npm - ghost-dragon - Versions diffs - 4.2.1 - Mend

ghost-dragon 4.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (226) hide show

package/.github/workflows/ci.yml +23 -0
package/CHANGELOG.md +96 -0
package/README.md +193 -0
package/bootstrap.ps1 +83 -0
package/bootstrap.sh +71 -0
package/dist/agent/loop.d.ts +68 -0
package/dist/agent/loop.d.ts.map +1 -0
package/dist/agent/loop.js +135 -0
package/dist/agent/mcp.d.ts +33 -0
package/dist/agent/mcp.d.ts.map +1 -0
package/dist/agent/mcp.js +107 -0
package/dist/agent/session.d.ts +16 -0
package/dist/agent/session.d.ts.map +1 -0
package/dist/agent/session.js +55 -0
package/dist/agent/skills.d.ts +36 -0
package/dist/agent/skills.d.ts.map +1 -0
package/dist/agent/skills.js +153 -0
package/dist/agent/stack.d.ts +21 -0
package/dist/agent/stack.d.ts.map +1 -0
package/dist/agent/stack.js +158 -0
package/dist/agent/task.d.ts +21 -0
package/dist/agent/task.d.ts.map +1 -0
package/dist/agent/task.js +45 -0
package/dist/agent/tools.d.ts +44 -0
package/dist/agent/tools.d.ts.map +1 -0
package/dist/agent/tools.js +262 -0
package/dist/agent/trace.d.ts +34 -0
package/dist/agent/trace.d.ts.map +1 -0
package/dist/agent/trace.js +72 -0
package/dist/agent.d.ts +46 -0
package/dist/agent.d.ts.map +1 -0
package/dist/agent.js +103 -0
package/dist/auth.d.ts +74 -0
package/dist/auth.d.ts.map +1 -0
package/dist/auth.js +116 -0
package/dist/brain/anthropic.d.ts +19 -0
package/dist/brain/anthropic.d.ts.map +1 -0
package/dist/brain/anthropic.js +74 -0
package/dist/brain/claude-cli.d.ts +20 -0
package/dist/brain/claude-cli.d.ts.map +1 -0
package/dist/brain/claude-cli.js +79 -0
package/dist/brain/ghost-ember.d.ts +28 -0
package/dist/brain/ghost-ember.d.ts.map +1 -0
package/dist/brain/ghost-ember.js +97 -0
package/dist/brain/index.d.ts +22 -0
package/dist/brain/index.d.ts.map +1 -0
package/dist/brain/index.js +95 -0
package/dist/brain/openai-compat.d.ts +21 -0
package/dist/brain/openai-compat.d.ts.map +1 -0
package/dist/brain/openai-compat.js +119 -0
package/dist/brain/router/classify.d.ts +23 -0
package/dist/brain/router/classify.d.ts.map +1 -0
package/dist/brain/router/classify.js +160 -0
package/dist/brain/router/execute.d.ts +23 -0
package/dist/brain/router/execute.d.ts.map +1 -0
package/dist/brain/router/execute.js +84 -0
package/dist/brain/router/index.d.ts +26 -0
package/dist/brain/router/index.d.ts.map +1 -0
package/dist/brain/router/index.js +118 -0
package/dist/brain/router/routing-memory.d.ts +27 -0
package/dist/brain/router/routing-memory.d.ts.map +1 -0
package/dist/brain/router/routing-memory.js +77 -0
package/dist/brain/router/select.d.ts +32 -0
package/dist/brain/router/select.d.ts.map +1 -0
package/dist/brain/router/select.js +146 -0
package/dist/brain/router/two-hop.d.ts +23 -0
package/dist/brain/router/two-hop.d.ts.map +1 -0
package/dist/brain/router/two-hop.js +39 -0
package/dist/brain/router/verify.d.ts +37 -0
package/dist/brain/router/verify.d.ts.map +1 -0
package/dist/brain/router/verify.js +111 -0
package/dist/brain/types.d.ts +55 -0
package/dist/brain/types.d.ts.map +1 -0
package/dist/brain/types.js +16 -0
package/dist/brain/worker.d.ts +27 -0
package/dist/brain/worker.d.ts.map +1 -0
package/dist/brain/worker.js +71 -0
package/dist/commands/ai.d.ts +24 -0
package/dist/commands/ai.d.ts.map +1 -0
package/dist/commands/ai.js +137 -0
package/dist/commands/alerts.d.ts +19 -0
package/dist/commands/alerts.d.ts.map +1 -0
package/dist/commands/alerts.js +114 -0
package/dist/commands/billing.d.ts +13 -0
package/dist/commands/billing.d.ts.map +1 -0
package/dist/commands/billing.js +55 -0
package/dist/commands/chat.d.ts +22 -0
package/dist/commands/chat.d.ts.map +1 -0
package/dist/commands/chat.js +422 -0
package/dist/commands/config.d.ts +18 -0
package/dist/commands/config.d.ts.map +1 -0
package/dist/commands/config.js +136 -0
package/dist/commands/doctor.d.ts +11 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +73 -0
package/dist/commands/global.d.ts +11 -0
package/dist/commands/global.d.ts.map +1 -0
package/dist/commands/global.js +253 -0
package/dist/commands/keep.d.ts +12 -0
package/dist/commands/keep.d.ts.map +1 -0
package/dist/commands/keep.js +58 -0
package/dist/commands/lifecycle.d.ts +17 -0
package/dist/commands/lifecycle.d.ts.map +1 -0
package/dist/commands/lifecycle.js +267 -0
package/dist/commands/login.d.ts +16 -0
package/dist/commands/login.d.ts.map +1 -0
package/dist/commands/login.js +234 -0
package/dist/commands/maintenance.d.ts +12 -0
package/dist/commands/maintenance.d.ts.map +1 -0
package/dist/commands/maintenance.js +76 -0
package/dist/commands/mcp.d.ts +16 -0
package/dist/commands/mcp.d.ts.map +1 -0
package/dist/commands/mcp.js +56 -0
package/dist/commands/memory.d.ts +13 -0
package/dist/commands/memory.d.ts.map +1 -0
package/dist/commands/memory.js +218 -0
package/dist/commands/osint.d.ts +14 -0
package/dist/commands/osint.d.ts.map +1 -0
package/dist/commands/osint.js +161 -0
package/dist/commands/pentest.d.ts +13 -0
package/dist/commands/pentest.d.ts.map +1 -0
package/dist/commands/pentest.js +131 -0
package/dist/commands/scale.d.ts +14 -0
package/dist/commands/scale.d.ts.map +1 -0
package/dist/commands/scale.js +191 -0
package/dist/commands/serve.d.ts +16 -0
package/dist/commands/serve.d.ts.map +1 -0
package/dist/commands/serve.js +167 -0
package/dist/commands/tui.d.ts +17 -0
package/dist/commands/tui.d.ts.map +1 -0
package/dist/commands/tui.js +138 -0
package/dist/commands/wyrm.d.ts +20 -0
package/dist/commands/wyrm.d.ts.map +1 -0
package/dist/commands/wyrm.js +274 -0
package/dist/config.d.ts +67 -0
package/dist/config.d.ts.map +1 -0
package/dist/config.js +54 -0
package/dist/index.d.ts +16 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +85 -0
package/dist/manifest.d.ts +31 -0
package/dist/manifest.d.ts.map +1 -0
package/dist/manifest.js +83 -0
package/dist/ui.d.ts +57 -0
package/dist/ui.d.ts.map +1 -0
package/dist/ui.js +174 -0
package/dist/utils.d.ts +33 -0
package/dist/utils.d.ts.map +1 -0
package/dist/utils.js +155 -0
package/dist/wyrm/mcp.d.ts +37 -0
package/dist/wyrm/mcp.d.ts.map +1 -0
package/dist/wyrm/mcp.js +137 -0
package/docs/SYSTEM-PREMORTEM.md +397 -0
package/dragon-manifest.toml +241 -0
package/dragon.py +177 -0
package/install/launchd/lk.ghosts.dragonkeep.plist +57 -0
package/install/systemd/dragonkeep.service +40 -0
package/media/dragon-silver-lockup.svg +931 -0
package/media/dragon-silver-mark.svg +931 -0
package/media/dragon-silver.png +0 -0
package/package.json +45 -0
package/specs/001-godmode/constitution.md +54 -0
package/specs/001-godmode/plan.md +30 -0
package/specs/001-godmode/spec.md +64 -0
package/specs/001-godmode/tasks.md +35 -0
package/specs/002-premortem-positioning/premortem.md +211 -0
package/src/agent/loop.ts +165 -0
package/src/agent/mcp.ts +92 -0
package/src/agent/session.ts +48 -0
package/src/agent/skills.ts +138 -0
package/src/agent/stack.ts +154 -0
package/src/agent/task.ts +55 -0
package/src/agent/tools.ts +255 -0
package/src/agent/trace.ts +76 -0
package/src/agent.ts +114 -0
package/src/auth.ts +133 -0
package/src/brain/anthropic.ts +83 -0
package/src/brain/claude-cli.ts +78 -0
package/src/brain/ghost-ember.ts +94 -0
package/src/brain/index.ts +99 -0
package/src/brain/openai-compat.ts +115 -0
package/src/brain/router/classify.ts +167 -0
package/src/brain/router/execute.ts +80 -0
package/src/brain/router/index.ts +125 -0
package/src/brain/router/routing-memory.ts +71 -0
package/src/brain/router/select.ts +156 -0
package/src/brain/router/two-hop.ts +62 -0
package/src/brain/router/verify.ts +123 -0
package/src/brain/types.ts +61 -0
package/src/brain/worker.ts +72 -0
package/src/commands/ai.ts +144 -0
package/src/commands/alerts.ts +131 -0
package/src/commands/billing.ts +59 -0
package/src/commands/chat.ts +318 -0
package/src/commands/config.ts +137 -0
package/src/commands/doctor.ts +71 -0
package/src/commands/global.ts +256 -0
package/src/commands/keep.ts +67 -0
package/src/commands/lifecycle.ts +273 -0
package/src/commands/login.ts +184 -0
package/src/commands/maintenance.ts +54 -0
package/src/commands/mcp.ts +57 -0
package/src/commands/memory.ts +229 -0
package/src/commands/osint.ts +171 -0
package/src/commands/pentest.ts +140 -0
package/src/commands/scale.ts +185 -0
package/src/commands/serve.ts +171 -0
package/src/commands/tui.ts +126 -0
package/src/commands/wyrm.ts +269 -0
package/src/config.ts +93 -0
package/src/index.ts +92 -0
package/src/manifest.ts +104 -0
package/src/ui.ts +188 -0
package/src/utils.ts +153 -0
package/src/wyrm/mcp.ts +130 -0
package/test/auth.test.ts +70 -0
package/test/brain.test.ts +39 -0
package/test/security.test.ts +104 -0
package/test/skills.test.ts +38 -0
package/test/ui.test.ts +46 -0
package/tsconfig.json +19 -0
package/worker/package-lock.json +1527 -0
package/worker/package.json +17 -0
package/worker/src/index.ts +76 -0
package/worker/tsconfig.json +15 -0
package/worker/wrangler.toml +26 -0

package/dist/commands/mcp.js ADDED Viewed

@@ -0,0 +1,56 @@
+/**
+ * dragon mcp — manage extra MCP servers wired into the agent.
+ *
+ *   dragon mcp add <name> <command> [args...]   # e.g. dragon mcp add fs npx -- -y @modelcontextprotocol/server-filesystem ~/code
+ *   dragon mcp list
+ *   dragon mcp remove <name>
+ *
+ * Configured servers connect on `dragon chat` and their tools become agent tools
+ * (namespaced <server>__<tool>). Wyrm is built-in and not managed here.
+ *
+ * Copyright 2026 Ghost Protocol (Pvt) Ltd. All Rights Reserved.
+ */
+import { loadConfig, saveConfig } from '../config.js';
+import { C, success, error, info } from '../utils.js';
+import { panel, chrome, statusDot } from '../ui.js';
+export function registerMcpCommands(program, _config) {
+    const mcp = program.command('mcp').description('Manage MCP servers wired into the agent');
+    mcp
+        .command('add <name> <command> [args...]')
+        .description('Add an MCP server (stdio). Args after the command are passed to it.')
+        .action((name, command, args = []) => {
+        const c = loadConfig();
+        c.mcpServers = { ...(c.mcpServers ?? {}), [name]: { command, args } };
+        saveConfig(c);
+        success(`mcp server "${name}" added → ${command} ${args.join(' ')}`);
+        info('it connects on `dragon chat`; its tools appear namespaced as ' + C.info(`${name}__<tool>`));
+    });
+    mcp
+        .command('remove <name>')
+        .description('Remove a configured MCP server')
+        .action((name) => {
+        const c = loadConfig();
+        if (!c.mcpServers?.[name]) {
+            error(`no MCP server named "${name}"`);
+            process.exitCode = 1;
+            return;
+        }
+        delete c.mcpServers[name];
+        saveConfig(c);
+        success(`removed "${name}"`);
+    });
+    mcp
+        .command('list')
+        .description('List configured MCP servers')
+        .action(() => {
+        const servers = loadConfig().mcpServers ?? {};
+        const names = Object.keys(servers);
+        const lines = names.length
+            ? names.map((n) => `${statusDot(true)} ${C.info(n.padEnd(12))} ${C.faint(servers[n].command + ' ' + (servers[n].args ?? []).join(' '))}`)
+            : [C.faint('none — add one with `dragon mcp add <name> <command> [args...]`')];
+        lines.push('', C.faint('Wyrm memory is built-in (not listed here).'));
+        console.log();
+        console.log(panel(lines, { title: chrome('MCP SERVERS') }));
+    });
+}
+//# sourceMappingURL=mcp.js.map

package/dist/commands/memory.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+/**
+ * dragon memory — Phantom Memory (the moat)
+ *
+ * - memory list                  — every known target with summary
+ * - memory show <target>         — full dossier
+ * - memory context <target>      — plaintext brain-context prompt
+ * - memory reindex               — rebuild memory from reports/
+ * - memory verify                — diff reports/ vs Phantom Memory
+ */
+import type { Command } from 'commander';
+import type { DragonConfig } from '../config.js';
+export declare function registerMemoryCommands(program: Command, config: DragonConfig): void;
+//# sourceMappingURL=memory.d.ts.map

package/dist/commands/memory.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../src/commands/memory.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAqBhD,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,QAoM5E"}

package/dist/commands/memory.js ADDED Viewed

@@ -0,0 +1,218 @@
+/**
+ * dragon memory — Phantom Memory (the moat)
+ *
+ * - memory list                  — every known target with summary
+ * - memory show <target>         — full dossier
+ * - memory context <target>      — plaintext brain-context prompt
+ * - memory reindex               — rebuild memory from reports/
+ * - memory verify                — diff reports/ vs Phantom Memory
+ */
+import { fetchJSON, label, success, error, info, warn, table } from '../utils.js';
+import chalk from 'chalk';
+function api(config, path) {
+    const port = config.products.pentest.controlPort ?? 4091;
+    return `http://localhost:${port}${path}`;
+}
+export function registerMemoryCommands(program, config) {
+    const mem = program.command('memory').description('Phantom Memory — persistent engagement memory');
+    // --- list ---
+    mem
+        .command('list')
+        .description('List every target Phantom Memory has ever touched')
+        .action(async () => {
+        console.log(label('Phantom Memory'), 'Known targets:\n');
+        try {
+            const d = await fetchJSON(api(config, '/v1/memory'));
+            if (d.targets.length === 0) {
+                info('No targets in memory yet — run a scan to seed.');
+                return;
+            }
+            table(d.targets.map((t) => ({
+                Target: t.display,
+                Scans: String(t.scan_count),
+                Findings: String(t.latest_findings ?? '—'),
+                Risk: t.latest_risk ?? '—',
+                OSINT: String(t.osint_count),
+                Entities: String(t.entity_count),
+                Creds: String(t.cred_count),
+                'Last seen': new Date(t.last_seen_at).toLocaleDateString(),
+            })));
+        }
+        catch (e) {
+            error('Could not reach control_api. Is PhantomDragon Control running? `dragon serve`');
+            info(String(e));
+        }
+    });
+    // --- show ---
+    mem
+        .command('show <target>')
+        .description('Full memory dossier on a target')
+        .action(async (target) => {
+        console.log(label('Phantom Memory'), `Dossier on ${chalk.white(target)}\n`);
+        try {
+            const d = await fetchJSON(api(config, `/v1/memory/target/${encodeURIComponent(target)}`));
+            if (!d.exists) {
+                info(`No memory for ${target} yet.`);
+                return;
+            }
+            const s = d.summary;
+            info(`First seen ${d.first_seen_at}, last touched ${d.last_seen_at}`);
+            info(`${s.scan_count} scans · ${s.persistent_finding_count} persistent findings · ${s.tech_count} techs · ${s.investigation_count} OSINT investigations · ${s.entity_count} entities · ${s.credential_exposure_count} cred exposures\n`);
+            if (d.scans?.length) {
+                console.log(chalk.dim('── Scans ──'));
+                table(d.scans.slice(0, 5).map((sc) => ({
+                    ID: sc.scan_id.slice(-22),
+                    Mode: sc.mode || '?',
+                    Findings: String(sc.total_findings),
+                    Critical: String(sc.severity_counts?.CRITICAL ?? 0),
+                    High: String(sc.severity_counts?.HIGH ?? 0),
+                    Risk: sc.risk_rating ?? '?',
+                    Started: sc.started_at?.slice(0, 16) ?? '?',
+                })));
+                console.log();
+            }
+            if (d.persistent_findings?.length) {
+                console.log(chalk.dim('── Persistent findings (≥2 scans) ──'));
+                d.persistent_findings.slice(0, 10).forEach((f) => {
+                    console.log(`  ${chalk.bold(f.severity?.padEnd(8))} ${f.title}  ${chalk.dim('· ' + f.category)}`);
+                });
+                console.log();
+            }
+            if (d.new_findings?.length) {
+                console.log(chalk.red('── Regressions (new in latest scan) ──'));
+                d.new_findings.slice(0, 8).forEach((f) => {
+                    console.log(`  ${chalk.red(f.severity?.padEnd(8))} ${f.title}`);
+                });
+                console.log();
+            }
+            if (d.resolved_findings?.length) {
+                console.log(chalk.green('── Resolved (vs prior scan) ──'));
+                d.resolved_findings.slice(0, 8).forEach((f) => {
+                    console.log(`  ${chalk.green(f.severity?.padEnd(8))} ${f.title}`);
+                });
+                console.log();
+            }
+            if (d.tech_observations?.length) {
+                console.log(chalk.dim('── Tech observations ──'));
+                console.log('  ' + d.tech_observations.map((t) => `${t.tech}×${t.occurrences}`).join(', '));
+                console.log();
+            }
+            if (d.osint_entity_type_counts && Object.keys(d.osint_entity_type_counts).length) {
+                console.log(chalk.dim('── OSINT entities by type ──'));
+                console.log('  ' + Object.entries(d.osint_entity_type_counts)
+                    .sort((a, b) => b[1] - a[1])
+                    .map(([t, n]) => `${t}×${n}`).join(', '));
+            }
+        }
+        catch (e) {
+            error('Fetch failed.');
+            info(String(e));
+        }
+    });
+    // --- context ---
+    mem
+        .command('context <target>')
+        .description('Plaintext brain-context prompt for the AI brain')
+        .action(async (target) => {
+        try {
+            const port = config.products.pentest.controlPort ?? 4091;
+            const res = await fetch(`http://localhost:${port}/v1/memory/target/${encodeURIComponent(target)}/context`);
+            if (!res.ok) {
+                error(`HTTP ${res.status}`);
+                return;
+            }
+            const txt = await res.text();
+            console.log(txt);
+        }
+        catch (e) {
+            error('Could not reach control_api.');
+            info(String(e));
+        }
+    });
+    // --- reindex ---
+    mem
+        .command('reindex')
+        .description('Rebuild Phantom Memory from reports/ directory')
+        .action(async () => {
+        console.log(label('Phantom Memory'), 'Reindexing...\n');
+        try {
+            const port = config.products.pentest.controlPort ?? 4091;
+            const res = await fetch(`http://localhost:${port}/v1/memory/reindex`, { method: 'POST' });
+            if (!res.ok) {
+                error(`HTTP ${res.status}`);
+                return;
+            }
+            const d = await res.json();
+            success(`Ingested ${d.scans_ingested} scans (skipped ${d.skipped})`);
+        }
+        catch (e) {
+            error('Reindex failed.');
+            info(String(e));
+        }
+    });
+    // --- copilot ---
+    mem
+        .command('copilot <target>')
+        .description('What next? — rule-based suggestions from Phantom Memory state')
+        .action(async (target) => {
+        try {
+            const d = await fetchJSON(api(config, `/v1/memory/target/${encodeURIComponent(target)}/copilot`));
+            console.log(label('Dragon Copilot'), `Next actions for ${chalk.white(target)}:\n`);
+            d.suggestions.forEach((s) => {
+                const icon = s.verb === 'alert' ? chalk.red('▲') :
+                    s.verb === 'scan' ? chalk.green('▶') :
+                        s.verb === 'osint' ? chalk.cyan('🔍') :
+                            chalk.dim('●');
+                console.log(`  ${icon} ${chalk.bold(s.title)}`);
+                console.log(`    ${chalk.dim(s.rationale)}`);
+                console.log(`    ${chalk.cyan('$')} ${s.command}\n`);
+            });
+        }
+        catch (e) {
+            error('Copilot fetch failed.');
+            info(String(e));
+        }
+    });
+    // --- brief ---
+    mem
+        .command('brief <target>')
+        .description('Generate client-deliverable engagement brief (Markdown)')
+        .option('--as-of <date>', 'Time-travel: brief as of given ISO date')
+        .action(async (target, opts) => {
+        try {
+            const port = config.products.pentest.controlPort ?? 4091;
+            const params = new URLSearchParams();
+            if (opts.asOf)
+                params.set('as_of', opts.asOf);
+            const url = `http://localhost:${port}/v1/memory/target/${encodeURIComponent(target)}/brief${params.size ? `?${params}` : ''}`;
+            const res = await fetch(url);
+            if (!res.ok) {
+                error(`HTTP ${res.status}`);
+                return;
+            }
+            const md = await res.text();
+            process.stdout.write(md);
+        }
+        catch (e) {
+            error('Brief fetch failed.');
+            info(String(e));
+        }
+    });
+    // --- verify ---
+    mem
+        .command('verify')
+        .description('Diff reports/ vs Phantom Memory (TODO: full implementation; for now triggers reindex)')
+        .action(async () => {
+        warn('Full diff verification is a deferred feature. Triggering reindex as the safe surrogate.');
+        try {
+            const port = config.products.pentest.controlPort ?? 4091;
+            const res = await fetch(`http://localhost:${port}/v1/memory/reindex`, { method: 'POST' });
+            const d = await res.json();
+            info(`Reindex result: ${d.scans_ingested} scans ingested, ${d.skipped} skipped.`);
+        }
+        catch (e) {
+            error(String(e));
+        }
+    });
+}
+//# sourceMappingURL=memory.js.map

package/dist/commands/osint.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * dragon osint — DragonNet OSINT Investigation Platform
+ *
+ * - osint open <target>        — open a new investigation seeded with target
+ * - osint list                 — list known investigations
+ * - osint show <id>            — fetch entities + edges for an investigation
+ * - osint search <q>           — cross-investigation entity search
+ * - osint serve                — start the DragonNet API + dashboard
+ * - osint legal-posture <jdx>  — print per-collector legal posture
+ */
+import type { Command } from 'commander';
+import type { DragonConfig } from '../config.js';
+export declare function registerOsintCommands(program: Command, config: DragonConfig): void;
+//# sourceMappingURL=osint.d.ts.map

package/dist/commands/osint.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"osint.d.ts","sourceRoot":"","sources":["../../src/commands/osint.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAoChD,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,QA0H3E"}

package/dist/commands/osint.js ADDED Viewed

@@ -0,0 +1,161 @@
+/**
+ * dragon osint — DragonNet OSINT Investigation Platform
+ *
+ * - osint open <target>        — open a new investigation seeded with target
+ * - osint list                 — list known investigations
+ * - osint show <id>            — fetch entities + edges for an investigation
+ * - osint search <q>           — cross-investigation entity search
+ * - osint serve                — start the DragonNet API + dashboard
+ * - osint legal-posture <jdx>  — print per-collector legal posture
+ */
+import { getProductPath } from '../config.js';
+import { run, fetchJSON, label, success, error, info, warn, table } from '../utils.js';
+import chalk from 'chalk';
+function api(config, path) {
+    const port = config.products.net.apiPort ?? 4080;
+    return `http://localhost:${port}${path}`;
+}
+function ui(config, path) {
+    const port = config.products.net.uiPort ?? 4081;
+    return `http://localhost:${port}${path}`;
+}
+const LEGAL_POSTURES = {
+    lk: {
+        TORWATCH: "defensible if seeds are public services and operator records authorization (CCA 2007)",
+        PASTEDRAGNET: "defensible (public paste sites only)",
+        TELEGAZER: "defensible (public previews only); GDPR if EU subjects appear",
+        NIGHTGLASS: "operator-bears-responsibility; corpus provenance required",
+    },
+    us: {
+        TORWATCH: "defensible under CFAA if no authentication is bypassed; document seeds",
+        PASTEDRAGNET: "defensible (public surface)",
+        TELEGAZER: "defensible (public previews)",
+        NIGHTGLASS: "operator-bears-responsibility; possessing breach data is grey-area",
+    },
+    eu: {
+        TORWATCH: "defensible; GDPR data-controller obligations apply on EU subjects",
+        PASTEDRAGNET: "defensible; honour right-to-erasure",
+        TELEGAZER: "defensible; GDPR data-controller obligations apply",
+        NIGHTGLASS: "operator-bears-responsibility; GDPR retention rules apply",
+    },
+};
+export function registerOsintCommands(program, config) {
+    const osint = program.command('osint').description('DragonNet — OSINT investigations (no external API deps)');
+    // --- open ---
+    osint
+        .command('open <target>')
+        .description('Open a new DragonNet investigation seeded with the target (opens browser)')
+        .action(async (target) => {
+        const url = ui(config, `/?seed_target=${encodeURIComponent(target)}&autocreate=1`);
+        console.log(label('DragonNet'), `Opening investigation seeded with ${chalk.white(target)}`);
+        console.log(`  → ${chalk.dim(url)}`);
+        // Best-effort open in browser
+        const opener = process.platform === 'darwin' ? 'open' :
+            process.platform === 'win32' ? 'start' : 'xdg-open';
+        try {
+            await run(opener, [url], process.cwd());
+        }
+        catch { /* no opener */ }
+        success('Browser launched (or URL printed)');
+    });
+    // --- list ---
+    osint
+        .command('list')
+        .description('List investigations (requires DragonNet API auth via browser session)')
+        .action(async () => {
+        console.log(label('DragonNet'), 'Investigations:\n');
+        try {
+            const d = await fetchJSON(api(config, '/v1/investigations'));
+            if (d.investigations.length === 0) {
+                info('No investigations yet — try: dragon osint open <target>');
+                return;
+            }
+            table(d.investigations.map((i) => ({
+                ID: i.id.slice(-12),
+                Name: i.name,
+                Status: i.status,
+                Created: new Date(i.created_at).toLocaleDateString(),
+            })));
+        }
+        catch (e) {
+            error('Could not reach DragonNet API. Is it running? `dragon osint serve`');
+            info(String(e));
+        }
+    });
+    // --- show ---
+    osint
+        .command('show <id>')
+        .description('Show an investigation graph summary (entities + edges)')
+        .action(async (id) => {
+        console.log(label('DragonNet'), `Investigation ${chalk.white(id.slice(-8))}\n`);
+        try {
+            const d = await fetchJSON(api(config, `/v1/entities/investigation/${id}/graph`));
+            info(`Entities: ${d.counts.entities}  Edges: ${d.counts.edges}`);
+            const byType = {};
+            for (const e of d.entities)
+                byType[e.type] = (byType[e.type] ?? 0) + 1;
+            Object.entries(byType).sort((a, b) => b[1] - a[1]).forEach(([t, n]) => {
+                console.log(`  ${chalk.green(t.padEnd(20))} ${n}`);
+            });
+        }
+        catch (e) {
+            error('Fetch failed (auth required, or DragonNet API offline).');
+            info(String(e));
+        }
+    });
+    // --- search ---
+    osint
+        .command('search <q>')
+        .description('Cross-investigation entity search')
+        .option('-t, --type <type>', 'Filter by entity type')
+        .action(async (q, opts) => {
+        const params = new URLSearchParams({ q, limit: '50' });
+        if (opts.type)
+            params.set('type', opts.type);
+        console.log(label('DragonNet'), `Searching for: ${chalk.white(q)}\n`);
+        try {
+            const d = await fetchJSON(api(config, `/v1/entities/search?${params}`));
+            if (d.results.length === 0) {
+                info('No hits');
+                return;
+            }
+            table(d.results.map((r) => ({
+                Type: r.type,
+                Name: r.display_name,
+                Investigation: r.investigation_name,
+                Created: new Date(r.created_at).toLocaleDateString(),
+            })));
+        }
+        catch (e) {
+            error('Search failed (auth required, or DragonNet API offline).');
+            info(String(e));
+        }
+    });
+    // --- serve ---
+    osint
+        .command('serve')
+        .description('Start DragonNet API + dashboard (foreground; Ctrl-C to stop)')
+        .action(async () => {
+        const path = getProductPath(config, 'net');
+        console.log(label('DragonNet'), 'Starting API + dashboard...\n');
+        info(`API:       http://localhost:${config.products.net.apiPort}`);
+        info(`Dashboard: http://localhost:${config.products.net.uiPort}\n`);
+        await run('pnpm', ['dev'], path);
+    });
+    // --- legal-posture ---
+    osint
+        .command('legal-posture [jurisdiction]')
+        .description('Print per-collector legal posture for a jurisdiction (lk|us|eu)')
+        .action((jurisdiction = 'lk') => {
+        const jdx = jurisdiction.toLowerCase();
+        const postures = LEGAL_POSTURES[jdx];
+        if (!postures) {
+            error(`Unknown jurisdiction "${jdx}". Supported: ${Object.keys(LEGAL_POSTURES).join(', ')}`);
+            return;
+        }
+        console.log(label('Legal Posture'), `Jurisdiction: ${chalk.white(jdx.toUpperCase())}\n`);
+        table(Object.entries(postures).map(([k, v]) => ({ Collector: k, Posture: v })));
+        warn('This is not legal advice. The operator is responsible for compliance in their jurisdiction.');
+    });
+}
+//# sourceMappingURL=osint.js.map

package/dist/commands/pentest.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+/**
+ * dragon pentest — PhantomDragon Penetration Testing
+ *
+ * Manages security scans:
+ * - Run scans against targets
+ * - View/export reports
+ * - Update payloads
+ * - Configure scan profiles
+ */
+import type { Command } from 'commander';
+import type { DragonConfig } from '../config.js';
+export declare function registerPentestCommands(program: Command, config: DragonConfig): void;
+//# sourceMappingURL=pentest.d.ts.map

package/dist/commands/pentest.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"pentest.d.ts","sourceRoot":"","sources":["../../src/commands/pentest.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAOhD,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,QAyH7E"}

package/dist/commands/pentest.js ADDED Viewed

@@ -0,0 +1,131 @@
+/**
+ * dragon pentest — PhantomDragon Penetration Testing
+ *
+ * Manages security scans:
+ * - Run scans against targets
+ * - View/export reports
+ * - Update payloads
+ * - Configure scan profiles
+ */
+import { getProductPath } from '../config.js';
+import { run, label, success, error, info } from '../utils.js';
+import chalk from 'chalk';
+import { existsSync, readdirSync } from 'fs';
+import { join } from 'path';
+export function registerPentestCommands(program, config) {
+    const pentest = program
+        .command('pentest')
+        .description('PhantomDragon — Web application security scanner');
+    // --- scan ---
+    pentest
+        .command('scan <target>')
+        .description('Run a security scan against a target URL')
+        .option('-p, --profile <profile>', 'Scan profile: quick|standard|full|api_only|auth_only', 'standard')
+        .option('-m, --mode <mode>', 'Scan mode: safe|standard|aggressive|chaos', 'safe')
+        .option('-o, --output <dir>', 'Output directory for reports')
+        .option('--no-spider', 'Skip crawling/spidering')
+        .action(async (target, opts) => {
+        const path = getProductPath(config, 'pentest');
+        console.log(label('PhantomDragon'), `Scanning ${chalk.white(target)}`);
+        console.log(`  Profile: ${chalk.dim(opts.profile)}  Mode: ${chalk.dim(opts.mode)}\n`);
+        const args = ['phantomdragon.py', '-t', target, '--profile', opts.profile, '--mode', opts.mode];
+        if (opts.output)
+            args.push('-o', opts.output);
+        if (opts.noSpider === false)
+            args.push('--no-spider');
+        const code = await run('python3', args, path);
+        code === 0 ? success('Scan complete') : error(`Scan failed (exit ${code})`);
+    });
+    // --- quick ---
+    pentest
+        .command('quick <target>')
+        .description('Quick scan (shortcut for --profile quick --mode safe)')
+        .action(async (target) => {
+        const path = getProductPath(config, 'pentest');
+        console.log(label('PhantomDragon'), `Quick scan: ${chalk.white(target)}\n`);
+        const code = await run('python3', ['phantomdragon.py', '-t', target, '--profile', 'quick', '--mode', 'safe'], path);
+        code === 0 ? success('Quick scan complete') : error(`Scan failed (exit ${code})`);
+    });
+    // --- reports ---
+    pentest
+        .command('reports')
+        .description('List generated reports')
+        .action(async () => {
+        const path = getProductPath(config, 'pentest');
+        const reportsDir = join(path, 'reports');
+        if (!existsSync(reportsDir)) {
+            info('No reports directory');
+            return;
+        }
+        console.log(label('PhantomDragon'), 'Reports:\n');
+        const entries = readdirSync(reportsDir, { withFileTypes: true });
+        const dirs = entries.filter(e => e.isDirectory()).sort((a, b) => b.name.localeCompare(a.name));
+        const files = entries.filter(e => e.isFile() && e.name.endsWith('.md'));
+        for (const d of dirs) {
+            console.log(`  ${chalk.green('📁')} ${d.name}`);
+        }
+        for (const f of files) {
+            console.log(`  ${chalk.dim('📄')} ${f.name}`);
+        }
+        if (dirs.length === 0 && files.length === 0) {
+            info('No reports found');
+        }
+    });
+    // --- payloads ---
+    pentest
+        .command('payloads')
+        .description('Show payload statistics')
+        .action(async () => {
+        const path = getProductPath(config, 'pentest');
+        const payloadsDir = join(path, 'payloads');
+        if (!existsSync(payloadsDir)) {
+            info('No payloads directory');
+            return;
+        }
+        console.log(label('PhantomDragon'), 'Payload inventory:\n');
+        const categories = readdirSync(payloadsDir, { withFileTypes: true }).filter(e => e.isDirectory());
+        const { readFileSync: rf } = await import('fs');
+        let total = 0;
+        for (const cat of categories) {
+            const catPath = join(payloadsDir, cat.name);
+            const files = readdirSync(catPath).filter(f => f.endsWith('.txt') || f.endsWith('.json'));
+            let count = 0;
+            for (const f of files) {
+                try {
+                    // Safe line count — no shell interpolation of filename
+                    const body = rf(join(catPath, f), 'utf-8');
+                    count += body.length === 0 ? 0 : body.split('\n').length;
+                }
+                catch { /* skip */ }
+            }
+            total += count;
+            console.log(`  ${chalk.green(cat.name.padEnd(20))} ${chalk.white(String(count).padStart(5))} payloads  ${chalk.dim(`(${files.length} files)`)}`);
+        }
+        console.log(chalk.dim(`\n  Total: ${total} payloads`));
+    });
+    // --- config ---
+    pentest
+        .command('config')
+        .description('Show current scan configuration')
+        .action(async () => {
+        const path = getProductPath(config, 'pentest');
+        const configFile = join(path, 'config/pentest.json');
+        if (!existsSync(configFile)) {
+            error('Config not found: config/pentest.json');
+            return;
+        }
+        console.log(label('PhantomDragon'), 'Configuration:\n');
+        await run('cat', [configFile], path);
+    });
+    // --- update ---
+    pentest
+        .command('update')
+        .description('Update PhantomDragon (git pull)')
+        .action(async () => {
+        const path = getProductPath(config, 'pentest');
+        console.log(label('PhantomDragon'), 'Updating...\n');
+        const code = await run('git', ['pull', '--rebase'], path);
+        code === 0 ? success('Updated') : error(`Update failed (exit ${code})`);
+    });
+}
+//# sourceMappingURL=pentest.js.map

package/dist/commands/scale.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * dragon scale — DragonScale Commerce Platform management
+ *
+ * Manages Upalis/DragonScale deployments:
+ * - Status & health checks via API
+ * - Order management
+ * - Menu management
+ * - Database operations (backup, seed)
+ * - Deployment (pull, update)
+ */
+import type { Command } from 'commander';
+import type { DragonConfig } from '../config.js';
+export declare function registerScaleCommands(program: Command, config: DragonConfig): void;
+//# sourceMappingURL=scale.d.ts.map

package/dist/commands/scale.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"scale.d.ts","sourceRoot":"","sources":["../../src/commands/scale.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAOhD,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,QAqK3E"}