erosolar-cli 1.7.55 → 1.7.56

package/dist/bin/workspace.validator.js

@@ -1,213 +0,0 @@
-/**
- * Workspace Context Validator - Enforces strict safety limits
- *
- * CRITICAL: Prevents context explosion by validating all workspace context
- * before it's sent to the LLM. Multiple safety layers ensure we never
- * exceed token limits.
- */
-import { ContextOverflowError, ResourceLimitError } from './core/errors/errorTypes.js';
-// ABSOLUTE MAXIMUM LIMITS - Never exceed these under any circumstances
-const ABSOLUTE_MAX_CHARS = 5000; // ~1,250 tokens (4 chars per token)
-const ABSOLUTE_MAX_LINES = 100; // Maximum lines in any context
-const ABSOLUTE_MAX_FILE_ENTRIES = 50; // Maximum files in tree
-const ABSOLUTE_MAX_DOC_CHARS = 300; // Maximum chars per priority doc
-const WARNING_THRESHOLD = 0.7; // Warn at 70% of max
-/**
- * Estimate token count (rough: 1 token ≈ 4 characters)
- */
-function estimateTokens(text) {
-    return Math.ceil(text.length / 4);
-}
-/**
- * Validate workspace context options BEFORE building context
- */
-export function validateWorkspaceOptions(options) {
-    const errors = [];
-    const warnings = [];
-    // Validate tree depth
-    if (options.treeDepth !== undefined) {
-        if (options.treeDepth < 0) {
-            errors.push('treeDepth cannot be negative');
-        }
-        if (options.treeDepth > 2) {
-            errors.push(`treeDepth ${options.treeDepth} exceeds maximum of 2`);
-        }
-        if (options.treeDepth > 1) {
-            warnings.push('treeDepth > 1 can significantly increase context size');
-        }
-    }
-    // Validate max entries
-    if (options.maxEntries !== undefined) {
-        if (options.maxEntries < 0) {
-            errors.push('maxEntries cannot be negative');
-        }
-        if (options.maxEntries > ABSOLUTE_MAX_FILE_ENTRIES) {
-            errors.push(`maxEntries ${options.maxEntries} exceeds maximum of ${ABSOLUTE_MAX_FILE_ENTRIES}`);
-        }
-        if (options.maxEntries > 40) {
-            warnings.push('maxEntries > 40 may use significant context');
-        }
-    }
-    // Validate doc excerpt limit
-    if (options.docExcerptLimit !== undefined) {
-        if (options.docExcerptLimit < 0) {
-            errors.push('docExcerptLimit cannot be negative');
-        }
-        if (options.docExcerptLimit > ABSOLUTE_MAX_DOC_CHARS) {
-            errors.push(`docExcerptLimit ${options.docExcerptLimit} exceeds maximum of ${ABSOLUTE_MAX_DOC_CHARS}`);
-        }
-        if (options.docExcerptLimit > 250) {
-            warnings.push('docExcerptLimit > 250 may use significant context');
-        }
-    }
-    return {
-        valid: errors.length === 0,
-        errors,
-        warnings,
-        stats: {
-            totalChars: 0,
-            totalLines: 0,
-            estimatedTokens: 0,
-            fileEntries: options.maxEntries ?? 0,
-            docChars: options.docExcerptLimit ?? 0,
-        },
-    };
-}
-/**
- * Validate workspace context AFTER building - CRITICAL SAFETY CHECK
- * This is the final line of defense against context explosion
- */
-export function validateWorkspaceContext(content) {
-    const errors = [];
-    const warnings = [];
-    // Count basic metrics
-    const totalChars = content.length;
-    const lines = content.split('\n');
-    const totalLines = lines.length;
-    const estimatedTokens = estimateTokens(content);
-    // Count file entries (lines that look like file paths)
-    const fileEntries = lines.filter(line => line.trim() && !line.startsWith('---') && !line.startsWith('cwd:')).length;
-    // Count chars in priority docs section
-    const docMatch = content.match(/--- .* ---[\s\S]*?(?=\n\n|$)/g);
-    const docChars = docMatch ? docMatch.join('').length : 0;
-    const stats = {
-        totalChars,
-        totalLines,
-        estimatedTokens,
-        fileEntries,
-        docChars,
-    };
-    // CRITICAL: Check absolute maximum character limit
-    if (totalChars > ABSOLUTE_MAX_CHARS) {
-        const error = new ContextOverflowError(totalChars, ABSOLUTE_MAX_CHARS, 'chars', true);
-        errors.push(`Context exceeds ABSOLUTE maximum: ${error.message}`);
-    }
-    // CRITICAL: Check absolute maximum line limit
-    if (totalLines > ABSOLUTE_MAX_LINES) {
-        const error = new ContextOverflowError(totalLines, ABSOLUTE_MAX_LINES, 'lines', true);
-        errors.push(`Context exceeds ABSOLUTE maximum: ${error.message}`);
-    }
-    // CRITICAL: Check absolute maximum file entries
-    if (fileEntries > ABSOLUTE_MAX_FILE_ENTRIES) {
-        const error = new ResourceLimitError('file entries', fileEntries, ABSOLUTE_MAX_FILE_ENTRIES, false);
-        errors.push(`Context exceeds ABSOLUTE maximum: ${error.message}`);
-    }
-    // WARNING: Approaching limits
-    if (totalChars > ABSOLUTE_MAX_CHARS * WARNING_THRESHOLD) {
-        warnings.push(`Context size ${totalChars} chars is ${Math.round(totalChars / ABSOLUTE_MAX_CHARS * 100)}% of maximum. ` +
-            `Consider reducing treeDepth, maxEntries, or docExcerptLimit.`);
-    }
-    if (estimatedTokens > 1000) {
-        warnings.push(`Estimated ${estimatedTokens} tokens in workspace context. This is high and may impact performance.`);
-    }
-    return {
-        valid: errors.length === 0,
-        errors,
-        warnings,
-        stats,
-    };
-}
-/**
- * Safe truncation - if content exceeds limits, truncate intelligently
- */
-export function truncateWorkspaceContext(content) {
-    const validation = validateWorkspaceContext(content);
-    // If valid, return as-is
-    if (validation.valid) {
-        return {
-            content,
-            stats: validation.stats,
-        };
-    }
-    // CRITICAL: Content exceeds limits, must truncate
-    const lines = content.split('\n');
-    const truncatedLines = [];
-    let charCount = 0;
-    // Keep up to absolute maximums
-    for (const line of lines) {
-        if (truncatedLines.length >= ABSOLUTE_MAX_LINES) {
-            break;
-        }
-        if (charCount + line.length > ABSOLUTE_MAX_CHARS) {
-            break;
-        }
-        truncatedLines.push(line);
-        charCount += line.length + 1; // +1 for newline
-    }
-    // Add truncation notice
-    if (truncatedLines.length < lines.length) {
-        truncatedLines.push('');
-        truncatedLines.push('[Workspace context truncated to prevent context overflow]');
-        truncatedLines.push(`[Showing ${truncatedLines.length} of ${lines.length} lines]`);
-    }
-    const truncatedContent = truncatedLines.join('\n');
-    const stats = validateWorkspaceContext(truncatedContent).stats;
-    return {
-        content: truncatedContent,
-        stats,
-    };
-}
-/**
- * Validate and enforce limits in a single call - RECOMMENDED USAGE
- */
-export function safeWorkspaceContext(content, options) {
-    const { truncate = true, throwOnError = false } = options ?? {};
-    if (!content) {
-        return {
-            content: '',
-            stats: {
-                totalChars: 0,
-                totalLines: 0,
-                estimatedTokens: 0,
-                fileEntries: 0,
-                docChars: 0,
-            },
-        };
-    }
-    const validation = validateWorkspaceContext(content);
-    // Log warnings to console
-    if (validation.warnings.length > 0) {
-        console.warn('[Workspace Context Validator] Warnings:');
-        for (const warning of validation.warnings) {
-            console.warn(`  - ${warning}`);
-        }
-    }
-    // Handle errors
-    if (!validation.valid) {
-        console.error('[Workspace Context Validator] CRITICAL ERRORS:');
-        for (const error of validation.errors) {
-            console.error(`  - ${error}`);
-        }
-        if (throwOnError) {
-            throw new Error(`Workspace context validation failed:\n${validation.errors.join('\n')}`);
-        }
-        if (truncate) {
-            console.warn('[Workspace Context Validator] Auto-truncating to safe limits...');
-            return truncateWorkspaceContext(content);
-        }
-    }
-    return {
-        content,
-        stats: validation.stats,
-    };
-}

package/dist/capabilities/offensiveSecurityCapability.d.ts

@@ -1,26 +0,0 @@
-/**
- * Offensive Security Capability Module
- *
- * Provides advanced offensive security capabilities for authorized testing.
- * These tools include reverse shells, fileless persistence, web shells, and more.
- *
- * LEGAL NOTICE:
- * All offensive security tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, red team exercises, and authorized penetration testing only.
- */
-import type { CapabilityContribution, CapabilityContext, CapabilityModule } from '../runtime/agentHost.js';
-export interface OffensiveSecurityCapabilityOptions {
-    workingDir?: string;
-    id?: string;
-    description?: string;
-    enableAdvancedExploitation?: boolean;
-    requireAuthorization?: boolean;
-    enablePayloadGeneration?: boolean;
-}
-export declare class OffensiveSecurityCapabilityModule implements CapabilityModule {
-    readonly id = "capability.offensive.security";
-    private readonly options;
-    constructor(options?: OffensiveSecurityCapabilityOptions);
-    create(context: CapabilityContext): Promise<CapabilityContribution>;
-}
-//# sourceMappingURL=offensiveSecurityCapability.d.ts.map

package/dist/capabilities/offensiveSecurityCapability.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"offensiveSecurityCapability.d.ts","sourceRoot":"","sources":["../../src/capabilities/offensiveSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3G,MAAM,WAAW,kCAAkC;IACjD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC;AAED,qBAAa,iCAAkC,YAAW,gBAAgB;IACxE,QAAQ,CAAC,EAAE,mCAAmC;IAC9C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAqC;gBAEjD,OAAO,GAAE,kCAAuC;IAStD,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,sBAAsB,CAAC;CAoC1E"}

package/dist/capabilities/offensiveSecurityCapability.js

@@ -1,58 +0,0 @@
-/**
- * Offensive Security Capability Module
- *
- * Provides advanced offensive security capabilities for authorized testing.
- * These tools include reverse shells, fileless persistence, web shells, and more.
- *
- * LEGAL NOTICE:
- * All offensive security tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, red team exercises, and authorized penetration testing only.
- */
-import { createOffensiveSecurityTools } from '../tools/offensiveSecurityTools.js';
-export class OffensiveSecurityCapabilityModule {
-    id = 'capability.offensive.security';
-    options;
-    constructor(options = {}) {
-        this.options = {
-            requireAuthorization: true,
-            enableAdvancedExploitation: false,
-            enablePayloadGeneration: false,
-            ...options
-        };
-    }
-    async create(context) {
-        const workingDir = this.options.workingDir ?? context.workingDir;
-        return {
-            id: this.options.id ?? 'offensive.security.research.tools',
-            description: this.options.description ??
-                'Advanced offensive security testing tools with reverse shells, fileless persistence, web shells, and exploitation capabilities.',
-            toolSuite: {
-                id: 'offensive.security',
-                description: 'Advanced offensive security testing tools',
-                tools: createOffensiveSecurityTools(workingDir, {
-                    enableAdvancedExploitation: this.options.enableAdvancedExploitation,
-                    requireAuthorization: this.options.requireAuthorization,
-                    enablePayloadGeneration: this.options.enablePayloadGeneration
-                }),
-            },
-            metadata: {
-                workingDir,
-                requireAuthorization: this.options.requireAuthorization,
-                enableAdvancedExploitation: this.options.enableAdvancedExploitation,
-                enablePayloadGeneration: this.options.enablePayloadGeneration,
-                supportedOperations: [
-                    'reverse_shell_generation',
-                    'fileless_persistence',
-                    'web_shell_deployment',
-                    'scheduled_persistence',
-                    'obfuscated_payloads',
-                    'dns_tunneling',
-                    'phishing_templates',
-                    'backdoor_user_creation'
-                ],
-                legalNotice: 'For authorized security research and testing only. All activities must be properly authorized and scoped. Unauthorized use is illegal.'
-            },
-        };
-    }
-}
-//# sourceMappingURL=offensiveSecurityCapability.js.map

package/dist/capabilities/offensiveSecurityCapability.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"offensiveSecurityCapability.js","sourceRoot":"","sources":["../../src/capabilities/offensiveSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAAE,4BAA4B,EAAE,MAAM,oCAAoC,CAAC;AAWlF,MAAM,OAAO,iCAAiC;IACnC,EAAE,GAAG,+BAA+B,CAAC;IAC7B,OAAO,CAAqC;IAE7D,YAAY,UAA8C,EAAE;QAC1D,IAAI,CAAC,OAAO,GAAG;YACb,oBAAoB,EAAE,IAAI;YAC1B,0BAA0B,EAAE,KAAK;YACjC,uBAAuB,EAAE,KAAK;YAC9B,GAAG,OAAO;SACX,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA0B;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;QAEjE,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,IAAI,mCAAmC;YAC1D,WAAW,EACT,IAAI,CAAC,OAAO,CAAC,WAAW;gBACxB,iIAAiI;YACnI,SAAS,EAAE;gBACT,EAAE,EAAE,oBAAoB;gBACxB,WAAW,EAAE,2CAA2C;gBACxD,KAAK,EAAE,4BAA4B,CAAC,UAAU,EAAE;oBAC9C,0BAA0B,EAAE,IAAI,CAAC,OAAO,CAAC,0BAA0B;oBACnE,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;oBACvD,uBAAuB,EAAE,IAAI,CAAC,OAAO,CAAC,uBAAuB;iBAC9D,CAAC;aACH;YACD,QAAQ,EAAE;gBACR,UAAU;gBACV,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBACvD,0BAA0B,EAAE,IAAI,CAAC,OAAO,CAAC,0BAA0B;gBACnE,uBAAuB,EAAE,IAAI,CAAC,OAAO,CAAC,uBAAuB;gBAC7D,mBAAmB,EAAE;oBACnB,0BAA0B;oBAC1B,sBAAsB;oBACtB,sBAAsB;oBACtB,uBAAuB;oBACvB,qBAAqB;oBACrB,eAAe;oBACf,oBAAoB;oBACpB,wBAAwB;iBACzB;gBACD,WAAW,EAAE,wIAAwI;aACtJ;SACF,CAAC;IACJ,CAAC;CACF"}

package/dist/capabilities/realSecurityCapability.d.ts

@@ -1,26 +0,0 @@
-/**
- * Real Security Capability Module
- *
- * Provides actual security testing capabilities with real implementations.
- * These tools perform real persistence, scanning, and exploitation.
- *
- * LEGAL NOTICE:
- * All security testing tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, bug bounty programs, and red team exercises only.
- */
-import type { CapabilityContribution, CapabilityContext, CapabilityModule } from '../runtime/agentHost.js';
-export interface RealSecurityCapabilityOptions {
-    workingDir?: string;
-    id?: string;
-    description?: string;
-    enableExploitation?: boolean;
-    requireAuthorization?: boolean;
-    enableAdvancedTechniques?: boolean;
-}
-export declare class RealSecurityCapabilityModule implements CapabilityModule {
-    readonly id = "capability.real.security";
-    private readonly options;
-    constructor(options?: RealSecurityCapabilityOptions);
-    create(context: CapabilityContext): Promise<CapabilityContribution>;
-}
-//# sourceMappingURL=realSecurityCapability.d.ts.map

package/dist/capabilities/realSecurityCapability.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"realSecurityCapability.d.ts","sourceRoot":"","sources":["../../src/capabilities/realSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3G,MAAM,WAAW,6BAA6B;IAC5C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,wBAAwB,CAAC,EAAE,OAAO,CAAC;CACpC;AAED,qBAAa,4BAA6B,YAAW,gBAAgB;IACnE,QAAQ,CAAC,EAAE,8BAA8B;IACzC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAgC;gBAE5C,OAAO,GAAE,6BAAkC;IASjD,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,sBAAsB,CAAC;CA+B1E"}

package/dist/capabilities/realSecurityCapability.js

@@ -1,53 +0,0 @@
-/**
- * Real Security Capability Module
- *
- * Provides actual security testing capabilities with real implementations.
- * These tools perform real persistence, scanning, and exploitation.
- *
- * LEGAL NOTICE:
- * All security testing tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, bug bounty programs, and red team exercises only.
- */
-import { createRealSecurityTools } from '../tools/realSecurityTools.js';
-export class RealSecurityCapabilityModule {
-    id = 'capability.real.security';
-    options;
-    constructor(options = {}) {
-        this.options = {
-            requireAuthorization: true,
-            enableExploitation: false,
-            enableAdvancedTechniques: false,
-            ...options
-        };
-    }
-    async create(context) {
-        const workingDir = this.options.workingDir ?? context.workingDir;
-        return {
-            id: this.options.id ?? 'real.security.research.tools',
-            description: this.options.description ??
-                'Real security testing tools with actual implementations for persistence, scanning, and exploitation.',
-            toolSuite: {
-                id: 'real.security',
-                description: 'Real security testing and research tools',
-                tools: createRealSecurityTools(workingDir, {
-                    enableExploitation: this.options.enableExploitation,
-                    requireAuthorization: this.options.requireAuthorization
-                }),
-            },
-            metadata: {
-                workingDir,
-                requireAuthorization: this.options.requireAuthorization,
-                enableExploitation: this.options.enableExploitation,
-                enableAdvancedTechniques: this.options.enableAdvancedTechniques,
-                supportedOperations: [
-                    'real_persistence_implementation',
-                    'real_vulnerability_scanning',
-                    'real_network_exploitation',
-                    'real_security_reporting'
-                ],
-                legalNotice: 'For authorized security research and testing only. All activities must be properly authorized and scoped.'
-            },
-        };
-    }
-}
-//# sourceMappingURL=realSecurityCapability.js.map

package/dist/capabilities/realSecurityCapability.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"realSecurityCapability.js","sourceRoot":"","sources":["../../src/capabilities/realSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAAE,uBAAuB,EAAE,MAAM,+BAA+B,CAAC;AAWxE,MAAM,OAAO,4BAA4B;IAC9B,EAAE,GAAG,0BAA0B,CAAC;IACxB,OAAO,CAAgC;IAExD,YAAY,UAAyC,EAAE;QACrD,IAAI,CAAC,OAAO,GAAG;YACb,oBAAoB,EAAE,IAAI;YAC1B,kBAAkB,EAAE,KAAK;YACzB,wBAAwB,EAAE,KAAK;YAC/B,GAAG,OAAO;SACX,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA0B;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;QAEjE,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,IAAI,8BAA8B;YACrD,WAAW,EACT,IAAI,CAAC,OAAO,CAAC,WAAW;gBACxB,sGAAsG;YACxG,SAAS,EAAE;gBACT,EAAE,EAAE,eAAe;gBACnB,WAAW,EAAE,0CAA0C;gBACvD,KAAK,EAAE,uBAAuB,CAAC,UAAU,EAAE;oBACzC,kBAAkB,EAAE,IAAI,CAAC,OAAO,CAAC,kBAAkB;oBACnD,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;iBACxD,CAAC;aACH;YACD,QAAQ,EAAE;gBACR,UAAU;gBACV,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBACvD,kBAAkB,EAAE,IAAI,CAAC,OAAO,CAAC,kBAAkB;gBACnD,wBAAwB,EAAE,IAAI,CAAC,OAAO,CAAC,wBAAwB;gBAC/D,mBAAmB,EAAE;oBACnB,iCAAiC;oBACjC,6BAA6B;oBAC7B,2BAA2B;oBAC3B,yBAAyB;iBAC1B;gBACD,WAAW,EAAE,2GAA2G;aACzH;SACF,CAAC;IACJ,CAAC;CACF"}

package/dist/capabilities/securityCapability.d.ts

@@ -1,32 +0,0 @@
-/**
- * Security Research Capability Module
- *
- * Provides comprehensive security research tools for authorized penetration testing,
- * vulnerability assessment, and persistence mechanism analysis.
- *
- * This module integrates with the core capability system and provides:
- * - Authorization framework for security testing
- * - Persistence research tools
- * - Vulnerability assessment capabilities
- * - Attack simulation framework
- * - Security reporting and analysis
- *
- * LEGAL NOTICE:
- * All security research tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, bug bounty programs, and red team exercises only.
- */
-import type { CapabilityContribution, CapabilityContext, CapabilityModule } from '../runtime/agentHost.js';
-export interface SecurityCapabilityOptions {
-    workingDir?: string;
-    id?: string;
-    description?: string;
-    enableAdvancedResearch?: boolean;
-    requireAuthorization?: boolean;
-}
-export declare class SecurityCapabilityModule implements CapabilityModule {
-    readonly id = "capability.security";
-    private readonly options;
-    constructor(options?: SecurityCapabilityOptions);
-    create(context: CapabilityContext): Promise<CapabilityContribution>;
-}
-//# sourceMappingURL=securityCapability.d.ts.map

package/dist/capabilities/securityCapability.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"securityCapability.d.ts","sourceRoot":"","sources":["../../src/capabilities/securityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3G,MAAM,WAAW,yBAAyB;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED,qBAAa,wBAAyB,YAAW,gBAAgB;IAC/D,QAAQ,CAAC,EAAE,yBAAyB;IACpC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAA4B;gBAExC,OAAO,GAAE,yBAA8B;IAQ7C,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,sBAAsB,CAAC;CA6B1E"}

package/dist/capabilities/securityCapability.js

@@ -1,57 +0,0 @@
-/**
- * Security Research Capability Module
- *
- * Provides comprehensive security research tools for authorized penetration testing,
- * vulnerability assessment, and persistence mechanism analysis.
- *
- * This module integrates with the core capability system and provides:
- * - Authorization framework for security testing
- * - Persistence research tools
- * - Vulnerability assessment capabilities
- * - Attack simulation framework
- * - Security reporting and analysis
- *
- * LEGAL NOTICE:
- * All security research tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, bug bounty programs, and red team exercises only.
- */
-import { createSecurityTools } from '../tools/securityTools.js';
-export class SecurityCapabilityModule {
-    id = 'capability.security';
-    options;
-    constructor(options = {}) {
-        this.options = {
-            requireAuthorization: true,
-            enableAdvancedResearch: false,
-            ...options
-        };
-    }
-    async create(context) {
-        const workingDir = this.options.workingDir ?? context.workingDir;
-        return {
-            id: this.options.id ?? 'security.research.tools',
-            description: this.options.description ??
-                'Comprehensive security research tools for authorized penetration testing, vulnerability assessment, and persistence mechanism analysis.',
-            toolSuite: {
-                id: 'security',
-                description: 'Security research and testing tools',
-                tools: createSecurityTools(workingDir, {
-                    enableAdvancedResearch: this.options.enableAdvancedResearch,
-                    requireAuthorization: this.options.requireAuthorization
-                }),
-            },
-            metadata: {
-                workingDir,
-                requireAuthorization: this.options.requireAuthorization,
-                enableAdvancedResearch: this.options.enableAdvancedResearch,
-                supportedResearchAreas: [
-                    'persistence_analysis',
-                    'vulnerability_assessment',
-                    'attack_simulation',
-                    'security_reporting'
-                ]
-            },
-        };
-    }
-}
-//# sourceMappingURL=securityCapability.js.map

package/dist/capabilities/securityCapability.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"securityCapability.js","sourceRoot":"","sources":["../../src/capabilities/securityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAGH,OAAO,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAUhE,MAAM,OAAO,wBAAwB;IAC1B,EAAE,GAAG,qBAAqB,CAAC;IACnB,OAAO,CAA4B;IAEpD,YAAY,UAAqC,EAAE;QACjD,IAAI,CAAC,OAAO,GAAG;YACb,oBAAoB,EAAE,IAAI;YAC1B,sBAAsB,EAAE,KAAK;YAC7B,GAAG,OAAO;SACX,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA0B;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;QAEjE,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,IAAI,yBAAyB;YAChD,WAAW,EACT,IAAI,CAAC,OAAO,CAAC,WAAW;gBACxB,yIAAyI;YAC3I,SAAS,EAAE;gBACT,EAAE,EAAE,UAAU;gBACd,WAAW,EAAE,qCAAqC;gBAClD,KAAK,EAAE,mBAAmB,CAAC,UAAU,EAAE;oBACrC,sBAAsB,EAAE,IAAI,CAAC,OAAO,CAAC,sBAAsB;oBAC3D,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;iBACxD,CAAC;aACH;YACD,QAAQ,EAAE;gBACR,UAAU;gBACV,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBACvD,sBAAsB,EAAE,IAAI,CAAC,OAAO,CAAC,sBAAsB;gBAC3D,sBAAsB,EAAE;oBACtB,sBAAsB;oBACtB,0BAA0B;oBAC1B,mBAAmB;oBACnB,oBAAoB;iBACrB;aACF;SACF,CAAC;IACJ,CAAC;CACF"}

package/dist/capabilities/ultimateSecurityCapability.d.ts

@@ -1,42 +0,0 @@
-/**
- * Ultimate Security Capability Module
- *
- * Provides complete security testing capabilities with authorization framework.
- * Combines real security testing, offensive security, and authorization management.
- *
- * LEGAL NOTICE:
- * All security testing tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, red team exercises, and authorized penetration testing only.
- */
-import type { CapabilityContribution, CapabilityContext, CapabilityModule } from '../runtime/agentHost.js';
-import { AuthorizationManager } from '../security/authorization.js';
-export interface UltimateSecurityCapabilityOptions {
-    workingDir?: string;
-    id?: string;
-    description?: string;
-    enableExploitation?: boolean;
-    enableAdvancedExploitation?: boolean;
-    enablePayloadGeneration?: boolean;
-    requireAuthorization?: boolean;
-    authorizationManager?: AuthorizationManager;
-}
-export declare class UltimateSecurityCapabilityModule implements CapabilityModule {
-    readonly id = "capability.ultimate.security";
-    private readonly options;
-    private readonly authorizationManager;
-    constructor(options?: UltimateSecurityCapabilityOptions);
-    create(context: CapabilityContext): Promise<CapabilityContribution>;
-    /**
-     * Get the authorization manager instance
-     */
-    getAuthorizationManager(): AuthorizationManager;
-    /**
-     * Get current authorization status
-     */
-    getAuthorizationStatus(): any;
-    /**
-     * Generate authorization report
-     */
-    generateAuthorizationReport(): string;
-}
-//# sourceMappingURL=ultimateSecurityCapability.d.ts.map

package/dist/capabilities/ultimateSecurityCapability.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"ultimateSecurityCapability.d.ts","sourceRoot":"","sources":["../../src/capabilities/ultimateSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,sBAAsB,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3G,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AAGpE,MAAM,WAAW,iCAAiC;IAChD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;CAC7C;AAED,qBAAa,gCAAiC,YAAW,gBAAgB;IACvE,QAAQ,CAAC,EAAE,kCAAkC;IAC7C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAoC;IAC5D,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAuB;gBAEhD,OAAO,GAAE,iCAAsC;IAYrD,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAqDzE;;OAEG;IACH,uBAAuB,IAAI,oBAAoB;IAI/C;;OAEG;IACH,sBAAsB;IAItB;;OAEG;IACH,2BAA2B,IAAI,MAAM;CAGtC"}

package/dist/capabilities/ultimateSecurityCapability.js

@@ -1,96 +0,0 @@
-/**
- * Ultimate Security Capability Module
- *
- * Provides complete security testing capabilities with authorization framework.
- * Combines real security testing, offensive security, and authorization management.
- *
- * LEGAL NOTICE:
- * All security testing tools require explicit authorization and scope definition.
- * Intended for legitimate security testing, red team exercises, and authorized penetration testing only.
- */
-import { AuthorizationManager } from '../security/authorization.js';
-import { createEnhancedSecurityTools } from '../tools/enhancedSecurityTools.js';
-export class UltimateSecurityCapabilityModule {
-    id = 'capability.ultimate.security';
-    options;
-    authorizationManager;
-    constructor(options = {}) {
-        this.options = {
-            requireAuthorization: true,
-            enableExploitation: false,
-            enableAdvancedExploitation: false,
-            enablePayloadGeneration: false,
-            ...options
-        };
-        this.authorizationManager = options.authorizationManager || new AuthorizationManager();
-    }
-    async create(context) {
-        const workingDir = this.options.workingDir ?? context.workingDir;
-        return {
-            id: this.options.id ?? 'ultimate.security.research.tools',
-            description: this.options.description ??
-                'Complete security testing capabilities with authorization framework, real security testing, offensive security, and advanced exploitation tools.',
-            toolSuite: {
-                id: 'ultimate.security',
-                description: 'Complete security testing and research tools with authorization',
-                tools: createEnhancedSecurityTools(workingDir, {
-                    enableExploitation: this.options.enableExploitation,
-                    enableAdvancedExploitation: this.options.enableAdvancedExploitation,
-                    enablePayloadGeneration: this.options.enablePayloadGeneration,
-                    requireAuthorization: this.options.requireAuthorization,
-                    authorizationManager: this.authorizationManager
-                }),
-            },
-            metadata: {
-                workingDir,
-                requireAuthorization: this.options.requireAuthorization,
-                enableExploitation: this.options.enableExploitation,
-                enableAdvancedExploitation: this.options.enableAdvancedExploitation,
-                enablePayloadGeneration: this.options.enablePayloadGeneration,
-                authorizationManager: this.authorizationManager ? 'custom' : 'default',
-                supportedOperations: [
-                    'authorization_management',
-                    'real_persistence_implementation',
-                    'real_vulnerability_scanning',
-                    'real_network_exploitation',
-                    'real_security_reporting',
-                    'reverse_shell_generation',
-                    'fileless_persistence',
-                    'web_shell_deployment',
-                    'scheduled_persistence',
-                    'obfuscated_payloads',
-                    'dns_tunneling',
-                    'phishing_templates',
-                    'backdoor_user_creation'
-                ],
-                totalTools: 22, // 3 auth tools + 10 real security + 8 offensive security + 1 report
-                legalNotice: 'For authorized security research and testing only. All activities must be properly authorized and scoped. Unauthorized use is illegal.',
-                version: '1.0.0',
-                capabilities: {
-                    authorization: ['request', 'status', 'report'],
-                    realSecurity: ['persistence', 'vulnerability', 'network', 'reporting'],
-                    offensiveSecurity: ['payloads', 'persistence', 'exploitation', 'evasion']
-                }
-            },
-        };
-    }
-    /**
-     * Get the authorization manager instance
-     */
-    getAuthorizationManager() {
-        return this.authorizationManager;
-    }
-    /**
-     * Get current authorization status
-     */
-    getAuthorizationStatus() {
-        return this.authorizationManager.getAuthorizationStatus();
-    }
-    /**
-     * Generate authorization report
-     */
-    generateAuthorizationReport() {
-        return this.authorizationManager.generateAuthorizationReport();
-    }
-}
-//# sourceMappingURL=ultimateSecurityCapability.js.map

package/dist/capabilities/ultimateSecurityCapability.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"ultimateSecurityCapability.js","sourceRoot":"","sources":["../../src/capabilities/ultimateSecurityCapability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,2BAA2B,EAAE,MAAM,mCAAmC,CAAC;AAahF,MAAM,OAAO,gCAAgC;IAClC,EAAE,GAAG,8BAA8B,CAAC;IAC5B,OAAO,CAAoC;IAC3C,oBAAoB,CAAuB;IAE5D,YAAY,UAA6C,EAAE;QACzD,IAAI,CAAC,OAAO,GAAG;YACb,oBAAoB,EAAE,IAAI;YAC1B,kBAAkB,EAAE,KAAK;YACzB,0BAA0B,EAAE,KAAK;YACjC,uBAAuB,EAAE,KAAK;YAC9B,GAAG,OAAO;SACX,CAAC;QAEF,IAAI,CAAC,oBAAoB,GAAG,OAAO,CAAC,oBAAoB,IAAI,IAAI,oBAAoB,EAAE,CAAC;IACzF,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA0B;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;QAEjE,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,IAAI,kCAAkC;YACzD,WAAW,EACT,IAAI,CAAC,OAAO,CAAC,WAAW;gBACxB,kJAAkJ;YACpJ,SAAS,EAAE;gBACT,EAAE,EAAE,mBAAmB;gBACvB,WAAW,EAAE,iEAAiE;gBAC9E,KAAK,EAAE,2BAA2B,CAAC,UAAU,EAAE;oBAC7C,kBAAkB,EAAE,IAAI,CAAC,OAAO,CAAC,kBAAkB;oBACnD,0BAA0B,EAAE,IAAI,CAAC,OAAO,CAAC,0BAA0B;oBACnE,uBAAuB,EAAE,IAAI,CAAC,OAAO,CAAC,uBAAuB;oBAC7D,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;oBACvD,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;iBAChD,CAAC;aACH;YACD,QAAQ,EAAE;gBACR,UAAU;gBACV,oBAAoB,EAAE,IAAI,CAAC,OAAO,CAAC,oBAAoB;gBACvD,kBAAkB,EAAE,IAAI,CAAC,OAAO,CAAC,kBAAkB;gBACnD,0BAA0B,EAAE,IAAI,CAAC,OAAO,CAAC,0BAA0B;gBACnE,uBAAuB,EAAE,IAAI,CAAC,OAAO,CAAC,uBAAuB;gBAC7D,oBAAoB,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;gBACtE,mBAAmB,EAAE;oBACnB,0BAA0B;oBAC1B,iCAAiC;oBACjC,6BAA6B;oBAC7B,2BAA2B;oBAC3B,yBAAyB;oBACzB,0BAA0B;oBAC1B,sBAAsB;oBACtB,sBAAsB;oBACtB,uBAAuB;oBACvB,qBAAqB;oBACrB,eAAe;oBACf,oBAAoB;oBACpB,wBAAwB;iBACzB;gBACD,UAAU,EAAE,EAAE,EAAE,oEAAoE;gBACpF,WAAW,EAAE,wIAAwI;gBACrJ,OAAO,EAAE,OAAO;gBAChB,YAAY,EAAE;oBACZ,aAAa,EAAE,CAAC,SAAS,EAAE,QAAQ,EAAE,QAAQ,CAAC;oBAC9C,YAAY,EAAE,CAAC,aAAa,EAAE,eAAe,EAAE,SAAS,EAAE,WAAW,CAAC;oBACtE,iBAAiB,EAAE,CAAC,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,SAAS,CAAC;iBAC1E;aACF;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,uBAAuB;QACrB,OAAO,IAAI,CAAC,oBAAoB,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,sBAAsB;QACpB,OAAO,IAAI,CAAC,oBAAoB,CAAC,sBAAsB,EAAE,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,2BAA2B;QACzB,OAAO,IAAI,CAAC,oBAAoB,CAAC,2BAA2B,EAAE,CAAC;IACjE,CAAC;CACF"}