framework-mcp 1.0.0 ā 1.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/config.json +11 -0
- package/.claude_config.json +11 -0
- package/.github/workflows/release.yml +30 -0
- package/.mcp.json +11 -0
- package/CIS_CONTROLS_IMPLEMENTATION_PLAN.md +220 -0
- package/README.md +92 -9
- package/dist/index.d.ts +29 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +5753 -61
- package/dist/index.js.map +1 -1
- package/package.json +3 -2
- package/src/index.ts +5967 -147
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
name: Release
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
tags:
|
|
6
|
+
- 'v*'
|
|
7
|
+
|
|
8
|
+
jobs:
|
|
9
|
+
publish:
|
|
10
|
+
runs-on: ubuntu-latest
|
|
11
|
+
|
|
12
|
+
steps:
|
|
13
|
+
- uses: actions/checkout@v4
|
|
14
|
+
|
|
15
|
+
- name: Use Node.js
|
|
16
|
+
uses: actions/setup-node@v4
|
|
17
|
+
with:
|
|
18
|
+
node-version: '20.x'
|
|
19
|
+
registry-url: 'https://registry.npmjs.org'
|
|
20
|
+
|
|
21
|
+
- name: Install dependencies
|
|
22
|
+
run: npm ci
|
|
23
|
+
|
|
24
|
+
- name: Build
|
|
25
|
+
run: npm run build
|
|
26
|
+
|
|
27
|
+
- name: Publish to npm
|
|
28
|
+
run: npm publish
|
|
29
|
+
env:
|
|
30
|
+
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
|
package/.mcp.json
ADDED
|
@@ -0,0 +1,220 @@
|
|
|
1
|
+
# CIS Controls v8.1 Implementation Plan
|
|
2
|
+
|
|
3
|
+
## Current Status
|
|
4
|
+
- **Completed**: 59 safeguards implemented (Controls 1-7 complete)
|
|
5
|
+
- **Remaining**: Controls 8-18 (11 controls, estimated 40+ additional safeguards)
|
|
6
|
+
- **Available Resources**: Individual PDF documents for each control in docs/ folder
|
|
7
|
+
|
|
8
|
+
## Implementation Strategy
|
|
9
|
+
|
|
10
|
+
### Sequential Processing Order
|
|
11
|
+
Process controls in this specific order for optimal dependency management:
|
|
12
|
+
|
|
13
|
+
#### Phase 1: Technical Infrastructure Controls (High Priority)
|
|
14
|
+
1. **Control 8: Audit Log Management**
|
|
15
|
+
- Foundation for security monitoring and detection
|
|
16
|
+
- PDF: `CISv8.1-Control 8.pdf`
|
|
17
|
+
- Estimated safeguards: 6-8
|
|
18
|
+
|
|
19
|
+
2. **Control 10: Malware Defenses**
|
|
20
|
+
- Critical protection control
|
|
21
|
+
- PDF: `CISv8.1-Control 10.pdf`
|
|
22
|
+
- Estimated safeguards: 6-8
|
|
23
|
+
|
|
24
|
+
3. **Control 12: Network Infrastructure Management**
|
|
25
|
+
- Network security foundation
|
|
26
|
+
- PDF: `CISv8.1-Control 12.pdf`
|
|
27
|
+
- Estimated safeguards: 6-8
|
|
28
|
+
|
|
29
|
+
4. **Control 13: Network Monitoring and Defense**
|
|
30
|
+
- Builds on Control 12, detection capabilities
|
|
31
|
+
- PDF: `CISv8.1-Control 13.pdf`
|
|
32
|
+
- Estimated safeguards: 6-8
|
|
33
|
+
|
|
34
|
+
#### Phase 2: Data and Application Controls (Medium-High Priority)
|
|
35
|
+
5. **Control 9: Email and Web Browser Protections**
|
|
36
|
+
- Common attack vectors
|
|
37
|
+
- PDF: `CISv8.1-Control 9.pdf`
|
|
38
|
+
- Estimated safeguards: 4-6
|
|
39
|
+
|
|
40
|
+
6. **Control 11: Data Recovery**
|
|
41
|
+
- Business continuity foundation
|
|
42
|
+
- PDF: `CISv8.1-Control 11.pdf`
|
|
43
|
+
- Estimated safeguards: 3-5
|
|
44
|
+
|
|
45
|
+
7. **Control 16: Application Software Security**
|
|
46
|
+
- Application layer security
|
|
47
|
+
- PDF: `CISv8.1-Control 16.pdf`
|
|
48
|
+
- Estimated safeguards: 6-8
|
|
49
|
+
|
|
50
|
+
#### Phase 3: Process and Governance Controls (Medium Priority)
|
|
51
|
+
8. **Control 14: Security Awareness and Skills Training**
|
|
52
|
+
- Human element, process-focused
|
|
53
|
+
- PDF: `CISv8.1-Control 14.pdf`
|
|
54
|
+
- Estimated safeguards: 4-6
|
|
55
|
+
|
|
56
|
+
9. **Control 15: Service Provider Management**
|
|
57
|
+
- Third-party risk management
|
|
58
|
+
- PDF: `CISv8.1-Control 15.pdf`
|
|
59
|
+
- Estimated safeguards: 4-6
|
|
60
|
+
|
|
61
|
+
10. **Control 17: Incident Response Management**
|
|
62
|
+
- Response processes and capabilities
|
|
63
|
+
- PDF: `CISv8.1-Control 17.pdf`
|
|
64
|
+
- Estimated safeguards: 6-8
|
|
65
|
+
|
|
66
|
+
11. **Control 18: Penetration Testing**
|
|
67
|
+
- Validation and testing processes
|
|
68
|
+
- PDF: `CISv8.1-Control 18.pdf`
|
|
69
|
+
- Estimated safeguards: 3-5
|
|
70
|
+
|
|
71
|
+
## Standard Session Template
|
|
72
|
+
|
|
73
|
+
For each control, follow this systematic approach:
|
|
74
|
+
|
|
75
|
+
### 1. Initialize Session
|
|
76
|
+
```bash
|
|
77
|
+
# Update todo list with current control
|
|
78
|
+
# Example: "Process Control 8: Audit Log Management"
|
|
79
|
+
```
|
|
80
|
+
|
|
81
|
+
### 2. Read and Analyze PDF
|
|
82
|
+
- Read the complete control PDF document
|
|
83
|
+
- Identify all safeguards in the control (e.g., 8.1, 8.2, 8.3, etc.)
|
|
84
|
+
- Note control title, description, and overall purpose
|
|
85
|
+
- Extract Implementation Group classifications
|
|
86
|
+
|
|
87
|
+
### 3. Extract Safeguard Elements
|
|
88
|
+
For each safeguard, categorize elements using the color-coding system:
|
|
89
|
+
|
|
90
|
+
- **š Orange (Governance Elements)**: Process/policy requirements that MUST be met
|
|
91
|
+
- **š¢ Green (Core Requirements)**: The essential "what" of the safeguard
|
|
92
|
+
- **š” Yellow (Sub-taxonomical Elements)**: Detailed sub-components
|
|
93
|
+
- **ā« Gray (Implementation Suggestions)**: Suggested methods and tools
|
|
94
|
+
|
|
95
|
+
Additional metadata:
|
|
96
|
+
- Asset types (devices, applications, users, etc.)
|
|
97
|
+
- Security functions (Identify, Protect, Detect, Respond, Recover)
|
|
98
|
+
- Relevant keywords for analysis engine
|
|
99
|
+
|
|
100
|
+
### 4. Implement in Code
|
|
101
|
+
```typescript
|
|
102
|
+
// Add to CIS_SAFEGUARDS object in src/index.ts
|
|
103
|
+
"X.Y": {
|
|
104
|
+
id: "X.Y",
|
|
105
|
+
title: "Safeguard Title",
|
|
106
|
+
description: "Description...",
|
|
107
|
+
implementationGroup: "IG1" | "IG2" | "IG3",
|
|
108
|
+
assetType: [...],
|
|
109
|
+
securityFunction: [...],
|
|
110
|
+
governanceElements: [...], // Orange
|
|
111
|
+
coreRequirements: [...], // Green
|
|
112
|
+
subTaxonomicalElements: [...], // Yellow
|
|
113
|
+
implementationSuggestions: [...], // Gray
|
|
114
|
+
relatedSafeguards: [...],
|
|
115
|
+
keywords: [...]
|
|
116
|
+
}
|
|
117
|
+
```
|
|
118
|
+
|
|
119
|
+
### 5. Test and Validate
|
|
120
|
+
```bash
|
|
121
|
+
npm run build # Verify compilation
|
|
122
|
+
# Test with sample vendor responses
|
|
123
|
+
# Verify analysis engine processes new safeguards correctly
|
|
124
|
+
```
|
|
125
|
+
|
|
126
|
+
### 6. Document and Commit
|
|
127
|
+
```bash
|
|
128
|
+
git add .
|
|
129
|
+
git commit -m "Add Control X: [Control Name] - implemented X.1 through X.Y safeguards
|
|
130
|
+
|
|
131
|
+
- Extracted all safeguards from CISv8.1-Control X.pdf
|
|
132
|
+
- Categorized elements using color-coding system
|
|
133
|
+
- Added appropriate keywords and metadata
|
|
134
|
+
- Tested with analysis engine
|
|
135
|
+
|
|
136
|
+
š¤ Generated with [Claude Code](https://claude.ai/code)
|
|
137
|
+
|
|
138
|
+
Co-Authored-By: Claude <noreply@anthropic.com>"
|
|
139
|
+
|
|
140
|
+
git push origin main
|
|
141
|
+
```
|
|
142
|
+
|
|
143
|
+
## Success Criteria for Each Control
|
|
144
|
+
|
|
145
|
+
ā
**Extraction Complete**
|
|
146
|
+
- [ ] All safeguards identified and extracted from PDF
|
|
147
|
+
- [ ] Elements properly categorized (Orange/Green/Yellow/Gray)
|
|
148
|
+
- [ ] Implementation Groups assigned correctly
|
|
149
|
+
|
|
150
|
+
ā
**Code Implementation**
|
|
151
|
+
- [ ] All safeguards added to CIS_SAFEGUARDS object
|
|
152
|
+
- [ ] Consistent formatting with existing controls
|
|
153
|
+
- [ ] Code compiles without errors
|
|
154
|
+
- [ ] Proper TypeScript typing maintained
|
|
155
|
+
|
|
156
|
+
ā
**Testing and Validation**
|
|
157
|
+
- [ ] Analysis engine correctly processes new safeguards
|
|
158
|
+
- [ ] Capability categorization works appropriately
|
|
159
|
+
- [ ] Sample vendor responses produce expected results
|
|
160
|
+
|
|
161
|
+
ā
**Documentation and Commit**
|
|
162
|
+
- [ ] Progress tracking updated
|
|
163
|
+
- [ ] Detailed commit message with control summary
|
|
164
|
+
- [ ] Changes committed and pushed to repository
|
|
165
|
+
|
|
166
|
+
## Progress Tracking
|
|
167
|
+
|
|
168
|
+
### Completed Controls
|
|
169
|
+
- ā
Control 1: Inventory and Control of Enterprise Assets
|
|
170
|
+
- ā
Control 2: Inventory and Control of Software Assets
|
|
171
|
+
- ā
Control 3: Data Protection
|
|
172
|
+
- ā
Control 4: Secure Configuration of Enterprise Assets and Software
|
|
173
|
+
- ā
Control 5: Account Management
|
|
174
|
+
- ā
Control 6: Access Control Management
|
|
175
|
+
- ā
Control 7: Continuous Vulnerability Management
|
|
176
|
+
- ā
**Control 8: Audit Log Management** (12 safeguards: 8.1-8.12)
|
|
177
|
+
- ā
**Control 10: Malware Defenses** (7 safeguards: 10.1-10.7)
|
|
178
|
+
- ā
**Control 11: Data Recovery** (5 safeguards: 11.1-11.5)
|
|
179
|
+
- ā
**Control 9: Email and Web Browser Protections** (7 safeguards: 9.1-9.7)
|
|
180
|
+
- ā
**Control 12: Network Infrastructure Management** (8 safeguards: 12.1-12.8)
|
|
181
|
+
- ā
**Control 13: Network Monitoring and Defense** (11 safeguards: 13.1-13.11)
|
|
182
|
+
- ā
**Control 14: Security Awareness and Skills Training** (9 safeguards: 14.1-14.9)
|
|
183
|
+
- ā
**Control 15: Service Provider Management** (7 safeguards: 15.1-15.7)
|
|
184
|
+
- ā
**Control 16: Application Software Security** (14 safeguards: 16.1-16.14)
|
|
185
|
+
- ā
**Control 17: Incident Response Management** (9 safeguards: 17.1-17.9)
|
|
186
|
+
- ā
**Control 18: Penetration Testing** (5 safeguards: 18.1-18.5)
|
|
187
|
+
|
|
188
|
+
### ā
ALL CONTROLS COMPLETE
|
|
189
|
+
**Total Implementation**: 153 safeguards across all 18 CIS Controls v8.1
|
|
190
|
+
|
|
191
|
+
### Final Status
|
|
192
|
+
- [ ] **COMPLETE**: All CIS Controls v8.1 safeguards implemented
|
|
193
|
+
- [ ] **Framework Ready**: Full vendor analysis capability enabled
|
|
194
|
+
|
|
195
|
+
## Risk Mitigation
|
|
196
|
+
|
|
197
|
+
### Context Limit Management
|
|
198
|
+
- Process only one control per session to avoid PDF context limits
|
|
199
|
+
- Use targeted reading with offsets if PDFs are very large
|
|
200
|
+
- Focus on extracting structured information efficiently
|
|
201
|
+
|
|
202
|
+
### Quality Assurance
|
|
203
|
+
- Reference existing controls 1-7 as formatting templates
|
|
204
|
+
- Validate element categorization against established patterns
|
|
205
|
+
- Test each implementation before moving to next control
|
|
206
|
+
|
|
207
|
+
### Recovery Strategy
|
|
208
|
+
- Detailed progress tracking enables restart from any point
|
|
209
|
+
- Each control is independent (no cascading failures)
|
|
210
|
+
- Commit after each successful control completion
|
|
211
|
+
- Can skip complex controls and return later if needed
|
|
212
|
+
|
|
213
|
+
## Estimated Timeline
|
|
214
|
+
- **Per Control**: 1-2 hours (extraction + implementation + testing)
|
|
215
|
+
- **Total Remaining**: ~15-20 hours of focused work
|
|
216
|
+
- **Completion Target**: Can be spread across multiple sessions safely
|
|
217
|
+
|
|
218
|
+
---
|
|
219
|
+
|
|
220
|
+
**Next Action**: Begin with Control 8 (Audit Log Management) using the standard session template.
|
package/README.md
CHANGED
|
@@ -44,6 +44,17 @@ The server uses the CIS Controls visual framework with color-coded categorizatio
|
|
|
44
44
|
npm install -g framework-mcp
|
|
45
45
|
```
|
|
46
46
|
|
|
47
|
+
### Update to Latest Version
|
|
48
|
+
```bash
|
|
49
|
+
npm update -g framework-mcp
|
|
50
|
+
```
|
|
51
|
+
|
|
52
|
+
Or reinstall to get the latest version:
|
|
53
|
+
```bash
|
|
54
|
+
npm uninstall -g framework-mcp
|
|
55
|
+
npm install -g framework-mcp
|
|
56
|
+
```
|
|
57
|
+
|
|
47
58
|
### Install from source
|
|
48
59
|
```bash
|
|
49
60
|
git clone https://github.com/therealcybermattlee/FrameworkMCP.git
|
|
@@ -115,8 +126,21 @@ claude-code "Analyze the vendor responses in vendors.csv and provide recommendat
|
|
|
115
126
|
claude-code "Show me the detailed breakdown of safeguard 5.1 including all sub-elements"
|
|
116
127
|
```
|
|
117
128
|
|
|
129
|
+
### Validate Vendor Capability Claims
|
|
130
|
+
|
|
131
|
+
**NEW**: Validate whether a vendor's stated capability mapping is actually supported by their explanatory text.
|
|
132
|
+
|
|
133
|
+
```bash
|
|
134
|
+
claude-code "Validate this vendor capability claim:
|
|
135
|
+
Vendor: SecureAssets Corp
|
|
136
|
+
Safeguard: 1.1
|
|
137
|
+
Claimed Capability: FULL
|
|
138
|
+
Supporting Text: 'Our comprehensive asset management platform performs automated discovery of all enterprise devices, maintains detailed hardware and software inventories, tracks ownership and location data, provides real-time asset status monitoring, and includes documented inventory procedures with bi-annual review capabilities.'"
|
|
139
|
+
```
|
|
140
|
+
|
|
118
141
|
## š Sample Output
|
|
119
142
|
|
|
143
|
+
### Standard Analysis Output
|
|
120
144
|
```json
|
|
121
145
|
{
|
|
122
146
|
"vendor": "SecureIAM Corp",
|
|
@@ -146,16 +170,40 @@ claude-code "Show me the detailed breakdown of safeguard 5.1 including all sub-e
|
|
|
146
170
|
}
|
|
147
171
|
```
|
|
148
172
|
|
|
173
|
+
### Validation Tool Output
|
|
174
|
+
```json
|
|
175
|
+
{
|
|
176
|
+
"vendor": "SecureAssets Corp",
|
|
177
|
+
"safeguard_id": "1.1",
|
|
178
|
+
"safeguard_title": "Establish and Maintain a Detailed Enterprise Asset Inventory",
|
|
179
|
+
"claimed_capability": "full",
|
|
180
|
+
"validation_status": "SUPPORTED",
|
|
181
|
+
"confidence_score": 85,
|
|
182
|
+
"evidence_analysis": {
|
|
183
|
+
"core_requirements_coverage": 100,
|
|
184
|
+
"sub_elements_coverage": 47,
|
|
185
|
+
"governance_alignment": 80,
|
|
186
|
+
"language_consistency": 90
|
|
187
|
+
},
|
|
188
|
+
"gaps_identified": [],
|
|
189
|
+
"strengths_identified": [
|
|
190
|
+
"High coverage of core requirements and sub-elements",
|
|
191
|
+
"Strong implementation language consistency"
|
|
192
|
+
],
|
|
193
|
+
"recommendations": [],
|
|
194
|
+
"detailed_feedback": "Validation of FULL capability claim: SUPPORTED (85% alignment)\n\nSTRENGTHS:\n⢠High coverage of core requirements and sub-elements\n⢠Strong implementation language consistency\n\nASSESSMENT: The vendor's supporting evidence strongly aligns with their claimed capability."
|
|
195
|
+
}
|
|
196
|
+
```
|
|
197
|
+
|
|
149
198
|
## š§ Available Tools
|
|
150
199
|
|
|
151
200
|
| Tool | Description |
|
|
152
201
|
|------|-------------|
|
|
153
202
|
| `analyze_vendor_response` | Analyze vendor response for specific safeguard |
|
|
203
|
+
| `validate_vendor_mapping` | **NEW** Validate vendor's claimed capability against supporting evidence |
|
|
154
204
|
| `validate_coverage_claim` | Validate FULL/PARTIAL coverage claims |
|
|
155
205
|
| `get_safeguard_details` | Get detailed safeguard breakdown |
|
|
156
206
|
| `list_available_safeguards` | List all available CIS safeguards |
|
|
157
|
-
| `generate_coverage_report` | Generate detailed coverage analysis |
|
|
158
|
-
| `export_analysis` | Export results to JSON/CSV/Markdown |
|
|
159
207
|
|
|
160
208
|
## š File Formats Supported
|
|
161
209
|
|
|
@@ -185,16 +233,51 @@ Vendor: AnotherVendor - Safeguard: 6.3
|
|
|
185
233
|
Another response...
|
|
186
234
|
```
|
|
187
235
|
|
|
236
|
+
## š Vendor Mapping Validation
|
|
237
|
+
|
|
238
|
+
The **validate_vendor_mapping** tool provides evidence-based validation of vendor capability claims. This addresses a critical need: vendors often self-assess their capabilities, but practitioners need to verify whether the supporting evidence actually justifies the claimed mapping.
|
|
239
|
+
|
|
240
|
+
### Validation Criteria
|
|
241
|
+
|
|
242
|
+
| Capability | Requirements | Validation Thresholds |
|
|
243
|
+
|------------|-------------|----------------------|
|
|
244
|
+
| **FULL** | Complete implementation within scope | ā„70% core requirements + ā„40% sub-elements |
|
|
245
|
+
| **PARTIAL** | Limited scope with clear boundaries | ā„30% core requirements OR some core + ā„20% sub-elements |
|
|
246
|
+
| **FACILITATES** | Enables/enhances implementation | Facilitation language present, no direct implementation claims |
|
|
247
|
+
| **GOVERNANCE** | Policy/process management | ā„60% governance elements + policy language |
|
|
248
|
+
| **VALIDATES** | Evidence collection & reporting | Audit/monitoring/reporting capabilities present |
|
|
249
|
+
|
|
250
|
+
### Validation Statuses
|
|
251
|
+
|
|
252
|
+
- **SUPPORTED** (70-100%): Evidence strongly supports the claimed capability
|
|
253
|
+
- **QUESTIONABLE** (40-69%): Evidence partially supports but has notable gaps
|
|
254
|
+
- **UNSUPPORTED** (0-39%): Evidence does not adequately support the claim
|
|
255
|
+
|
|
256
|
+
### Usage Examples
|
|
257
|
+
|
|
258
|
+
```bash
|
|
259
|
+
# Validate a FULL coverage claim
|
|
260
|
+
claude-code "Use validate_vendor_mapping for vendor 'AssetMax Pro', safeguard '1.1', claimed capability 'full', with supporting text: 'Our platform provides comprehensive automated discovery, detailed inventory management, and complete asset lifecycle tracking for all enterprise devices including servers, workstations, and network equipment.'"
|
|
261
|
+
|
|
262
|
+
# Validate a FACILITATES claim
|
|
263
|
+
claude-code "Use validate_vendor_mapping for vendor 'ThreatIntel Feed', safeguard '1.1', claimed capability 'facilitates', with supporting text: 'Our threat intelligence service provides supplemental risk data that enriches existing asset management systems, enabling organizations to prioritize asset security based on threat exposure.'"
|
|
264
|
+
|
|
265
|
+
# Validate a questionable claim
|
|
266
|
+
claude-code "Use validate_vendor_mapping for vendor 'BasicTracker', safeguard '1.1', claimed capability 'full', with supporting text: 'We help track computers and provide some visibility into your IT environment.'"
|
|
267
|
+
```
|
|
268
|
+
|
|
188
269
|
## šÆ CIS Controls Coverage
|
|
189
270
|
|
|
190
|
-
|
|
191
|
-
- **
|
|
192
|
-
- **
|
|
193
|
-
- **
|
|
194
|
-
- **6.3** - MFA for Externally-Exposed Applications
|
|
195
|
-
- **7.1** - Vulnerability Management Process
|
|
271
|
+
**Complete CIS Controls v8.1 Framework Implementation**
|
|
272
|
+
- **153 total safeguards** across all 18 controls
|
|
273
|
+
- **Full framework coverage** from Controls 1-18
|
|
274
|
+
- **Comprehensive vendor analysis** capability for all CIS safeguards
|
|
196
275
|
|
|
197
|
-
|
|
276
|
+
### Current Version Highlights
|
|
277
|
+
- ā
**All 18 Controls** implemented (Enterprise Assets through Penetration Testing)
|
|
278
|
+
- ā
**Color-coded element categorization** (Orange/Green/Yellow/Gray)
|
|
279
|
+
- ā
**Enhanced capability detection** (Governance, Facilitates, Coverage, Validates)
|
|
280
|
+
- ā
**Production-ready** vendor analysis for complete compliance assessments
|
|
198
281
|
|
|
199
282
|
## š ļø Development
|
|
200
283
|
|
package/dist/index.d.ts
CHANGED
|
@@ -1,3 +1,31 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
export {
|
|
2
|
+
export declare class GRCAnalysisServer {
|
|
3
|
+
private server;
|
|
4
|
+
constructor();
|
|
5
|
+
private setupToolHandlers;
|
|
6
|
+
private getSafeguardDetails;
|
|
7
|
+
private listAvailableSafeguards;
|
|
8
|
+
private analyzeVendorResponse;
|
|
9
|
+
private validateCoverageClaim;
|
|
10
|
+
private performEnhancedSafeguardAnalysis;
|
|
11
|
+
private calculateKeywordScore;
|
|
12
|
+
private analyzeElementCoverage;
|
|
13
|
+
private analyzeBinaryElementCoverage;
|
|
14
|
+
private extractEnhancedEvidence;
|
|
15
|
+
private generateEnhancedReasoning;
|
|
16
|
+
private generateCapabilityReasoning;
|
|
17
|
+
private validateClaim;
|
|
18
|
+
private validateVendorMapping;
|
|
19
|
+
private validateCapabilityClaim;
|
|
20
|
+
private assessClaimAlignment;
|
|
21
|
+
private hasFacilitationLanguage;
|
|
22
|
+
private hasScopeBoundaries;
|
|
23
|
+
private hasDirectImplementationLanguage;
|
|
24
|
+
private assessImplementationLanguage;
|
|
25
|
+
private assessFacilitationLanguage;
|
|
26
|
+
private assessGovernanceLanguage;
|
|
27
|
+
private assessValidationLanguage;
|
|
28
|
+
private generateValidationFeedback;
|
|
29
|
+
run(): Promise<void>;
|
|
30
|
+
}
|
|
3
31
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAu6KA,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAAS;;IAavB,OAAO,CAAC,iBAAiB;YAiKX,mBAAmB;YA8CnB,uBAAuB;YAuCvB,qBAAqB;YAoBrB,qBAAqB;IA8BnC,OAAO,CAAC,gCAAgC;IAkKxC,OAAO,CAAC,qBAAqB;IAgB7B,OAAO,CAAC,sBAAsB;IA0C9B,OAAO,CAAC,4BAA4B;IAwCpC,OAAO,CAAC,uBAAuB;IA6B/B,OAAO,CAAC,yBAAyB;IA4BjC,OAAO,CAAC,2BAA2B;IAuEnC,OAAO,CAAC,aAAa;YAsFP,qBAAqB;IAyBnC,OAAO,CAAC,uBAAuB;IAqD/B,OAAO,CAAC,oBAAoB;IA4J5B,OAAO,CAAC,uBAAuB;IAS/B,OAAO,CAAC,kBAAkB;IAQ1B,OAAO,CAAC,+BAA+B;IAQvC,OAAO,CAAC,4BAA4B;IAQpC,OAAO,CAAC,0BAA0B;IAQlC,OAAO,CAAC,wBAAwB;IAQhC,OAAO,CAAC,wBAAwB;IAShC,OAAO,CAAC,0BAA0B;IAiC5B,GAAG;CAKV"}
|