ferret-scan 2.2.0 → 2.3.0

package/dist/__tests__/astAnalyzerFull.test.js

@@ -0,0 +1,138 @@
+/**
+ * Full AstAnalyzer Tests
+ * Tests for analyzeFile function
+ */
+import { analyzeFile } from '../analyzers/AstAnalyzer.js';
+function makeFile(overrides = {}) {
+    return {
+        path: '/project/.claude/agents/test.md',
+        relativePath: 'agents/test.md',
+        type: 'md',
+        component: 'agent',
+        size: 100,
+        modified: new Date(),
+        ...overrides,
+    };
+}
+function makeSemanticRule(overrides = {}) {
+    return {
+        id: 'SEM-001',
+        name: 'Semantic Test Rule',
+        category: 'injection',
+        severity: 'HIGH',
+        description: 'Test semantic rule',
+        patterns: [],
+        fileTypes: ['md', 'ts', 'js'],
+        components: ['agent', 'skill', 'hook', 'plugin', 'mcp', 'settings', 'ai-config-md', 'rules-file'],
+        remediation: 'Fix it',
+        references: [],
+        enabled: true,
+        semanticPatterns: [
+            {
+                type: 'function-call',
+                pattern: 'dangerousCall($ARGS)',
+            },
+        ],
+        ...overrides,
+    };
+}
+describe('analyzeFile', () => {
+    it('returns empty array for rules with no semantic patterns', async () => {
+        const file = makeFile();
+        const rule = {
+            id: 'NO-SEM',
+            name: 'No Semantic Rule',
+            category: 'injection',
+            severity: 'HIGH',
+            description: 'Rule without semantic patterns',
+            patterns: [/test/gi],
+            fileTypes: ['md'],
+            components: ['agent'],
+            remediation: 'Fix',
+            references: [],
+            enabled: true,
+        };
+        const findings = await analyzeFile(file, 'const x = 1;', [rule]);
+        expect(findings).toHaveLength(0);
+    });
+    it('returns empty array for empty content', async () => {
+        const file = makeFile({ type: 'ts' });
+        const rule = makeSemanticRule();
+        const findings = await analyzeFile(file, '', [rule]);
+        expect(findings).toHaveLength(0);
+    });
+    it('analyzes TypeScript file for dangerous calls', async () => {
+        const file = makeFile({
+            path: '/project/.claude/agents/test.ts',
+            relativePath: 'agents/test.ts',
+            type: 'ts',
+        });
+        const rule = makeSemanticRule();
+        const content = 'const result = dangerousCall("argument");';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('analyzes markdown file with TypeScript code blocks', async () => {
+        const file = makeFile();
+        const rule = makeSemanticRule();
+        const content = '# Agent Config\n\n```typescript\nconst result = dangerousCall("arg");\n```\n';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles markdown without code blocks', async () => {
+        const file = makeFile();
+        const rule = makeSemanticRule();
+        const content = '# Simple markdown\nNo code blocks here.';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(findings).toHaveLength(0);
+    });
+    it('respects maxMs timeout option', async () => {
+        const file = makeFile({ type: 'ts' });
+        const rule = makeSemanticRule();
+        const content = 'const x = 1; dangerousCall("test"); const y = 2;';
+        const findings = await analyzeFile(file, content, [rule], { maxMs: 10 });
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles JavaScript files', async () => {
+        const file = makeFile({
+            path: '/project/.claude/agents/test.js',
+            relativePath: 'agents/test.js',
+            type: 'js',
+        });
+        const rule = makeSemanticRule({
+            semanticPatterns: [{
+                    type: 'function-call',
+                    pattern: 'dangerousCall($ARGS)',
+                }],
+        });
+        const content = 'dangerousCall("some code");';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('returns empty array for non-code file types', async () => {
+        const file = makeFile({ type: 'json' });
+        const rule = makeSemanticRule();
+        const content = '{"key": "value"}';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(findings).toHaveLength(0);
+    });
+    it('handles multiple semantic patterns in one rule', async () => {
+        const file = makeFile({ type: 'ts' });
+        const rule = makeSemanticRule({
+            semanticPatterns: [
+                {
+                    type: 'function-call',
+                    pattern: 'dangerousCall($ARGS)',
+                },
+                {
+                    type: 'function-call',
+                    pattern: 'suspiciousOperation($ARGS)',
+                },
+            ],
+        });
+        const content = 'dangerousCall("bad"); suspiciousOperation("test");';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+});
+//# sourceMappingURL=astAnalyzerFull.test.js.map

package/dist/__tests__/astAnalyzerPatterns.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * AstAnalyzer Pattern Tests
+ * Tests for different SemanticPattern types (property-access, dynamic-import, eval-chain, object-structure)
+ */
+export {};
+//# sourceMappingURL=astAnalyzerPatterns.test.d.ts.map

package/dist/__tests__/astAnalyzerPatterns.test.js

@@ -0,0 +1,143 @@
+/**
+ * AstAnalyzer Pattern Tests
+ * Tests for different SemanticPattern types (property-access, dynamic-import, eval-chain, object-structure)
+ */
+import { analyzeFile } from '../analyzers/AstAnalyzer.js';
+function makeFile(type = 'ts') {
+    return {
+        path: '/project/.claude/agents/test.' + type,
+        relativePath: 'agents/test.' + type,
+        type,
+        component: 'agent',
+        size: 100,
+        modified: new Date(),
+    };
+}
+function makeRule(patterns) {
+    return {
+        id: 'AST-TEST-001',
+        name: 'AST Test Rule',
+        category: 'injection',
+        severity: 'HIGH',
+        description: 'Test AST patterns',
+        patterns: [],
+        fileTypes: ['md', 'ts', 'js', 'tsx', 'jsx'],
+        components: ['agent', 'skill', 'hook', 'plugin', 'mcp', 'settings', 'ai-config-md', 'rules-file'],
+        remediation: 'Fix it',
+        references: [],
+        enabled: true,
+        semanticPatterns: patterns,
+    };
+}
+describe('analyzeFile - SemanticPattern types', () => {
+    it('detects property-access pattern', async () => {
+        const file = makeFile('ts');
+        const rule = makeRule([{
+                type: 'property-access',
+                pattern: 'process.env',
+            }]);
+        const content = 'const key = process.env.API_KEY;';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('detects dynamic-import pattern', async () => {
+        const file = makeFile('ts');
+        const rule = makeRule([{
+                type: 'dynamic-import',
+                pattern: 'malicious-module',
+            }]);
+        const content = "const mod = await import('malicious-module');";
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('detects object-structure pattern', async () => {
+        const file = makeFile('ts');
+        const rule = makeRule([{
+                type: 'object-structure',
+                pattern: 'dangerous',
+            }]);
+        const content = 'const obj = { dangerous: true };';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles multiple pattern types in one rule', async () => {
+        const file = makeFile('ts');
+        const rule = makeRule([
+            { type: 'function-call', pattern: 'suspiciousFunc' },
+            { type: 'property-access', pattern: 'sensitive.data' },
+        ]);
+        const content = 'suspiciousFunc(); const x = sensitive.data;';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles tsx files', async () => {
+        const file = makeFile('tsx');
+        const rule = makeRule([{
+                type: 'function-call',
+                pattern: 'unsafeFunc',
+            }]);
+        const content = 'const Component = () => { unsafeFunc(); return <div/>; }';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles jsx files', async () => {
+        const file = makeFile('jsx');
+        const rule = makeRule([{
+                type: 'function-call',
+                pattern: 'unsafeFunc',
+            }]);
+        const content = 'function Comp() { unsafeFunc(); return null; }';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles eval-chain pattern type', async () => {
+        const file = makeFile('ts');
+        const rule = makeRule([{
+                type: 'eval-chain',
+                pattern: 'JSON.parse',
+            }]);
+        const content = 'JSON.parse(userInput);';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('analyzes markdown with multiple code blocks', async () => {
+        const file = makeFile('md');
+        const rule = makeRule([{
+                type: 'function-call',
+                pattern: 'suspiciousAction',
+            }]);
+        const content = `
+# Instructions
+
+\`\`\`typescript
+suspiciousAction("first");
+\`\`\`
+
+Some text.
+
+\`\`\`javascript
+suspiciousAction("second");
+\`\`\`
+`;
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles syntax errors in TypeScript gracefully', async () => {
+        const file = makeFile('ts');
+        const rule = makeRule([{
+                type: 'function-call',
+                pattern: 'someFunc',
+            }]);
+        // Intentionally invalid TypeScript syntax
+        const content = 'const x = { missing colon;';
+        const findings = await analyzeFile(file, content, [rule]);
+        expect(Array.isArray(findings)).toBe(true);
+    });
+    it('handles empty patterns array', async () => {
+        const file = makeFile('ts');
+        const rule = makeRule([]);
+        const findings = await analyzeFile(file, 'const x = 1;', [rule]);
+        expect(findings).toHaveLength(0);
+    });
+});
+//# sourceMappingURL=astAnalyzerPatterns.test.js.map

package/dist/__tests__/atlas.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * MITRE Atlas Tests
+ * Tests for technique mapping, annotation, and catalog summary functions.
+ */
+export {};
+//# sourceMappingURL=atlas.test.d.ts.map

package/dist/__tests__/atlas.test.js

@@ -0,0 +1,319 @@
+/**
+ * MITRE Atlas Tests
+ * Tests for technique mapping, annotation, and catalog summary functions.
+ */
+import { getMitreAtlasTechnique, getMitreAtlasTechniqueIdsForFinding, getMitreAtlasTechniquesForFinding, getMitreAtlasTechniqueCatalogSummary, getRelevantMitreAtlasTechniqueCatalogSummary, annotateFindingsWithMitreAtlas, severityToAtlasScore, setMitreAtlasTechniqueCatalog, MITRE_ATLAS_TECHNIQUES, } from '../mitre/atlas.js';
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function makeFinding(overrides = {}) {
+    return {
+        ruleId: 'INJ-001',
+        ruleName: 'Test Rule',
+        severity: 'HIGH',
+        category: 'injection',
+        file: '/test.md',
+        relativePath: 'test.md',
+        line: 1,
+        match: 'bad content',
+        context: [],
+        remediation: 'Fix it.',
+        timestamp: new Date(),
+        riskScore: 50,
+        ...overrides,
+    };
+}
+// ---------------------------------------------------------------------------
+// getMitreAtlasTechnique
+// ---------------------------------------------------------------------------
+describe('getMitreAtlasTechnique', () => {
+    beforeEach(() => {
+        // Reset dynamic catalog
+        setMitreAtlasTechniqueCatalog(null);
+    });
+    it('returns known technique from built-in catalog', () => {
+        const tech = getMitreAtlasTechnique('AML.T0051');
+        expect(tech).toBeDefined();
+        expect(tech.name).toBe('LLM Prompt Injection');
+    });
+    it('returns undefined for unknown technique id', () => {
+        const tech = getMitreAtlasTechnique('AML.TXXXX');
+        expect(tech).toBeUndefined();
+    });
+    it('prefers dynamic catalog over built-in', () => {
+        const dynamic = {
+            'AML.T0051': {
+                id: 'AML.T0051',
+                name: 'Custom Override Name',
+                url: 'https://example.com',
+                tactics: ['execution'],
+            },
+        };
+        setMitreAtlasTechniqueCatalog(dynamic);
+        const tech = getMitreAtlasTechnique('AML.T0051');
+        expect(tech.name).toBe('Custom Override Name');
+    });
+});
+// ---------------------------------------------------------------------------
+// severityToAtlasScore
+// ---------------------------------------------------------------------------
+describe('severityToAtlasScore', () => {
+    it('maps CRITICAL to 5', () => expect(severityToAtlasScore('CRITICAL')).toBe(5));
+    it('maps HIGH to 4', () => expect(severityToAtlasScore('HIGH')).toBe(4));
+    it('maps MEDIUM to 3', () => expect(severityToAtlasScore('MEDIUM')).toBe(3));
+    it('maps LOW to 2', () => expect(severityToAtlasScore('LOW')).toBe(2));
+    it('maps INFO to 1', () => expect(severityToAtlasScore('INFO')).toBe(1));
+});
+// ---------------------------------------------------------------------------
+// getMitreAtlasTechniqueIdsForFinding — rule-specific mappings
+// ---------------------------------------------------------------------------
+describe('getMitreAtlasTechniqueIdsForFinding — rule-specific', () => {
+    beforeEach(() => { setMitreAtlasTechniqueCatalog(null); });
+    const RULE_CASES = [
+        ['AI-001', ['AML.T0056']],
+        ['AI-004', ['AML.T0080']],
+        ['AI-005', ['AML.T0094']],
+        ['AI-006', ['AML.T0067']],
+        ['AI-008', ['AML.T0051', 'AML.T0093']],
+        ['AI-009', ['AML.T0053']],
+        ['AI-010', ['AML.T0054']],
+        ['AI-011', ['AML.T0081']],
+        ['INJ-002', ['AML.T0054']],
+        ['INJ-003', ['AML.T0054']],
+        ['INJ-004', ['AML.T0054']],
+        ['INJ-001', ['AML.T0051']],
+        ['INJ-006', ['AML.T0051']],
+        ['INJ-007', ['AML.T0051']],
+    ];
+    for (const [ruleId, expectedIds] of RULE_CASES) {
+        it(`maps ${ruleId} to ${expectedIds.join(', ')}`, () => {
+            const finding = makeFinding({ ruleId });
+            const ids = getMitreAtlasTechniqueIdsForFinding(finding);
+            for (const expected of expectedIds) {
+                expect(ids).toContain(expected);
+            }
+        });
+    }
+});
+// ---------------------------------------------------------------------------
+// getMitreAtlasTechniqueIdsForFinding — category fallbacks
+// ---------------------------------------------------------------------------
+describe('getMitreAtlasTechniqueIdsForFinding — category fallbacks', () => {
+    beforeEach(() => { setMitreAtlasTechniqueCatalog(null); });
+    const CATEGORY_CASES = [
+        ['injection', ['AML.T0051']],
+        ['ai-specific', ['AML.T0051']],
+        ['credentials', ['AML.T0083', 'AML.T0098']],
+        ['exfiltration', ['AML.T0086', 'AML.T0057']],
+        ['obfuscation', ['AML.T0068']],
+        ['persistence', ['AML.T0081']],
+        ['supply-chain', ['AML.T0011.002', 'AML.T0104']],
+    ];
+    for (const [category, expectedIds] of CATEGORY_CASES) {
+        it(`category '${category}' maps to ${expectedIds.join(', ')}`, () => {
+            const finding = makeFinding({ ruleId: 'UNKNOWN-999', category: category });
+            const ids = getMitreAtlasTechniqueIdsForFinding(finding);
+            for (const expected of expectedIds) {
+                expect(ids).toContain(expected);
+            }
+        });
+    }
+    it('unknown category and unknown ruleId returns empty or specific default', () => {
+        const finding = makeFinding({ ruleId: 'UNKNOWN-999', category: 'backdoors' });
+        const ids = getMitreAtlasTechniqueIdsForFinding(finding);
+        // backdoors has no explicit mapping, may return empty
+        expect(Array.isArray(ids)).toBe(true);
+    });
+});
+// ---------------------------------------------------------------------------
+// getMitreAtlasTechniqueIdsForFinding — explicit metadata
+// ---------------------------------------------------------------------------
+describe('getMitreAtlasTechniqueIdsForFinding — explicit metadata', () => {
+    beforeEach(() => { setMitreAtlasTechniqueCatalog(null); });
+    it('includes explicit IDs from metadata.mitre.atlas', () => {
+        const finding = makeFinding({
+            ruleId: 'UNKNOWN-999',
+            category: 'backdoors',
+            metadata: {
+                mitre: {
+                    atlas: [{ id: 'AML.T0054' }, { id: 'AML.T0068' }],
+                },
+            },
+        });
+        const ids = getMitreAtlasTechniqueIdsForFinding(finding);
+        expect(ids).toContain('AML.T0054');
+        expect(ids).toContain('AML.T0068');
+    });
+    it('deduplicates IDs when both explicit and category map to same technique', () => {
+        const finding = makeFinding({
+            ruleId: 'UNKNOWN-999',
+            category: 'injection',
+            metadata: {
+                mitre: {
+                    atlas: [{ id: 'AML.T0051' }],
+                },
+            },
+        });
+        const ids = getMitreAtlasTechniqueIdsForFinding(finding);
+        expect(ids.filter(id => id === 'AML.T0051')).toHaveLength(1);
+    });
+});
+// ---------------------------------------------------------------------------
+// getMitreAtlasTechniquesForFinding
+// ---------------------------------------------------------------------------
+describe('getMitreAtlasTechniquesForFinding', () => {
+    beforeEach(() => {
+        setMitreAtlasTechniqueCatalog(null);
+    });
+    it('returns technique objects for known IDs', () => {
+        const finding = makeFinding({ ruleId: 'INJ-001' });
+        const techniques = getMitreAtlasTechniquesForFinding(finding);
+        expect(techniques.length).toBeGreaterThan(0);
+        expect(techniques[0].id).toBe('AML.T0051');
+        expect(techniques[0].url).toContain('atlas.mitre.org');
+    });
+    it('creates placeholder technique for unknown IDs in explicit metadata', () => {
+        const finding = makeFinding({
+            ruleId: 'UNKNOWN-999',
+            category: 'backdoors',
+            metadata: {
+                mitre: {
+                    atlas: [{ id: 'AML.T9999' }],
+                },
+            },
+        });
+        const techniques = getMitreAtlasTechniquesForFinding(finding);
+        const placeholder = techniques.find(t => t.id === 'AML.T9999');
+        expect(placeholder).toBeDefined();
+        expect(placeholder.name).toBe('AML.T9999');
+    });
+});
+// ---------------------------------------------------------------------------
+// annotateFindingsWithMitreAtlas
+// ---------------------------------------------------------------------------
+describe('annotateFindingsWithMitreAtlas', () => {
+    beforeEach(() => {
+        setMitreAtlasTechniqueCatalog(null);
+    });
+    it('adds mitre.atlas metadata to findings', () => {
+        const findings = [makeFinding({ ruleId: 'INJ-001' })];
+        const annotated = annotateFindingsWithMitreAtlas(findings);
+        const meta = annotated[0].metadata;
+        expect(meta.mitre.atlas.length).toBeGreaterThan(0);
+    });
+    it('does not duplicate techniques when re-annotating', () => {
+        const findings = [makeFinding({ ruleId: 'INJ-001' })];
+        annotateFindingsWithMitreAtlas(findings);
+        annotateFindingsWithMitreAtlas(findings); // re-annotate
+        const meta = findings[0].metadata;
+        const ids = meta.mitre.atlas.map(t => t.id);
+        const uniqueIds = new Set(ids);
+        expect(ids.length).toBe(uniqueIds.size);
+    });
+    it('skips findings with no matching techniques', () => {
+        const findings = [makeFinding({ ruleId: 'UNKNOWN-999', category: 'backdoors' })];
+        const original = { ...findings[0] };
+        annotateFindingsWithMitreAtlas(findings);
+        // If no techniques mapped, metadata might not be set
+        // At minimum, should not throw
+        expect(findings[0]).toBeDefined();
+        void original; // silence unused warning
+    });
+    it('returns the same array reference', () => {
+        const findings = [makeFinding()];
+        const result = annotateFindingsWithMitreAtlas(findings);
+        expect(result).toBe(findings);
+    });
+});
+// ---------------------------------------------------------------------------
+// getMitreAtlasTechniqueCatalogSummary
+// ---------------------------------------------------------------------------
+describe('getMitreAtlasTechniqueCatalogSummary', () => {
+    beforeEach(() => {
+        setMitreAtlasTechniqueCatalog(null);
+    });
+    it('returns a non-empty summary string', () => {
+        const summary = getMitreAtlasTechniqueCatalogSummary();
+        expect(typeof summary).toBe('string');
+        expect(summary.length).toBeGreaterThan(0);
+    });
+    it('each line follows "AML.T####: Name" format', () => {
+        const lines = getMitreAtlasTechniqueCatalogSummary().split('\n');
+        for (const line of lines) {
+            expect(line).toMatch(/^AML\.T\d{4}/);
+        }
+    });
+    it('respects maxTechniques limit', () => {
+        const lines = getMitreAtlasTechniqueCatalogSummary(3).split('\n');
+        expect(lines.length).toBeLessThanOrEqual(3);
+    });
+    it('returns empty string when maxTechniques is 0', () => {
+        const summary = getMitreAtlasTechniqueCatalogSummary(0);
+        expect(summary).toBe('');
+    });
+    it('uses dynamic catalog when set', () => {
+        const dynamic = {
+            'AML.T9999': {
+                id: 'AML.T9999',
+                name: 'My Custom Technique',
+                url: 'https://example.com',
+                tactics: ['test'],
+            },
+        };
+        setMitreAtlasTechniqueCatalog(dynamic);
+        const summary = getMitreAtlasTechniqueCatalogSummary();
+        expect(summary).toContain('My Custom Technique');
+    });
+});
+// ---------------------------------------------------------------------------
+// getRelevantMitreAtlasTechniqueCatalogSummary
+// ---------------------------------------------------------------------------
+describe('getRelevantMitreAtlasTechniqueCatalogSummary', () => {
+    beforeEach(() => {
+        setMitreAtlasTechniqueCatalog(null);
+    });
+    it('returns techniques relevant to query text', () => {
+        const summary = getRelevantMitreAtlasTechniqueCatalogSummary('prompt injection jailbreak');
+        expect(summary.length).toBeGreaterThan(0);
+        // Should contain injection-related techniques
+        expect(summary).toContain('AML.T0051');
+    });
+    it('falls back to catalog summary when query is empty', () => {
+        const withQuery = getRelevantMitreAtlasTechniqueCatalogSummary('', 5);
+        const full = getMitreAtlasTechniqueCatalogSummary(5);
+        expect(withQuery).toBe(full);
+    });
+    it('respects maxTechniques limit', () => {
+        const summary = getRelevantMitreAtlasTechniqueCatalogSummary('injection', 3);
+        const lines = summary.split('\n');
+        expect(lines.length).toBeLessThanOrEqual(3);
+    });
+    it('returns empty when maxTechniques is 0', () => {
+        const summary = getRelevantMitreAtlasTechniqueCatalogSummary('anything', 0);
+        expect(summary).toBe('');
+    });
+    it('uses full catalog summary when no techniques score positively', () => {
+        const summary = getRelevantMitreAtlasTechniqueCatalogSummary('xyznonmatchingtext', 5);
+        // Falls back to catalog summary since no tokens match
+        expect(summary.length).toBeGreaterThan(0);
+    });
+});
+// ---------------------------------------------------------------------------
+// MITRE_ATLAS_TECHNIQUES constant
+// ---------------------------------------------------------------------------
+describe('MITRE_ATLAS_TECHNIQUES', () => {
+    it('contains expected techniques', () => {
+        expect(MITRE_ATLAS_TECHNIQUES['AML.T0051']).toBeDefined();
+        expect(MITRE_ATLAS_TECHNIQUES['AML.T0054']).toBeDefined();
+        expect(MITRE_ATLAS_TECHNIQUES['AML.T0083']).toBeDefined();
+    });
+    it('all entries have required fields', () => {
+        for (const [id, tech] of Object.entries(MITRE_ATLAS_TECHNIQUES)) {
+            expect(tech.id).toBe(id);
+            expect(typeof tech.name).toBe('string');
+            expect(typeof tech.url).toBe('string');
+            expect(Array.isArray(tech.tactics)).toBe(true);
+        }
+    });
+});
+//# sourceMappingURL=atlas.test.js.map

package/dist/__tests__/atlasCatalog.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * MITRE ATLAS Catalog Loader Tests
+ * Tests for parsing the STIX bundle and loadMitreAtlasTechniqueCatalog.
+ */
+export {};
+//# sourceMappingURL=atlasCatalog.test.d.ts.map