabilityModule {
+    id = 'apple-security';
+    name = 'Apple Security Integration';
+    version = '1.0.0';
+    description = 'Comprehensive Apple security auditing, exploitation analysis, and remediation capabilities';
+    securityIntegration = null;
+    options;
+    constructor(options = {}) {
+        this.options = {
+            aggressive: false,
+            targetScope: 'all',
+            enableExploitation: false,
+            enableRemediation: true,
+            outputDir: process.cwd(),
+            ...options
+        };
+    }
+    /**
+     * Initialize the capability module
+     */
+    async initialize() {
+        console.log('🚀 Initializing Apple Security Capability Module...');
+        const config = {
+            aggressive: this.options.aggressive ?? false,
+            evidencePrefix: 'agi-apple-security',
+            rateLimit: 1000,
+            targetScope: this.options.targetScope ?? 'all',
+            enableExploitation: this.options.enableExploitation ?? false,
+            enableRemediation: this.options.enableRemediation ?? true,
+            outputDir: this.options.outputDir ?? process.cwd()
+        };
+        this.securityIntegration = new AppleSecurityIntegration(config);
+        // Quick health check
+        const health = AppleSecurityIntegration.quickCheck();
+        console.log(`Apple Security Health Check: ${health.status} - ${health.details}`);
+        if (health.status === 'unavailable') {
+            throw new Error(`Apple Security capability initialization failed: ${health.details}`);
+        }
+    }
+    /**
+     * Execute Apple security operations
+     */
+    async execute(request) {
+        if (!this.securityIntegration) {
+            throw new Error('Apple Security capability not initialized');
+        }
+        const { operation, parameters } = request;
+        try {
+            let result;
+            switch (operation) {
+                case 'service_discovery':
+                    result = await this.securityIntegration.phase1ServiceDiscovery();
+                    break;
+                case 'vulnerability_assessment':
+                    result = await this.securityIntegration.phase2VulnerabilityAssessment();
+                    break;
+                case 'security_hardening':
+                    result = await this.securityIntegration.phase3SecurityHardening();
+                    break;
+                case 'agi_integration':
+                    result = await this.securityIntegration.phase4AgiIntegration();
+                    break;
+                case 'generate_report':
+                    result = await this.securityIntegration.phase5GenerateReport();
+                    break;
+                case 'full_integration':
+                    result = await this.securityIntegration.runFullIntegration();
+                    break;
+                case 'health_check':
+                    result = AppleSecurityIntegration.quickCheck();
+                    break;
+                case 'list_services':
+                    result = this.securityIntegration.loadAppleServices();
+                    break;
+                case 'list_vulnerabilities':
+                    result = this.securityIntegration.loadAppleVulnerabilities();
+                    break;
+                case 'list_exploits':
+                    result = this.securityIntegration.loadAppleExploits();
+                    break;
+                default:
+                    throw new Error(`Unknown Apple Security operation: ${operation}`);
+            }
+            return {
+                success: true,
+                output: JSON.stringify(result, null, 2),
+                metadata: {
+                    operation,
+                    timestamp: new Date().toISOString(),
+                    capability: this.id
+                }
+            };
+        }
+        catch (error) {
+            return {
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+                output: '',
+                metadata: {
+                    operation,
+                    timestamp: new Date().toISOString(),
+                    capability: this.id
+                }
+            };
+        }
+    }
+    /**
+     * Get capability metadata and available operations
+     */
+    getMetadata() {
+        return {
+            id: this.id,
+            name: this.name,
+            version: this.version,
+            description: this.description,
+            operations: [
+                {
+                    id: 'service_discovery',
+                    name: 'Apple Service Discovery',
+                    description: 'Discover and enumerate Apple services across all categories',
+                    parameters: []
+                },
+                {
+                    id: 'vulnerability_assessment',
+                    name: 'Vulnerability Assessment',
+                    description: 'Assess known Apple vulnerabilities and security weaknesses',
+                    parameters: []
+                },
+                {
+                    id: 'security_hardening',
+                    name: 'Security Hardening',
+                    description: 'Generate security hardening recommendations for Apple environments',
+                    parameters: []
+                },
+                {
+                    id: 'agi_integration',
+                    name: 'AGI Core Integration',
+                    description: 'Check integration capabilities with AGI Core framework',
+                    parameters: []
+                },
+                {
+                    id: 'generate_report',
+                    name: 'Generate Security Report',
+                    description: 'Generate comprehensive security report with findings and recommendations',
+                    parameters: []
+                },
+                {
+                    id: 'full_integration',
+                    name: 'Full Security Integration',
+                    description: 'Run complete Apple security integration workflow',
+                    parameters: []
+                },
+                {
+                    id: 'health_check',
+                    name: 'Health Check',
+                    description: 'Check Apple Security capability health status',
+                    parameters: []
+                },
+                {
+                    id: 'list_services',
+                    name: 'List Apple Services',
+                    description: 'List all known Apple services and domains',
+                    parameters: []
+                },
+                {
+                    id: 'list_vulnerabilities',
+                    name: 'List Vulnerabilities',
+                    description: 'List known Apple vulnerabilities and CVEs',
+                    parameters: []
+                },
+                {
+                    id: 'list_exploits',
+                    name: 'List Exploits',
+                    description: 'List available Apple exploitation techniques',
+                    parameters: []
+                }
+            ],
+            options: this.options
+        };
+    }
+    /**
+     * Clean up resources
+     */
+    async cleanup() {
+        this.securityIntegration = null;
+        console.log('🧹 Apple Security Capability Module cleaned up');
+    }
+}
+export default AppleSecurityCapabilityModule;
+//# sourceMappingURL=appleSecurityCapability.js.map

package/dist/capabilities/appleSecurityCapability.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"appleSecurityCapability.js","sourceRoot":"","sources":["../../src/capabilities/appleSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,wBAAwB,EAA4B,MAAM,qCAAqC,CAAC;AAgBzG,MAAM,OAAO,6BAA6B;IAC/B,EAAE,GAAG,gBAAgB,CAAC;IACtB,IAAI,GAAG,4BAA4B,CAAC;IACpC,OAAO,GAAG,OAAO,CAAC;IAClB,WAAW,GAAG,4FAA4F,CAAC;IAE5G,mBAAmB,GAAoC,IAAI,CAAC;IAC5D,OAAO,CAAiC;IAEhD,YAAY,UAA0C,EAAE;QACtD,IAAI,CAAC,OAAO,GAAG;YACb,UAAU,EAAE,KAAK;YACjB,WAAW,EAAE,KAAK;YAClB,kBAAkB,EAAE,KAAK;YACzB,iBAAiB,EAAE,IAAI;YACvB,SAAS,EAAE,OAAO,CAAC,GAAG,EAAE;YACxB,GAAG,OAAO;SACX,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU;QACd,OAAO,CAAC,GAAG,CAAC,qDAAqD,CAAC,CAAC;QAEnE,MAAM,MAAM,GAAwB;YAClC,UAAU,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,KAAK;YAC5C,cAAc,EAAE,oBAAoB;YACpC,SAAS,EAAE,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,KAAK;YAC9C,kBAAkB,EAAE,IAAI,CAAC,OAAO,CAAC,kBAAkB,IAAI,KAAK;YAC5D,iBAAiB,EAAE,IAAI,CAAC,OAAO,CAAC,iBAAiB,IAAI,IAAI;YACzD,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,GAAG,EAAE;SACnD,CAAC;QAEF,IAAI,CAAC,mBAAmB,GAAG,IAAI,wBAAwB,CAAC,MAAM,CAAC,CAAC;QAEhE,qBAAqB;QACrB,MAAM,MAAM,GAAG,wBAAwB,CAAC,UAAU,EAAE,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,gCAAgC,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QAEjF,IAAI,MAAM,CAAC,MAAM,KAAK,aAAa,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,oDAAoD,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;QACxF,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,OAAY;QACxB,IAAI,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC;QAE1C,IAAI,CAAC;YACH,IAAI,MAAW,CAAC;YAEhB,QAAQ,SAAS,EAAE,CAAC;gBAClB,KAAK,mBAAmB;oBACtB,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,sBAAsB,EAAE,CAAC;oBACjE,MAAM;gBAER,KAAK,0BAA0B;oBAC7B,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,6BAA6B,EAAE,CAAC;oBACxE,MAAM;gBAER,KAAK,oBAAoB;oBACvB,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,uBAAuB,EAAE,CAAC;oBAClE,MAAM;gBAER,KAAK,iBAAiB;oBACpB,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,oBAAoB,EAAE,CAAC;oBAC/D,MAAM;gBAER,KAAK,iBAAiB;oBACpB,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,oBAAoB,EAAE,CAAC;oBAC/D,MAAM;gBAER,KAAK,kBAAkB;oBACrB,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,kBAAkB,EAAE,CAAC;oBAC7D,MAAM;gBAER,KAAK,cAAc;oBACjB,MAAM,GAAG,wBAAwB,CAAC,UAAU,EAAE,CAAC;oBAC/C,MAAM;gBAER,KAAK,eAAe;oBAClB,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAAE,CAAC;oBACtD,MAAM;gBAER,KAAK,sBAAsB;oBACzB,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,wBAAwB,EAAE,CAAC;oBAC7D,MAAM;gBAER,KAAK,eAAe;oBAClB,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,iBAAiB,EAAE,CAAC;oBACtD,MAAM;gBAER;oBACE,MAAM,IAAI,KAAK,CAAC,qCAAqC,SAAS,EAAE,CAAC,CAAC;YACtE,CAAC;YAED,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;gBACvC,QAAQ,EAAE;oBACR,SAAS;oBACT,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,UAAU,EAAE,IAAI,CAAC,EAAE;iBACpB;aACF,CAAC;QAEJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC7D,MAAM,EAAE,EAAE;gBACV,QAAQ,EAAE;oBACR,SAAS;oBACT,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;oBACnC,UAAU,EAAE,IAAI,CAAC,EAAE;iBACpB;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,UAAU,EAAE;gBACV;oBACE,EAAE,EAAE,mBAAmB;oBACvB,IAAI,EAAE,yBAAyB;oBAC/B,WAAW,EAAE,6DAA6D;oBAC1E,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,0BAA0B;oBAC9B,IAAI,EAAE,0BAA0B;oBAChC,WAAW,EAAE,4DAA4D;oBACzE,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,oBAAoB;oBACxB,IAAI,EAAE,oBAAoB;oBAC1B,WAAW,EAAE,oEAAoE;oBACjF,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,iBAAiB;oBACrB,IAAI,EAAE,sBAAsB;oBAC5B,WAAW,EAAE,wDAAwD;oBACrE,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,iBAAiB;oBACrB,IAAI,EAAE,0BAA0B;oBAChC,WAAW,EAAE,0EAA0E;oBACvF,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,kBAAkB;oBACtB,IAAI,EAAE,2BAA2B;oBACjC,WAAW,EAAE,kDAAkD;oBAC/D,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,cAAc;oBAClB,IAAI,EAAE,cAAc;oBACpB,WAAW,EAAE,+CAA+C;oBAC5D,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,eAAe;oBACnB,IAAI,EAAE,qBAAqB;oBAC3B,WAAW,EAAE,2CAA2C;oBACxD,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,sBAAsB;oBAC1B,IAAI,EAAE,sBAAsB;oBAC5B,WAAW,EAAE,2CAA2C;oBACxD,UAAU,EAAE,EAAE;iBACf;gBACD;oBACE,EAAE,EAAE,eAAe;oBACnB,IAAI,EAAE,eAAe;oBACrB,WAAW,EAAE,8CAA8C;oBAC3D,UAAU,EAAE,EAAE;iBACf;aACF;YACD,OAAO,EAAE,IAAI,CAAC,OAAO;SACtB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,mBAAmB,GAAG,IAAI,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;IAChE,CAAC;CACF;AAED,eAAe,6BAA6B,CAAC"}

package/dist/capabilities/authorizedSecurityCapability.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Authorized Security Capability Module
+ *
+ * Modular security testing tools that require explicit authorization context.
+ * Supports: CTF challenges, pentesting engagements, security research, defensive testing.
+ *
+ * Authorization is enforced via:
+ * 1. Explicit context declaration (ctf, pentest, research, defensive)
+ * 2. Target scope validation (localhost, *.ctf.*, authorized domains)
+ * 3. Operation logging for accountability
+ */
+import type { CapabilityContribution, CapabilityContext, CapabilityModule } from '../runtime/agentHost.js';
+export declare class AuthorizedSecurityCapabilityModule implements CapabilityModule {
+    readonly id = "capability.authorized-security";
+    create(_context: CapabilityContext): Promise<CapabilityContribution>;
+}
+//# sourceMappingURL=authorizedSecurityCapability.d.ts.map

package/dist/capabilities/authorizedSecurityCapability.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorizedSecurityCapability.d.ts","sourceRoot":"","sources":["../../src/capabilities/authorizedSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAqC3G,qBAAa,kCAAmC,YAAW,gBAAgB;IACzE,QAAQ,CAAC,EAAE,oCAAoC;IAEzC,MAAM,CAAC,QAAQ,EAAE,iBAAiB,GAAG,OAAO,CAAC,sBAAsB,CAAC;CA8T3E"}

package/dist/capabilities/authorizedSecurityCapability.js

@@ -0,0 +1,333 @@
+/**
+ * Authorized Security Capability Module
+ *
+ * Modular security testing tools that require explicit authorization context.
+ * Supports: CTF challenges, pentesting engagements, security research, defensive testing.
+ *
+ * Authorization is enforced via:
+ * 1. Explicit context declaration (ctf, pentest, research, defensive)
+ * 2. Target scope validation (localhost, *.ctf.*, authorized domains)
+ * 3. Operation logging for accountability
+ */
+// Authorized CTF/training platforms - safe by design
+const AUTHORIZED_CTF_DOMAINS = [
+    /\.hackthebox\.(com|eu)$/,
+    /\.tryhackme\.com$/,
+    /\.ctf\./,
+    /\.ctftime\.org$/,
+    /\.vulnhub\.com$/,
+    /\.pentesterlab\.com$/,
+    /\.offensive-security\.com$/,
+    /\.htb$/,
+    /localhost$/,
+    /^127\./,
+    /^10\./, // Private network - controlled environment
+    /^192\.168\./, // Private network - controlled environment
+];
+// Prohibited targets - never allow regardless of authorization
+const PROHIBITED_TARGETS = [
+    /\.gov$/, // Government
+    /\.mil$/, // Military
+    /\.edu$/, // Education
+    /\.bank$/, // Banking
+    /critical.*infrastructure/i,
+];
+export class AuthorizedSecurityCapabilityModule {
+    id = 'capability.authorized-security';
+    async create(_context) {
+        // Session-scoped authorization state
+        const authState = {
+            context: null,
+            authorizedDomains: [],
+            sessionId: `sec-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
+            startTime: Date.now(),
+            operationLog: [],
+        };
+        const isTargetAuthorized = (target) => {
+            // Check prohibited first
+            for (const pattern of PROHIBITED_TARGETS) {
+                if (pattern.test(target)) {
+                    return { authorized: false, reason: `Target matches prohibited pattern: ${pattern}` };
+                }
+            }
+            // Check CTF platforms (always allowed for ctf/educational context)
+            if (authState.context === 'ctf' || authState.context === 'educational') {
+                for (const pattern of AUTHORIZED_CTF_DOMAINS) {
+                    if (pattern.test(target)) {
+                        return { authorized: true, reason: 'CTF/training platform' };
+                    }
+                }
+            }
+            // Check explicitly authorized domains
+            if (authState.authorizedDomains.some(d => target.includes(d) || target === d)) {
+                return { authorized: true, reason: 'Explicitly authorized domain' };
+            }
+            // Localhost always allowed for any context
+            if (/^(localhost|127\.|10\.|192\.168\.)/.test(target)) {
+                return { authorized: true, reason: 'Local/private network' };
+            }
+            return { authorized: false, reason: 'Target not in authorized scope' };
+        };
+        const logOperation = (operation, target, result) => {
+            authState.operationLog.push({
+                timestamp: Date.now(),
+                operation,
+                target,
+                result,
+            });
+        };
+        return {
+            id: 'authorized-security.tools',
+            description: 'Security testing tools with authorization enforcement',
+            toolSuite: {
+                id: 'authorized-security',
+                description: 'CTF, pentest, research, and defensive security tools',
+                tools: [
+                    {
+                        name: 'SecurityAuth',
+                        description: `Set authorization context for security operations.
+Required before using security tools.
+
+Contexts:
+- ctf: CTF challenges, HackTheBox, TryHackMe, etc.
+- pentest: Authorized penetration testing engagement
+- research: Security research with controlled targets
+- defensive: Blue team / defensive security testing
+- educational: Learning/training purposes
+
+Example: SecurityAuth({ context: "ctf", authorizedDomains: ["target.htb"] })`,
+                        parameters: {
+                            type: 'object',
+                            properties: {
+                                context: {
+                                    type: 'string',
+                                    enum: ['ctf', 'pentest', 'research', 'defensive', 'educational'],
+                                    description: 'Authorization context type',
+                                },
+                                authorizedDomains: {
+                                    type: 'array',
+                                    items: { type: 'string' },
+                                    description: 'Additional domains explicitly authorized for this session',
+                                },
+                                engagement: {
+                                    type: 'string',
+                                    description: 'Optional engagement ID or reference for pentest context',
+                                },
+                            },
+                            required: ['context'],
+                        },
+                        handler: async (args) => {
+                            const context = args['context'];
+                            const domains = args['authorizedDomains'] || [];
+                            const engagement = args['engagement'];
+                            authState.context = context;
+                            authState.authorizedDomains = domains;
+                            logOperation('authorize', 'session', `context=${context}`);
+                            return JSON.stringify({
+                                status: 'authorized',
+                                sessionId: authState.sessionId,
+                                context,
+                                authorizedDomains: domains,
+                                engagement,
+                                ctfPlatformsEnabled: context === 'ctf' || context === 'educational',
+                                message: `Security operations authorized for ${context} context`,
+                                guidelines: {
+                                    ctf: 'Only target CTF platforms and authorized challenge hosts',
+                                    pentest: 'Only target explicitly authorized systems in scope',
+                                    research: 'Use controlled environments, document findings responsibly',
+                                    defensive: 'Blue team operations on owned/authorized infrastructure',
+                                    educational: 'Learning purposes on training platforms only',
+                                },
+                            }, null, 2);
+                        },
+                    },
+                    {
+                        name: 'SecurityRecon',
+                        description: 'Reconnaissance and information gathering on authorized targets. Requires SecurityAuth first.',
+                        parameters: {
+                            type: 'object',
+                            properties: {
+                                target: {
+                                    type: 'string',
+                                    description: 'Target hostname or IP (must be authorized)',
+                                },
+                                type: {
+                                    type: 'string',
+                                    enum: ['dns', 'ports', 'services', 'headers', 'ssl'],
+                                    description: 'Type of reconnaissance',
+                                },
+                                passive: {
+                                    type: 'boolean',
+                                    description: 'Passive-only recon (no active probing)',
+                                },
+                            },
+                            required: ['target', 'type'],
+                        },
+                        handler: async (args) => {
+                            if (!authState.context) {
+                                return JSON.stringify({
+                                    error: 'Authorization required',
+                                    message: 'Call SecurityAuth first to set context',
+                                }, null, 2);
+                            }
+                            const target = args['target'];
+                            const type = args['type'];
+                            const passive = args['passive'] ?? true;
+                            const authCheck = isTargetAuthorized(target);
+                            if (!authCheck.authorized) {
+                                logOperation('recon-blocked', target, authCheck.reason);
+                                return JSON.stringify({
+                                    error: 'Target not authorized',
+                                    target,
+                                    reason: authCheck.reason,
+                                    context: authState.context,
+                                    hint: 'Add target to authorizedDomains or use a CTF platform',
+                                }, null, 2);
+                            }
+                            logOperation(`recon-${type}`, target, 'executed');
+                            // Simulated recon results (actual implementation would use real tools)
+                            const results = {
+                                sessionId: authState.sessionId,
+                                context: authState.context,
+                                target,
+                                type,
+                                passive,
+                                timestamp: new Date().toISOString(),
+                            };
+                            switch (type) {
+                                case 'dns':
+                                    results.data = {
+                                        records: ['A', 'AAAA', 'MX', 'TXT', 'NS'],
+                                        note: 'DNS enumeration results would appear here',
+                                    };
+                                    break;
+                                case 'ports':
+                                    results.data = {
+                                        commonPorts: [22, 80, 443, 8080],
+                                        note: 'Port scan results would appear here (use nmap for real scans)',
+                                    };
+                                    break;
+                                case 'services':
+                                    results.data = {
+                                        detected: ['ssh', 'http', 'https'],
+                                        note: 'Service detection results would appear here',
+                                    };
+                                    break;
+                                case 'headers':
+                                    results.data = {
+                                        securityHeaders: ['X-Frame-Options', 'CSP', 'HSTS'],
+                                        note: 'HTTP header analysis would appear here',
+                                    };
+                                    break;
+                                case 'ssl':
+                                    results.data = {
+                                        protocols: ['TLS 1.2', 'TLS 1.3'],
+                                        note: 'SSL/TLS analysis would appear here',
+                                    };
+                                    break;
+                            }
+                            return JSON.stringify(results, null, 2);
+                        },
+                    },
+                    {
+                        name: 'SecurityVulnCheck',
+                        description: 'Check for common vulnerabilities on authorized targets. Requires SecurityAuth first.',
+                        parameters: {
+                            type: 'object',
+                            properties: {
+                                target: {
+                                    type: 'string',
+                                    description: 'Target to check (must be authorized)',
+                                },
+                                category: {
+                                    type: 'string',
+                                    enum: ['web', 'network', 'config', 'crypto', 'injection'],
+                                    description: 'Vulnerability category to check',
+                                },
+                                safe: {
+                                    type: 'boolean',
+                                    description: 'Safe mode - detection only, no exploitation',
+                                },
+                            },
+                            required: ['target', 'category'],
+                        },
+                        handler: async (args) => {
+                            if (!authState.context) {
+                                return JSON.stringify({
+                                    error: 'Authorization required',
+                                    message: 'Call SecurityAuth first',
+                                }, null, 2);
+                            }
+                            const target = args['target'];
+                            const category = args['category'];
+                            const safe = args['safe'] ?? true;
+                            const authCheck = isTargetAuthorized(target);
+                            if (!authCheck.authorized) {
+                                logOperation('vulncheck-blocked', target, authCheck.reason);
+                                return JSON.stringify({
+                                    error: 'Target not authorized',
+                                    target,
+                                    reason: authCheck.reason,
+                                }, null, 2);
+                            }
+                            logOperation(`vulncheck-${category}`, target, `safe=${safe}`);
+                            return JSON.stringify({
+                                sessionId: authState.sessionId,
+                                context: authState.context,
+                                target,
+                                category,
+                                safeMode: safe,
+                                checks: {
+                                    web: ['XSS', 'CSRF', 'SSRF', 'Path traversal'],
+                                    network: ['Open ports', 'Service versions', 'Default creds'],
+                                    config: ['Misconfigurations', 'Debug endpoints', 'Info disclosure'],
+                                    crypto: ['Weak ciphers', 'Certificate issues', 'Key exposure'],
+                                    injection: ['SQLi', 'Command injection', 'LDAP injection'],
+                                }[category] || [],
+                                note: `Vulnerability checks for ${category} - implement with actual security tools`,
+                                timestamp: new Date().toISOString(),
+                            }, null, 2);
+                        },
+                    },
+                    {
+                        name: 'SecurityReport',
+                        description: 'Generate security assessment report for the session.',
+                        parameters: {
+                            type: 'object',
+                            properties: {
+                                format: {
+                                    type: 'string',
+                                    enum: ['summary', 'detailed', 'json'],
+                                    description: 'Report format',
+                                },
+                            },
+                        },
+                        handler: async (args) => {
+                            const format = args['format'] || 'summary';
+                            const report = {
+                                sessionId: authState.sessionId,
+                                context: authState.context || 'none',
+                                duration: Date.now() - authState.startTime,
+                                operationCount: authState.operationLog.length,
+                                operations: format === 'detailed' ? authState.operationLog : undefined,
+                                authorizedDomains: authState.authorizedDomains,
+                                generated: new Date().toISOString(),
+                            };
+                            if (format === 'summary') {
+                                return `Security Session Report
+========================
+Session: ${report.sessionId}
+Context: ${report.context}
+Duration: ${Math.round(report.duration / 1000)}s
+Operations: ${report.operationCount}
+Generated: ${report.generated}`;
+                            }
+                            return JSON.stringify(report, null, 2);
+                        },
+                    },
+                ],
+            },
+        };
+    }
+}
+//# sourceMappingURL=authorizedSecurityCapability.js.map

package/dist/capabilities/authorizedSecurityCapability.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorizedSecurityCapability.js","sourceRoot":"","sources":["../../src/capabilities/authorizedSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,qDAAqD;AACrD,MAAM,sBAAsB,GAAG;IAC7B,yBAAyB;IACzB,mBAAmB;IACnB,SAAS;IACT,iBAAiB;IACjB,iBAAiB;IACjB,sBAAsB;IACtB,4BAA4B;IAC5B,QAAQ;IACR,YAAY;IACZ,QAAQ;IACR,OAAO,EAAW,2CAA2C;IAC7D,aAAa,EAAK,2CAA2C;CAC9D,CAAC;AAEF,+DAA+D;AAC/D,MAAM,kBAAkB,GAAG;IACzB,QAAQ,EAAU,aAAa;IAC/B,QAAQ,EAAU,WAAW;IAC7B,QAAQ,EAAU,YAAY;IAC9B,SAAS,EAAS,UAAU;IAC5B,2BAA2B;CAC5B,CAAC;AAYF,MAAM,OAAO,kCAAkC;IACpC,EAAE,GAAG,gCAAgC,CAAC;IAE/C,KAAK,CAAC,MAAM,CAAC,QAA2B;QACtC,qCAAqC;QACrC,MAAM,SAAS,GAAuB;YACpC,OAAO,EAAE,IAAI;YACb,iBAAiB,EAAE,EAAE;YACrB,SAAS,EAAE,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YACxE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,YAAY,EAAE,EAAE;SACjB,CAAC;QAEF,MAAM,kBAAkB,GAAG,CAAC,MAAc,EAA2C,EAAE;YACrF,yBAAyB;YACzB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;gBACzC,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBACzB,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,sCAAsC,OAAO,EAAE,EAAE,CAAC;gBACxF,CAAC;YACH,CAAC;YAED,mEAAmE;YACnE,IAAI,SAAS,CAAC,OAAO,KAAK,KAAK,IAAI,SAAS,CAAC,OAAO,KAAK,aAAa,EAAE,CAAC;gBACvE,KAAK,MAAM,OAAO,IAAI,sBAAsB,EAAE,CAAC;oBAC7C,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;wBACzB,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;oBAC/D,CAAC;gBACH,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,IAAI,SAAS,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;gBAC9E,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,8BAA8B,EAAE,CAAC;YACtE,CAAC;YAED,2CAA2C;YAC3C,IAAI,oCAAoC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACtD,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,uBAAuB,EAAE,CAAC;YAC/D,CAAC;YAED,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,gCAAgC,EAAE,CAAC;QACzE,CAAC,CAAC;QAEF,MAAM,YAAY,GAAG,CAAC,SAAiB,EAAE,MAAc,EAAE,MAAc,EAAE,EAAE;YACzE,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC;gBAC1B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,SAAS;gBACT,MAAM;gBACN,MAAM;aACP,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,EAAE,EAAE,2BAA2B;YAC/B,WAAW,EAAE,uDAAuD;YACpE,SAAS,EAAE;gBACT,EAAE,EAAE,qBAAqB;gBACzB,WAAW,EAAE,sDAAsD;gBACnE,KAAK,EAAE;oBACL;wBACE,IAAI,EAAE,cAAc;wBACpB,WAAW,EAAE;;;;;;;;;;6EAUoD;wBACjE,UAAU,EAAE;4BACV,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,OAAO,EAAE;oCACP,IAAI,EAAE,QAAQ;oCACd,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,aAAa,CAAC;oCAChE,WAAW,EAAE,4BAA4B;iCAC1C;gCACD,iBAAiB,EAAE;oCACjB,IAAI,EAAE,OAAO;oCACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oCACzB,WAAW,EAAE,2DAA2D;iCACzE;gCACD,UAAU,EAAE;oCACV,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,yDAAyD;iCACvE;6BACF;4BACD,QAAQ,EAAE,CAAC,SAAS,CAAC;yBACtB;wBACD,OAAO,EAAE,KAAK,EAAE,IAA6B,EAAE,EAAE;4BAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAyB,CAAC;4BACxD,MAAM,OAAO,GAAI,IAAI,CAAC,mBAAmB,CAAc,IAAI,EAAE,CAAC;4BAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAuB,CAAC;4BAE5D,SAAS,CAAC,OAAO,GAAG,OAAO,CAAC;4BAC5B,SAAS,CAAC,iBAAiB,GAAG,OAAO,CAAC;4BAEtC,YAAY,CAAC,WAAW,EAAE,SAAS,EAAE,WAAW,OAAO,EAAE,CAAC,CAAC;4BAE3D,OAAO,IAAI,CAAC,SAAS,CAAC;gCACpB,MAAM,EAAE,YAAY;gCACpB,SAAS,EAAE,SAAS,CAAC,SAAS;gCAC9B,OAAO;gCACP,iBAAiB,EAAE,OAAO;gCAC1B,UAAU;gCACV,mBAAmB,EAAE,OAAO,KAAK,KAAK,IAAI,OAAO,KAAK,aAAa;gCACnE,OAAO,EAAE,sCAAsC,OAAO,UAAU;gCAChE,UAAU,EAAE;oCACV,GAAG,EAAE,0DAA0D;oCAC/D,OAAO,EAAE,oDAAoD;oCAC7D,QAAQ,EAAE,4DAA4D;oCACtE,SAAS,EAAE,yDAAyD;oCACpE,WAAW,EAAE,8CAA8C;iCAC5D;6BACF,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;wBACd,CAAC;qBACF;oBACD;wBACE,IAAI,EAAE,eAAe;wBACrB,WAAW,EAAE,8FAA8F;wBAC3G,UAAU,EAAE;4BACV,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,MAAM,EAAE;oCACN,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,4CAA4C;iCAC1D;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,QAAQ;oCACd,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC;oCACpD,WAAW,EAAE,wBAAwB;iCACtC;gCACD,OAAO,EAAE;oCACP,IAAI,EAAE,SAAS;oCACf,WAAW,EAAE,wCAAwC;iCACtD;6BACF;4BACD,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;yBAC7B;wBACD,OAAO,EAAE,KAAK,EAAE,IAA6B,EAAE,EAAE;4BAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;gCACvB,OAAO,IAAI,CAAC,SAAS,CAAC;oCACpB,KAAK,EAAE,wBAAwB;oCAC/B,OAAO,EAAE,wCAAwC;iCAClD,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;4BACd,CAAC;4BAED,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAW,CAAC;4BACxC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAW,CAAC;4BACpC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAY,IAAI,IAAI,CAAC;4BAEnD,MAAM,SAAS,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;4BAC7C,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;gCAC1B,YAAY,CAAC,eAAe,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;gCACxD,OAAO,IAAI,CAAC,SAAS,CAAC;oCACpB,KAAK,EAAE,uBAAuB;oCAC9B,MAAM;oCACN,MAAM,EAAE,SAAS,CAAC,MAAM;oCACxB,OAAO,EAAE,SAAS,CAAC,OAAO;oCAC1B,IAAI,EAAE,uDAAuD;iCAC9D,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;4BACd,CAAC;4BAED,YAAY,CAAC,SAAS,IAAI,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;4BAElD,uEAAuE;4BACvE,MAAM,OAAO,GAA4B;gCACvC,SAAS,EAAE,SAAS,CAAC,SAAS;gCAC9B,OAAO,EAAE,SAAS,CAAC,OAAO;gCAC1B,MAAM;gCACN,IAAI;gCACJ,OAAO;gCACP,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;6BACpC,CAAC;4BAEF,QAAQ,IAAI,EAAE,CAAC;gCACb,KAAK,KAAK;oCACR,OAAO,CAAC,IAAI,GAAG;wCACb,OAAO,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC;wCACzC,IAAI,EAAE,2CAA2C;qCAClD,CAAC;oCACF,MAAM;gCACR,KAAK,OAAO;oCACV,OAAO,CAAC,IAAI,GAAG;wCACb,WAAW,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC;wCAChC,IAAI,EAAE,+DAA+D;qCACtE,CAAC;oCACF,MAAM;gCACR,KAAK,UAAU;oCACb,OAAO,CAAC,IAAI,GAAG;wCACb,QAAQ,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC;wCAClC,IAAI,EAAE,6CAA6C;qCACpD,CAAC;oCACF,MAAM;gCACR,KAAK,SAAS;oCACZ,OAAO,CAAC,IAAI,GAAG;wCACb,eAAe,EAAE,CAAC,iBAAiB,EAAE,KAAK,EAAE,MAAM,CAAC;wCACnD,IAAI,EAAE,wCAAwC;qCAC/C,CAAC;oCACF,MAAM;gCACR,KAAK,KAAK;oCACR,OAAO,CAAC,IAAI,GAAG;wCACb,SAAS,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;wCACjC,IAAI,EAAE,oCAAoC;qCAC3C,CAAC;oCACF,MAAM;4BACV,CAAC;4BAED,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;wBAC1C,CAAC;qBACF;oBACD;wBACE,IAAI,EAAE,mBAAmB;wBACzB,WAAW,EAAE,sFAAsF;wBACnG,UAAU,EAAE;4BACV,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,MAAM,EAAE;oCACN,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,sCAAsC;iCACpD;gCACD,QAAQ,EAAE;oCACR,IAAI,EAAE,QAAQ;oCACd,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,CAAC;oCACzD,WAAW,EAAE,iCAAiC;iCAC/C;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,SAAS;oCACf,WAAW,EAAE,6CAA6C;iCAC3D;6BACF;4BACD,QAAQ,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;yBACjC;wBACD,OAAO,EAAE,KAAK,EAAE,IAA6B,EAAE,EAAE;4BAC/C,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;gCACvB,OAAO,IAAI,CAAC,SAAS,CAAC;oCACpB,KAAK,EAAE,wBAAwB;oCAC/B,OAAO,EAAE,yBAAyB;iCACnC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;4BACd,CAAC;4BAED,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAW,CAAC;4BACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAW,CAAC;4BAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAY,IAAI,IAAI,CAAC;4BAE7C,MAAM,SAAS,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;4BAC7C,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;gCAC1B,YAAY,CAAC,mBAAmB,EAAE,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;gCAC5D,OAAO,IAAI,CAAC,SAAS,CAAC;oCACpB,KAAK,EAAE,uBAAuB;oCAC9B,MAAM;oCACN,MAAM,EAAE,SAAS,CAAC,MAAM;iCACzB,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;4BACd,CAAC;4BAED,YAAY,CAAC,aAAa,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,IAAI,EAAE,CAAC,CAAC;4BAE9D,OAAO,IAAI,CAAC,SAAS,CAAC;gCACpB,SAAS,EAAE,SAAS,CAAC,SAAS;gCAC9B,OAAO,EAAE,SAAS,CAAC,OAAO;gCAC1B,MAAM;gCACN,QAAQ;gCACR,QAAQ,EAAE,IAAI;gCACd,MAAM,EAAE;oCACN,GAAG,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,gBAAgB,CAAC;oCAC9C,OAAO,EAAE,CAAC,YAAY,EAAE,kBAAkB,EAAE,eAAe,CAAC;oCAC5D,MAAM,EAAE,CAAC,mBAAmB,EAAE,iBAAiB,EAAE,iBAAiB,CAAC;oCACnE,MAAM,EAAE,CAAC,cAAc,EAAE,oBAAoB,EAAE,cAAc,CAAC;oCAC9D,SAAS,EAAE,CAAC,MAAM,EAAE,mBAAmB,EAAE,gBAAgB,CAAC;iCAC3D,CAAC,QAAQ,CAAC,IAAI,EAAE;gCACjB,IAAI,EAAE,4BAA4B,QAAQ,yCAAyC;gCACnF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;6BACpC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;wBACd,CAAC;qBACF;oBACD;wBACE,IAAI,EAAE,gBAAgB;wBACtB,WAAW,EAAE,sDAAsD;wBACnE,UAAU,EAAE;4BACV,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,MAAM,EAAE;oCACN,IAAI,EAAE,QAAQ;oCACd,IAAI,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC;oCACrC,WAAW,EAAE,eAAe;iCAC7B;6BACF;yBACF;wBACD,OAAO,EAAE,KAAK,EAAE,IAA6B,EAAE,EAAE;4BAC/C,MAAM,MAAM,GAAI,IAAI,CAAC,QAAQ,CAAY,IAAI,SAAS,CAAC;4BAEvD,MAAM,MAAM,GAAG;gCACb,SAAS,EAAE,SAAS,CAAC,SAAS;gCAC9B,OAAO,EAAE,SAAS,CAAC,OAAO,IAAI,MAAM;gCACpC,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,SAAS;gCAC1C,cAAc,EAAE,SAAS,CAAC,YAAY,CAAC,MAAM;gCAC7C,UAAU,EAAE,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;gCACtE,iBAAiB,EAAE,SAAS,CAAC,iBAAiB;gCAC9C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;6BACpC,CAAC;4BAEF,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;gCACzB,OAAO;;WAEZ,MAAM,CAAC,SAAS;WAChB,MAAM,CAAC,OAAO;YACb,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC;cAChC,MAAM,CAAC,cAAc;aACtB,MAAM,CAAC,SAAS,EAAE,CAAC;4BAClB,CAAC;4BAED,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;wBACzC,CAAC;qBACF;iBACF;aACF;SACF,CAAC;IACJ,CAAC;CACF"}