hackmyagent-core 0.2.2 → 0.3.0

package/README.md

@@ -1,17 +1,23 @@
-# HackMyAgent
-
-> **AI Agent Security Scanner** — Detect exposed MCP servers, leaked API keys, and vulnerable Claude Code configurations. Free, no signup required.
+# HackMyAgent CLI
 
 [![npm version](https://img.shields.io/npm/v/hackmyagent.svg)](https://www.npmjs.com/package/hackmyagent)
 [![License: Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
+**Part of [OpenA2A](https://opena2a.org)** — open-source security for AI agents
+
 **Website:** [hackmyagent.com](https://hackmyagent.com) — Scan external infrastructure for exposed MCP endpoints, configs, and credentials
 
+## Disclaimer
+
+HackMyAgent performs passive reconnaissance only (port checks and HTTP requests) — it does not exploit vulnerabilities. However, please only scan systems you own or have permission to test. The authors assume no liability for misuse of this tool.
+
 ```bash
 npx hackmyagent check @publisher/skill     # verify a skill before installing
 npx hackmyagent secure                      # harden your agent setup (100 checks)
 npx hackmyagent secure --fix                # auto-fix security issues
 npx hackmyagent scan example.com            # scan for exposed infrastructure
+npx hackmyagent attack --local              # red team with 55 attack payloads
+npx hackmyagent benchmark --benchmark oasb-1  # run OASB-1 security benchmark
 ```
 
 ## Two Ways to Scan
@@ -26,7 +32,7 @@ npx hackmyagent scan example.com            # scan for exposed infrastructure
 AI agents are powerful but introduce new attack surfaces. Skills can be malicious. Configs can leak secrets. MCP servers can be exposed. HackMyAgent helps you:
 
 - **Check** skills before installing (publisher verification, permission analysis)
-- **Secure** your agent setup (100-point CIS-style security scan, auto-remediation)
+- **Secure** your agent setup (100-point CIS security scan, auto-remediation)
 - **Scan** external infrastructure (exposed MCP endpoints, leaked configs)
 
 ## Installation
@@ -108,6 +114,8 @@ hackmyagent check @publisher/skill --offline  # skip DNS verification
 - Permissions requested (filesystem, network, shell access)
 - Revocation status against global blocklist
 
+**Note:** Only scan systems you own or have permission to test.
+
 **Risk Levels:** `low`, `medium`, `high`, `critical`
 
 ### `hackmyagent scan`
@@ -129,6 +137,128 @@ hackmyagent scan example.com --json
 
 **Scoring:** A (90-100), B (80-89), C (70-79), D (60-69), F (<60)
 
+### `hackmyagent attack`
+
+Red team your AI agent with adversarial security testing. 55 attack payloads across 5 categories.
+
+```bash
+# Local simulation (no API calls - test payloads locally)
+hackmyagent attack --local
+hackmyagent attack --local --system-prompt "You are a helpful assistant"
+
+# Test an API endpoint
+hackmyagent attack https://api.example.com/v1/chat
+hackmyagent attack https://api.example.com --api-format anthropic
+
+# Filter by category or intensity
+hackmyagent attack --local --category prompt-injection
+hackmyagent attack --local --intensity aggressive
+
+# Output formats
+hackmyagent attack --local -f json
+hackmyagent attack --local -f sarif -o results.sarif
+
+# Verbose mode (show each payload result)
+hackmyagent attack --local --verbose
+```
+
+**Attack Categories:**
+
+| Category | Payloads | Description |
+|----------|----------|-------------|
+| `prompt-injection` | 12 | Manipulate agent behavior via malicious input |
+| `jailbreak` | 12 | Bypass safety guardrails and restrictions |
+| `data-exfiltration` | 11 | Extract sensitive information from the agent |
+| `capability-abuse` | 10 | Misuse agent tools and capabilities |
+| `context-manipulation` | 10 | Poison agent context or memory |
+
+**Intensity Levels:**
+
+| Level | Description |
+|-------|-------------|
+| `passive` | Observation only, minimal risk |
+| `active` | Standard attack payloads (default) |
+| `aggressive` | Creative/risky payloads, full suite |
+
+**Output Formats:**
+- `text` - Human-readable report (default)
+- `json` - Machine-readable JSON
+- `sarif` - SARIF 2.1.0 for GitHub Security tab integration
+
+**Risk Scoring:**
+- 0-24: LOW - Minor issues, agent is reasonably secure
+- 25-49: MEDIUM - Some vulnerabilities, review recommended
+- 50-69: HIGH - Significant vulnerabilities, action required
+- 70-100: CRITICAL - Severe vulnerabilities, immediate action needed
+
+### `hackmyagent benchmark`
+
+Run the OASB-1 (OpenA2A Security Benchmark) against your agent configuration.
+
+```bash
+# Run benchmark
+hackmyagent benchmark --benchmark oasb-1
+
+# Target specific directory
+hackmyagent benchmark --benchmark oasb-1 ./my-project
+
+# Output formats
+hackmyagent benchmark --benchmark oasb-1 -f json
+hackmyagent benchmark --benchmark oasb-1 -f sarif -o results.sarif
+hackmyagent benchmark --benchmark oasb-1 -f html -o report.html
+hackmyagent benchmark --benchmark oasb-1 -f asp -o profile.asp.json
+
+# CI/CD with fail threshold
+hackmyagent benchmark --benchmark oasb-1 --fail-below 70
+```
+
+**Output Formats:**
+- `text` - Human-readable report (default)
+- `json` - Machine-readable JSON
+- `sarif` - SARIF 2.1.0 for GitHub/IDE integration
+- `html` - Standalone HTML report
+- `asp` - Agent Security Profile (HackMyAgent format)
+
+### `hackmyagent secure-openclaw`
+
+Scan OpenClaw/Moltbot installations with 34 specialized security checks and auto-remediation.
+
+```bash
+hackmyagent secure-openclaw              # scan default location
+hackmyagent secure-openclaw ~/.moltbot   # scan specific directory
+hackmyagent secure-openclaw --fix        # auto-fix gateway misconfigurations
+hackmyagent secure-openclaw --fix --dry-run  # preview fixes
+hackmyagent secure-openclaw --json       # JSON output for CI/CD
+```
+
+**Detects:**
+- Unsigned/malicious skills (ClawHavoc campaign patterns)
+- ClickFix social engineering attacks
+- Reverse shell backdoors
+- Credential exfiltration (wallets, SSH keys, API keys)
+- Heartbeat/cron abuse
+- Gateway misconfigurations (GHSA-g8p2 vulnerability)
+- Disabled sandbox/approval confirmations
+
+**Auto-Fix (with `--fix`):**
+| Check | Before | After |
+|-------|--------|-------|
+| GATEWAY-001 | `0.0.0.0` | `127.0.0.1` (local-only) |
+| GATEWAY-003 | Plaintext token | `${OPENCLAW_AUTH_TOKEN}` env var |
+| GATEWAY-004 | Approvals disabled | Approvals enabled |
+| GATEWAY-005 | Sandbox disabled | Sandbox enabled |
+
+**Check Categories:**
+| Category | Checks | Description |
+|----------|--------|-------------|
+| SKILL | 12 | Malicious skill detection |
+| HEARTBEAT | 6 | Heartbeat/cron abuse |
+| GATEWAY | 6 | Gateway misconfigurations (4 auto-fixable) |
+| CONFIG | 6 | Insecure settings |
+| SUPPLY | 4 | Supply chain attacks |
+
+See [SECURITY_CHECKS.md](docs/SECURITY_CHECKS.md#openclaw-security-checks) for full documentation.
+
 ### `hackmyagent rollback`
 
 Undo auto-fix changes.
@@ -163,6 +293,38 @@ jobs:
           path: security-report.json
 ```
 
+### GitHub Actions with Attack Mode (SARIF)
+
+```yaml
+name: AI Agent Security
+on: [push, pull_request]
+
+jobs:
+  attack-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - name: Run attack simulation
+        run: npx hackmyagent attack --local -f sarif -o attack-results.sarif
+      - name: Upload SARIF to GitHub Security
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: attack-results.sarif
+
+  benchmark:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+      - name: Run OASB-1 benchmark
+        run: npx hackmyagent benchmark --benchmark oasb-1 --fail-below 70
+```
+
 ### Pre-commit Hook
 
 ```bash
@@ -194,6 +356,7 @@ For the complete list of 100 security checks with descriptions and remediation g
 
 The following issues can be automatically fixed with `--fix`:
 
+**General (`hackmyagent secure --fix`):**
 | Check ID | Issue | Auto-Fix Action |
 |----------|-------|-----------------|
 | CRED-001 | Exposed API keys | Replace with env var reference |
@@ -203,7 +366,15 @@ The following issues can be automatically fixed with `--fix`:
 | MCP-001 | Root filesystem access | Scope to project directory |
 | NET-001 | Bound to 0.0.0.0 | Bind to 127.0.0.1 |
 
-Always use `--dry-run` first to preview changes.
+**OpenClaw (`hackmyagent secure-openclaw --fix`):**
+| Check ID | Issue | Auto-Fix Action |
+|----------|-------|-----------------|
+| GATEWAY-001 | Bound to 0.0.0.0 | Bind to 127.0.0.1 |
+| GATEWAY-003 | Plaintext token in config | Replace with `${OPENCLAW_AUTH_TOKEN}` |
+| GATEWAY-004 | Approvals disabled | Enable approval confirmations |
+| GATEWAY-005 | Sandbox disabled | Enable sandbox mode |
+
+Always use `--dry-run` first to preview changes. Backups are created automatically.
 
 ## Environment Variables
 
@@ -248,4 +419,8 @@ Apache-2.0
 
 ---
 
-**Need enterprise features?** Check out [AIM (Agent Identity Management)](https://github.com/opena2a-org/agent-identity-management) for centralized policy management, compliance, and audit trails.
+## Secure What You Find
+
+HackMyAgent finds vulnerabilities. **[AIM](https://github.com/opena2a-org/agent-identity-management)** fixes them — the open-source NHI platform for AI agents with cryptographic identity, governance, and access control.
+
+→ [Get started with AIM](https://opena2a.org/docs/quick-start) | [Learn about NHI governance](https://opena2a.org/nhi)

package/dist/attack/attack.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Attack Module Tests
+ */
+export {};
+//# sourceMappingURL=attack.test.d.ts.map

package/dist/attack/attack.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"attack.test.d.ts","sourceRoot":"","sources":["../../src/attack/attack.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/attack/attack.test.js

@@ -0,0 +1,292 @@
+"use strict";
+/**
+ * Attack Module Tests
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+const vitest_1 = require("vitest");
+const scanner_1 = require("./scanner");
+const payloads_1 = require("./payloads");
+const types_1 = require("./types");
+(0, vitest_1.describe)('Attack Payloads', () => {
+    (0, vitest_1.describe)('payload structure', () => {
+        (0, vitest_1.it)('all payloads have required fields', () => {
+            for (const payload of payloads_1.ALL_PAYLOADS) {
+                (0, vitest_1.expect)(payload.id).toBeTruthy();
+                (0, vitest_1.expect)(payload.category).toBeTruthy();
+                (0, vitest_1.expect)(payload.name).toBeTruthy();
+                (0, vitest_1.expect)(payload.description).toBeTruthy();
+                (0, vitest_1.expect)(payload.intensity).toBeTruthy();
+                (0, vitest_1.expect)(payload.payload).toBeTruthy();
+                (0, vitest_1.expect)(payload.severity).toBeTruthy();
+                (0, vitest_1.expect)(payload.remediation).toBeTruthy();
+                (0, vitest_1.expect)(Array.isArray(payload.successIndicators)).toBe(true);
+                (0, vitest_1.expect)(Array.isArray(payload.blockedIndicators)).toBe(true);
+            }
+        });
+        (0, vitest_1.it)('all payloads have unique IDs', () => {
+            const ids = payloads_1.ALL_PAYLOADS.map(p => p.id);
+            const uniqueIds = new Set(ids);
+            (0, vitest_1.expect)(ids.length).toBe(uniqueIds.size);
+        });
+        (0, vitest_1.it)('payload IDs follow naming convention', () => {
+            const prefixes = {
+                'prompt-injection': 'PI',
+                'jailbreak': 'JB',
+                'data-exfiltration': 'DE',
+                'capability-abuse': 'CA',
+                'context-manipulation': 'CM',
+            };
+            for (const payload of payloads_1.ALL_PAYLOADS) {
+                const expectedPrefix = prefixes[payload.category];
+                (0, vitest_1.expect)(payload.id.startsWith(expectedPrefix)).toBe(true);
+                (0, vitest_1.expect)(payload.id).toMatch(/^[A-Z]{2}-\d{3}$/);
+            }
+        });
+        (0, vitest_1.it)('all indicators are valid RegExp', () => {
+            for (const payload of payloads_1.ALL_PAYLOADS) {
+                for (const indicator of payload.successIndicators) {
+                    (0, vitest_1.expect)(indicator).toBeInstanceOf(RegExp);
+                }
+                for (const indicator of payload.blockedIndicators) {
+                    (0, vitest_1.expect)(indicator).toBeInstanceOf(RegExp);
+                }
+            }
+        });
+    });
+    (0, vitest_1.describe)('PAYLOAD_STATS', () => {
+        (0, vitest_1.it)('reports correct total count', () => {
+            (0, vitest_1.expect)(payloads_1.PAYLOAD_STATS.total).toBe(payloads_1.ALL_PAYLOADS.length);
+        });
+        (0, vitest_1.it)('reports correct category counts', () => {
+            (0, vitest_1.expect)(payloads_1.PAYLOAD_STATS.byCategory['prompt-injection']).toBe(payloads_1.PROMPT_INJECTION_PAYLOADS.length);
+            (0, vitest_1.expect)(payloads_1.PAYLOAD_STATS.byCategory['jailbreak']).toBe(payloads_1.JAILBREAK_PAYLOADS.length);
+            (0, vitest_1.expect)(payloads_1.PAYLOAD_STATS.byCategory['data-exfiltration']).toBe(payloads_1.DATA_EXFILTRATION_PAYLOADS.length);
+            (0, vitest_1.expect)(payloads_1.PAYLOAD_STATS.byCategory['capability-abuse']).toBe(payloads_1.CAPABILITY_ABUSE_PAYLOADS.length);
+            (0, vitest_1.expect)(payloads_1.PAYLOAD_STATS.byCategory['context-manipulation']).toBe(payloads_1.CONTEXT_MANIPULATION_PAYLOADS.length);
+        });
+        (0, vitest_1.it)('category counts sum to total', () => {
+            const sum = Object.values(payloads_1.PAYLOAD_STATS.byCategory).reduce((a, b) => a + b, 0);
+            (0, vitest_1.expect)(sum).toBe(payloads_1.PAYLOAD_STATS.total);
+        });
+        (0, vitest_1.it)('intensity counts sum to total', () => {
+            const sum = Object.values(payloads_1.PAYLOAD_STATS.byIntensity).reduce((a, b) => a + b, 0);
+            (0, vitest_1.expect)(sum).toBe(payloads_1.PAYLOAD_STATS.total);
+        });
+    });
+    (0, vitest_1.describe)('getPayloadsByCategory', () => {
+        (0, vitest_1.it)('returns only payloads of specified category', () => {
+            const categories = [
+                'prompt-injection',
+                'jailbreak',
+                'data-exfiltration',
+                'capability-abuse',
+                'context-manipulation',
+            ];
+            for (const category of categories) {
+                const payloads = (0, payloads_1.getPayloadsByCategory)(category);
+                (0, vitest_1.expect)(payloads.length).toBeGreaterThan(0);
+                for (const payload of payloads) {
+                    (0, vitest_1.expect)(payload.category).toBe(category);
+                }
+            }
+        });
+    });
+    (0, vitest_1.describe)('getPayloadsByIntensity', () => {
+        (0, vitest_1.it)('passive returns only passive payloads', () => {
+            const payloads = (0, payloads_1.getPayloadsByIntensity)('passive');
+            for (const payload of payloads) {
+                (0, vitest_1.expect)(payload.intensity).toBe('passive');
+            }
+        });
+        (0, vitest_1.it)('active returns passive and active payloads', () => {
+            const payloads = (0, payloads_1.getPayloadsByIntensity)('active');
+            const intensities = new Set(payloads.map(p => p.intensity));
+            (0, vitest_1.expect)(intensities.has('aggressive')).toBe(false);
+        });
+        (0, vitest_1.it)('aggressive returns all payloads', () => {
+            const payloads = (0, payloads_1.getPayloadsByIntensity)('aggressive');
+            (0, vitest_1.expect)(payloads.length).toBe(payloads_1.ALL_PAYLOADS.length);
+        });
+    });
+    (0, vitest_1.describe)('getPayloads', () => {
+        (0, vitest_1.it)('returns all payloads when no filters', () => {
+            const payloads = (0, payloads_1.getPayloads)(undefined, 'aggressive');
+            (0, vitest_1.expect)(payloads.length).toBe(payloads_1.ALL_PAYLOADS.length);
+        });
+        (0, vitest_1.it)('filters by category', () => {
+            const payloads = (0, payloads_1.getPayloads)(['prompt-injection'], 'aggressive');
+            for (const payload of payloads) {
+                (0, vitest_1.expect)(payload.category).toBe('prompt-injection');
+            }
+        });
+        (0, vitest_1.it)('filters by multiple categories', () => {
+            const payloads = (0, payloads_1.getPayloads)(['prompt-injection', 'jailbreak'], 'aggressive');
+            for (const payload of payloads) {
+                (0, vitest_1.expect)(['prompt-injection', 'jailbreak']).toContain(payload.category);
+            }
+        });
+        (0, vitest_1.it)('combines category and intensity filters', () => {
+            const payloads = (0, payloads_1.getPayloads)(['prompt-injection'], 'passive');
+            for (const payload of payloads) {
+                (0, vitest_1.expect)(payload.category).toBe('prompt-injection');
+                (0, vitest_1.expect)(payload.intensity).toBe('passive');
+            }
+        });
+    });
+    (0, vitest_1.describe)('getPayloadById', () => {
+        (0, vitest_1.it)('returns payload for valid ID', () => {
+            const payload = (0, payloads_1.getPayloadById)('PI-001');
+            (0, vitest_1.expect)(payload).toBeDefined();
+            (0, vitest_1.expect)(payload?.id).toBe('PI-001');
+        });
+        (0, vitest_1.it)('returns undefined for invalid ID', () => {
+            const payload = (0, payloads_1.getPayloadById)('INVALID-999');
+            (0, vitest_1.expect)(payload).toBeUndefined();
+        });
+    });
+});
+(0, vitest_1.describe)('ATTACK_CATEGORIES', () => {
+    (0, vitest_1.it)('has all categories defined', () => {
+        const categories = [
+            'prompt-injection',
+            'jailbreak',
+            'data-exfiltration',
+            'capability-abuse',
+            'context-manipulation',
+        ];
+        for (const category of categories) {
+            (0, vitest_1.expect)(types_1.ATTACK_CATEGORIES[category]).toBeDefined();
+            (0, vitest_1.expect)(types_1.ATTACK_CATEGORIES[category].name).toBeTruthy();
+            (0, vitest_1.expect)(types_1.ATTACK_CATEGORIES[category].description).toBeTruthy();
+            (0, vitest_1.expect)(Array.isArray(types_1.ATTACK_CATEGORIES[category].oasbControls)).toBe(true);
+        }
+    });
+});
+(0, vitest_1.describe)('AttackScanner', () => {
+    (0, vitest_1.describe)('constructor', () => {
+        (0, vitest_1.it)('creates scanner with default options', () => {
+            const scanner = new scanner_1.AttackScanner();
+            (0, vitest_1.expect)(scanner).toBeInstanceOf(scanner_1.AttackScanner);
+        });
+        (0, vitest_1.it)('creates scanner with custom options', () => {
+            const scanner = new scanner_1.AttackScanner({
+                intensity: 'aggressive',
+                timeout: 60000,
+                delay: 500,
+            });
+            (0, vitest_1.expect)(scanner).toBeInstanceOf(scanner_1.AttackScanner);
+        });
+    });
+    (0, vitest_1.describe)('scan (local mode)', () => {
+        (0, vitest_1.it)('runs scan in local simulation mode', async () => {
+            const scanner = new scanner_1.AttackScanner({ delay: 0 });
+            const report = await scanner.scan({ url: '', type: 'local' }, { categories: ['prompt-injection'], intensity: 'passive', delay: 0 });
+            (0, vitest_1.expect)(report.target).toBe('local');
+            (0, vitest_1.expect)(report.targetType).toBe('local');
+            (0, vitest_1.expect)(report.intensity).toBe('passive');
+            (0, vitest_1.expect)(report.categories).toContain('prompt-injection');
+            (0, vitest_1.expect)(report.summary.total).toBeGreaterThan(0);
+            (0, vitest_1.expect)(report.results.length).toBe(report.summary.total);
+            (0, vitest_1.expect)(report.riskScore).toBeGreaterThanOrEqual(0);
+            (0, vitest_1.expect)(report.riskScore).toBeLessThanOrEqual(100);
+        });
+        (0, vitest_1.it)('respects stopOnSuccess option', async () => {
+            // Create a scanner that will stop on first success
+            // In local mode, most will be inconclusive, but we test the flow
+            const scanner = new scanner_1.AttackScanner({ delay: 0 });
+            const report = await scanner.scan({ url: '', type: 'local' }, { intensity: 'passive', stopOnSuccess: true, delay: 0 });
+            // Should have at least one result
+            (0, vitest_1.expect)(report.results.length).toBeGreaterThanOrEqual(1);
+        });
+        (0, vitest_1.it)('returns correct summary structure', async () => {
+            const scanner = new scanner_1.AttackScanner({ delay: 0 });
+            const report = await scanner.scan({ url: '', type: 'local' }, { categories: ['jailbreak'], intensity: 'passive', delay: 0 });
+            (0, vitest_1.expect)(report.summary).toHaveProperty('total');
+            (0, vitest_1.expect)(report.summary).toHaveProperty('successful');
+            (0, vitest_1.expect)(report.summary).toHaveProperty('blocked');
+            (0, vitest_1.expect)(report.summary).toHaveProperty('inconclusive');
+            (0, vitest_1.expect)(report.summary).toHaveProperty('bySeverity');
+            (0, vitest_1.expect)(report.summary).toHaveProperty('byCategory');
+            // Check bySeverity structure
+            (0, vitest_1.expect)(report.summary.bySeverity).toHaveProperty('critical');
+            (0, vitest_1.expect)(report.summary.bySeverity).toHaveProperty('high');
+            (0, vitest_1.expect)(report.summary.bySeverity).toHaveProperty('medium');
+            (0, vitest_1.expect)(report.summary.bySeverity).toHaveProperty('low');
+            (0, vitest_1.expect)(report.summary.bySeverity).toHaveProperty('info');
+            // Check byCategory structure
+            (0, vitest_1.expect)(report.summary.byCategory).toHaveProperty('jailbreak');
+            (0, vitest_1.expect)(report.summary.byCategory['jailbreak']).toHaveProperty('total');
+            (0, vitest_1.expect)(report.summary.byCategory['jailbreak']).toHaveProperty('successful');
+        });
+        (0, vitest_1.it)('calculates risk rating correctly', async () => {
+            const scanner = new scanner_1.AttackScanner({ delay: 0 });
+            const report = await scanner.scan({ url: '', type: 'local' }, { categories: ['prompt-injection'], intensity: 'passive', delay: 0 });
+            // Risk rating should be one of the valid values
+            (0, vitest_1.expect)(['critical', 'high', 'medium', 'low', 'secure']).toContain(report.riskRating);
+            // Score and rating should be consistent
+            if (report.riskScore >= 70) {
+                (0, vitest_1.expect)(report.riskRating).toBe('critical');
+            }
+            else if (report.riskScore >= 50) {
+                (0, vitest_1.expect)(report.riskRating).toBe('high');
+            }
+            else if (report.riskScore >= 25) {
+                (0, vitest_1.expect)(report.riskRating).toBe('medium');
+            }
+            else if (report.riskScore > 0) {
+                (0, vitest_1.expect)(report.riskRating).toBe('low');
+            }
+            else {
+                (0, vitest_1.expect)(report.riskRating).toBe('secure');
+            }
+        });
+        (0, vitest_1.it)('includes duration in report', async () => {
+            const scanner = new scanner_1.AttackScanner({ delay: 0 });
+            const report = await scanner.scan({ url: '', type: 'local' }, { categories: ['prompt-injection'], intensity: 'passive', delay: 0 });
+            (0, vitest_1.expect)(report.duration).toBeGreaterThanOrEqual(0);
+            (0, vitest_1.expect)(report.startTime).toBeInstanceOf(Date);
+            (0, vitest_1.expect)(report.endTime).toBeInstanceOf(Date);
+        });
+        (0, vitest_1.it)('runs specific payloads by ID', async () => {
+            const scanner = new scanner_1.AttackScanner({ delay: 0 });
+            const report = await scanner.scan({ url: '', type: 'local' }, { payloadIds: ['PI-001', 'JB-001'], delay: 0 });
+            (0, vitest_1.expect)(report.results.length).toBe(2);
+            const ids = report.results.map(r => r.payload.id);
+            (0, vitest_1.expect)(ids).toContain('PI-001');
+            (0, vitest_1.expect)(ids).toContain('JB-001');
+        });
+    });
+    (0, vitest_1.describe)('response analysis', () => {
+        (0, vitest_1.it)('detects blocked responses', async () => {
+            const scanner = new scanner_1.AttackScanner({ delay: 0 });
+            // The local simulation doesn't trigger blocked patterns,
+            // but we verify the structure is in place
+            const report = await scanner.scan({ url: '', type: 'local' }, { categories: ['prompt-injection'], intensity: 'passive', delay: 0 });
+            // Each result should have the blocked field
+            for (const result of report.results) {
+                (0, vitest_1.expect)(typeof result.blocked).toBe('boolean');
+                (0, vitest_1.expect)(typeof result.success).toBe('boolean');
+                (0, vitest_1.expect)(typeof result.confidence).toBe('number');
+                (0, vitest_1.expect)(result.confidence).toBeGreaterThanOrEqual(0);
+                (0, vitest_1.expect)(result.confidence).toBeLessThanOrEqual(1);
+            }
+        });
+    });
+});
+(0, vitest_1.describe)('Attack Result Structure', () => {
+    (0, vitest_1.it)('results have all required fields', async () => {
+        const scanner = new scanner_1.AttackScanner({ delay: 0 });
+        const report = await scanner.scan({ url: '', type: 'local' }, { categories: ['prompt-injection'], intensity: 'passive', delay: 0 });
+        for (const result of report.results) {
+            (0, vitest_1.expect)(result.payload).toBeDefined();
+            (0, vitest_1.expect)(result.target).toBeDefined();
+            (0, vitest_1.expect)(typeof result.success).toBe('boolean');
+            (0, vitest_1.expect)(typeof result.blocked).toBe('boolean');
+            (0, vitest_1.expect)(typeof result.confidence).toBe('number');
+            (0, vitest_1.expect)(result.evidence).toBeDefined();
+            (0, vitest_1.expect)(typeof result.duration).toBe('number');
+            (0, vitest_1.expect)(result.timestamp).toBeInstanceOf(Date);
+        }
+    });
+});
+//# sourceMappingURL=attack.test.js.map

package/dist/attack/attack.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"attack.test.js","sourceRoot":"","sources":["../../src/attack/attack.test.ts"],"names":[],"mappings":";AAAA;;GAEG;;AAEH,mCAA8C;AAC9C,uCAA0C;AAC1C,yCAYoB;AACpB,mCAA4F;AAE5F,IAAA,iBAAQ,EAAC,iBAAiB,EAAE,GAAG,EAAE;IAC/B,IAAA,iBAAQ,EAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,IAAA,WAAE,EAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,KAAK,MAAM,OAAO,IAAI,uBAAY,EAAE,CAAC;gBACnC,IAAA,eAAM,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC;gBAChC,IAAA,eAAM,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,UAAU,EAAE,CAAC;gBACtC,IAAA,eAAM,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;gBAClC,IAAA,eAAM,EAAC,OAAO,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC;gBACzC,IAAA,eAAM,EAAC,OAAO,CAAC,SAAS,CAAC,CAAC,UAAU,EAAE,CAAC;gBACvC,IAAA,eAAM,EAAC,OAAO,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,CAAC;gBACrC,IAAA,eAAM,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,UAAU,EAAE,CAAC;gBACtC,IAAA,eAAM,EAAC,OAAO,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC;gBACzC,IAAA,eAAM,EAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC5D,IAAA,eAAM,EAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,GAAG,GAAG,uBAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACxC,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAA,eAAM,EAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,QAAQ,GAAmC;gBAC/C,kBAAkB,EAAE,IAAI;gBACxB,WAAW,EAAE,IAAI;gBACjB,mBAAmB,EAAE,IAAI;gBACzB,kBAAkB,EAAE,IAAI;gBACxB,sBAAsB,EAAE,IAAI;aAC7B,CAAC;YAEF,KAAK,MAAM,OAAO,IAAI,uBAAY,EAAE,CAAC;gBACnC,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;gBAClD,IAAA,eAAM,EAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACzD,IAAA,eAAM,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;YACjD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,KAAK,MAAM,OAAO,IAAI,uBAAY,EAAE,CAAC;gBACnC,KAAK,MAAM,SAAS,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;oBAClD,IAAA,eAAM,EAAC,SAAS,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBAC3C,CAAC;gBACD,KAAK,MAAM,SAAS,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;oBAClD,IAAA,eAAM,EAAC,SAAS,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBAC3C,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,IAAA,WAAE,EAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,IAAA,eAAM,EAAC,wBAAa,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,uBAAY,CAAC,MAAM,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,IAAA,eAAM,EAAC,wBAAa,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,IAAI,CAAC,oCAAyB,CAAC,MAAM,CAAC,CAAC;YAC5F,IAAA,eAAM,EAAC,wBAAa,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,6BAAkB,CAAC,MAAM,CAAC,CAAC;YAC9E,IAAA,eAAM,EAAC,wBAAa,CAAC,UAAU,CAAC,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,qCAA0B,CAAC,MAAM,CAAC,CAAC;YAC9F,IAAA,eAAM,EAAC,wBAAa,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,CAAC,IAAI,CAAC,oCAAyB,CAAC,MAAM,CAAC,CAAC;YAC5F,IAAA,eAAM,EAAC,wBAAa,CAAC,UAAU,CAAC,sBAAsB,CAAC,CAAC,CAAC,IAAI,CAAC,wCAA6B,CAAC,MAAM,CAAC,CAAC;QACtG,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,wBAAa,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAC/E,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,IAAI,CAAC,wBAAa,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,GAAG,GAAG,MAAM,CAAC,MAAM,CAAC,wBAAa,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;YAChF,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,IAAI,CAAC,wBAAa,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,IAAA,WAAE,EAAC,6CAA6C,EAAE,GAAG,EAAE;YACrD,MAAM,UAAU,GAAqB;gBACnC,kBAAkB;gBAClB,WAAW;gBACX,mBAAmB;gBACnB,kBAAkB;gBAClB,sBAAsB;aACvB,CAAC;YAEF,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;gBAClC,MAAM,QAAQ,GAAG,IAAA,gCAAqB,EAAC,QAAQ,CAAC,CAAC;gBACjD,IAAA,eAAM,EAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;gBAC3C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;oBAC/B,IAAA,eAAM,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,wBAAwB,EAAE,GAAG,EAAE;QACtC,IAAA,WAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,QAAQ,GAAG,IAAA,iCAAsB,EAAC,SAAS,CAAC,CAAC;YACnD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,IAAA,eAAM,EAAC,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,4CAA4C,EAAE,GAAG,EAAE;YACpD,MAAM,QAAQ,GAAG,IAAA,iCAAsB,EAAC,QAAQ,CAAC,CAAC;YAClD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;YAC5D,IAAA,eAAM,EAAC,WAAW,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,QAAQ,GAAG,IAAA,iCAAsB,EAAC,YAAY,CAAC,CAAC;YACtD,IAAA,eAAM,EAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,uBAAY,CAAC,MAAM,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,IAAA,WAAE,EAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,QAAQ,GAAG,IAAA,sBAAW,EAAC,SAAS,EAAE,YAAY,CAAC,CAAC;YACtD,IAAA,eAAM,EAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,uBAAY,CAAC,MAAM,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,qBAAqB,EAAE,GAAG,EAAE;YAC7B,MAAM,QAAQ,GAAG,IAAA,sBAAW,EAAC,CAAC,kBAAkB,CAAC,EAAE,YAAY,CAAC,CAAC;YACjE,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,IAAA,eAAM,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACpD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,QAAQ,GAAG,IAAA,sBAAW,EAAC,CAAC,kBAAkB,EAAE,WAAW,CAAC,EAAE,YAAY,CAAC,CAAC;YAC9E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,IAAA,eAAM,EAAC,CAAC,kBAAkB,EAAE,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxE,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,QAAQ,GAAG,IAAA,sBAAW,EAAC,CAAC,kBAAkB,CAAC,EAAE,SAAS,CAAC,CAAC;YAC9D,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,IAAA,eAAM,EAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;gBAClD,IAAA,eAAM,EAAC,OAAO,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,IAAA,WAAE,EAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,OAAO,GAAG,IAAA,yBAAc,EAAC,QAAQ,CAAC,CAAC;YACzC,IAAA,eAAM,EAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;YAC9B,IAAA,eAAM,EAAC,OAAO,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,OAAO,GAAG,IAAA,yBAAc,EAAC,aAAa,CAAC,CAAC;YAC9C,IAAA,eAAM,EAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QAClC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,IAAA,WAAE,EAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,UAAU,GAAqB;YACnC,kBAAkB;YAClB,WAAW;YACX,mBAAmB;YACnB,kBAAkB;YAClB,sBAAsB;SACvB,CAAC;QAEF,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;YAClC,IAAA,eAAM,EAAC,yBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YAClD,IAAA,eAAM,EAAC,yBAAiB,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;YACtD,IAAA,eAAM,EAAC,yBAAiB,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC;YAC7D,IAAA,eAAM,EAAC,KAAK,CAAC,OAAO,CAAC,yBAAiB,CAAC,QAAQ,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,IAAA,iBAAQ,EAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,IAAA,WAAE,EAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,OAAO,GAAG,IAAI,uBAAa,EAAE,CAAC;YACpC,IAAA,eAAM,EAAC,OAAO,CAAC,CAAC,cAAc,CAAC,uBAAa,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC;gBAChC,SAAS,EAAE,YAAY;gBACvB,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG;aACX,CAAC,CAAC;YACH,IAAA,eAAM,EAAC,OAAO,CAAC,CAAC,cAAc,CAAC,uBAAa,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,IAAA,WAAE,EAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;YAChD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,UAAU,EAAE,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,CACrE,CAAC;YAEF,IAAA,eAAM,EAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACxC,IAAA,eAAM,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACzC,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YACxD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAChD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YACzD,IAAA,eAAM,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;YACnD,IAAA,eAAM,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;YAC7C,mDAAmD;YACnD,iEAAiE;YACjE,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;YAChD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,CACxD,CAAC;YAEF,kCAAkC;YAClC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;YAChD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,UAAU,EAAE,CAAC,WAAW,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,CAC9D,CAAC;YAEF,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YAC/C,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;YACpD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;YACjD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC;YACtD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;YACpD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;YAEpD,6BAA6B;YAC7B,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;YAC7D,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YACzD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAC3D,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YACxD,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YAEzD,6BAA6B;YAC7B,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;YAC9D,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YACvE,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QAC9E,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;YAChD,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;YAChD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,UAAU,EAAE,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,CACrE,CAAC;YAEF,gDAAgD;YAChD,IAAA,eAAM,EAAC,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YAErF,wCAAwC;YACxC,IAAI,MAAM,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;gBAC3B,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC7C,CAAC;iBAAM,IAAI,MAAM,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;gBAClC,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACzC,CAAC;iBAAM,IAAI,MAAM,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;gBAClC,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;iBAAM,IAAI,MAAM,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;gBAChC,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACxC,CAAC;iBAAM,CAAC;gBACN,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;YAC3C,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;YAChD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,UAAU,EAAE,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,CACrE,CAAC;YAEF,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;YAClD,IAAA,eAAM,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;YAC9C,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;YAC5C,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;YAChD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,UAAU,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAC/C,CAAC;YAEF,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACtC,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YAClD,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAA,eAAM,EAAC,GAAG,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,IAAA,WAAE,EAAC,2BAA2B,EAAE,KAAK,IAAI,EAAE;YACzC,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;YAEhD,yDAAyD;YACzD,0CAA0C;YAC1C,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,UAAU,EAAE,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,CACrE,CAAC;YAEF,4CAA4C;YAC5C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpC,IAAA,eAAM,EAAC,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC9C,IAAA,eAAM,EAAC,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC9C,IAAA,eAAM,EAAC,OAAO,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAChD,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;gBACpD,IAAA,eAAM,EAAC,MAAM,CAAC,UAAU,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC;YACnD,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,IAAA,WAAE,EAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,OAAO,GAAG,IAAI,uBAAa,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAC/B,EAAE,GAAG,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAC1B,EAAE,UAAU,EAAE,CAAC,kBAAkB,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,CACrE,CAAC;QAEF,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACpC,IAAA,eAAM,EAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;YACrC,IAAA,eAAM,EAAC,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YACpC,IAAA,eAAM,EAAC,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC9C,IAAA,eAAM,EAAC,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC9C,IAAA,eAAM,EAAC,OAAO,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAChD,IAAA,eAAM,EAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;YACtC,IAAA,eAAM,EAAC,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC9C,IAAA,eAAM,EAAC,MAAM,CAAC,SAAS,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/attack/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Attack Module
+ * Adversarial security testing for AI agents
+ */
+export { AttackScanner } from './scanner';
+export { AttackCategory, AttackIntensity, AttackSeverity, AttackPayload, AttackResult, AttackReport, AttackTarget, AttackOptions, ATTACK_CATEGORIES, } from './types';
+export { ALL_PAYLOADS, PAYLOAD_STATS, getPayloads, getPayloadById, getPayloadsByCategory, getPayloadsByIntensity, PROMPT_INJECTION_PAYLOADS, JAILBREAK_PAYLOADS, DATA_EXFILTRATION_PAYLOADS, CAPABILITY_ABUSE_PAYLOADS, CONTEXT_MANIPULATION_PAYLOADS, } from './payloads';
+//# sourceMappingURL=index.d.ts.map

package/dist/attack/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/attack/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAE1C,OAAO,EACL,cAAc,EACd,eAAe,EACf,cAAc,EACd,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,iBAAiB,GAClB,MAAM,SAAS,CAAC;AAEjB,OAAO,EACL,YAAY,EACZ,aAAa,EACb,WAAW,EACX,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EACtB,yBAAyB,EACzB,kBAAkB,EAClB,0BAA0B,EAC1B,yBAAyB,EACzB,6BAA6B,GAC9B,MAAM,YAAY,CAAC"}

package/dist/attack/index.js

@@ -0,0 +1,24 @@
+"use strict";
+/**
+ * Attack Module
+ * Adversarial security testing for AI agents
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CONTEXT_MANIPULATION_PAYLOADS = exports.CAPABILITY_ABUSE_PAYLOADS = exports.DATA_EXFILTRATION_PAYLOADS = exports.JAILBREAK_PAYLOADS = exports.PROMPT_INJECTION_PAYLOADS = exports.getPayloadsByIntensity = exports.getPayloadsByCategory = exports.getPayloadById = exports.getPayloads = exports.PAYLOAD_STATS = exports.ALL_PAYLOADS = exports.ATTACK_CATEGORIES = exports.AttackScanner = void 0;
+var scanner_1 = require("./scanner");
+Object.defineProperty(exports, "AttackScanner", { enumerable: true, get: function () { return scanner_1.AttackScanner; } });
+var types_1 = require("./types");
+Object.defineProperty(exports, "ATTACK_CATEGORIES", { enumerable: true, get: function () { return types_1.ATTACK_CATEGORIES; } });
+var payloads_1 = require("./payloads");
+Object.defineProperty(exports, "ALL_PAYLOADS", { enumerable: true, get: function () { return payloads_1.ALL_PAYLOADS; } });
+Object.defineProperty(exports, "PAYLOAD_STATS", { enumerable: true, get: function () { return payloads_1.PAYLOAD_STATS; } });
+Object.defineProperty(exports, "getPayloads", { enumerable: true, get: function () { return payloads_1.getPayloads; } });
+Object.defineProperty(exports, "getPayloadById", { enumerable: true, get: function () { return payloads_1.getPayloadById; } });
+Object.defineProperty(exports, "getPayloadsByCategory", { enumerable: true, get: function () { return payloads_1.getPayloadsByCategory; } });
+Object.defineProperty(exports, "getPayloadsByIntensity", { enumerable: true, get: function () { return payloads_1.getPayloadsByIntensity; } });
+Object.defineProperty(exports, "PROMPT_INJECTION_PAYLOADS", { enumerable: true, get: function () { return payloads_1.PROMPT_INJECTION_PAYLOADS; } });
+Object.defineProperty(exports, "JAILBREAK_PAYLOADS", { enumerable: true, get: function () { return payloads_1.JAILBREAK_PAYLOADS; } });
+Object.defineProperty(exports, "DATA_EXFILTRATION_PAYLOADS", { enumerable: true, get: function () { return payloads_1.DATA_EXFILTRATION_PAYLOADS; } });
+Object.defineProperty(exports, "CAPABILITY_ABUSE_PAYLOADS", { enumerable: true, get: function () { return payloads_1.CAPABILITY_ABUSE_PAYLOADS; } });
+Object.defineProperty(exports, "CONTEXT_MANIPULATION_PAYLOADS", { enumerable: true, get: function () { return payloads_1.CONTEXT_MANIPULATION_PAYLOADS; } });
+//# sourceMappingURL=index.js.map

package/dist/attack/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/attack/index.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,qCAA0C;AAAjC,wGAAA,aAAa,OAAA;AAEtB,iCAUiB;AADf,0GAAA,iBAAiB,OAAA;AAGnB,uCAYoB;AAXlB,wGAAA,YAAY,OAAA;AACZ,yGAAA,aAAa,OAAA;AACb,uGAAA,WAAW,OAAA;AACX,0GAAA,cAAc,OAAA;AACd,iHAAA,qBAAqB,OAAA;AACrB,kHAAA,sBAAsB,OAAA;AACtB,qHAAA,yBAAyB,OAAA;AACzB,8GAAA,kBAAkB,OAAA;AAClB,sHAAA,0BAA0B,OAAA;AAC1B,qHAAA,yBAAyB,OAAA;AACzB,yHAAA,6BAA6B,OAAA"}

package/dist/attack/payloads/capability-abuse.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Capability Abuse Attack Payloads
+ * Tests for OASB-1 controls: 2.2, 2.3, 4.2
+ */
+import { AttackPayload } from '../types';
+export declare const CAPABILITY_ABUSE_PAYLOADS: AttackPayload[];
+export default CAPABILITY_ABUSE_PAYLOADS;
+//# sourceMappingURL=capability-abuse.d.ts.map

package/dist/attack/payloads/capability-abuse.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"capability-abuse.d.ts","sourceRoot":"","sources":["../../../src/attack/payloads/capability-abuse.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,eAAO,MAAM,yBAAyB,EAAE,aAAa,EA+LpD,CAAC;AAEF,eAAe,yBAAyB,CAAC"}