hackmyagent-core 0.2.3 → 0.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +116 -0
- package/dist/attack/attack.test.d.ts +5 -0
- package/dist/attack/attack.test.d.ts.map +1 -0
- package/dist/attack/attack.test.js +292 -0
- package/dist/attack/attack.test.js.map +1 -0
- package/dist/attack/index.d.ts +8 -0
- package/dist/attack/index.d.ts.map +1 -0
- package/dist/attack/index.js +24 -0
- package/dist/attack/index.js.map +1 -0
- package/dist/attack/payloads/capability-abuse.d.ts +8 -0
- package/dist/attack/payloads/capability-abuse.d.ts.map +1 -0
- package/dist/attack/payloads/capability-abuse.js +199 -0
- package/dist/attack/payloads/capability-abuse.js.map +1 -0
- package/dist/attack/payloads/context-manipulation.d.ts +8 -0
- package/dist/attack/payloads/context-manipulation.d.ts.map +1 -0
- package/dist/attack/payloads/context-manipulation.js +194 -0
- package/dist/attack/payloads/context-manipulation.js.map +1 -0
- package/dist/attack/payloads/data-exfiltration.d.ts +8 -0
- package/dist/attack/payloads/data-exfiltration.d.ts.map +1 -0
- package/dist/attack/payloads/data-exfiltration.js +222 -0
- package/dist/attack/payloads/data-exfiltration.js.map +1 -0
- package/dist/attack/payloads/index.d.ts +27 -0
- package/dist/attack/payloads/index.d.ts.map +1 -0
- package/dist/attack/payloads/index.js +68 -0
- package/dist/attack/payloads/index.js.map +1 -0
- package/dist/attack/payloads/jailbreak.d.ts +8 -0
- package/dist/attack/payloads/jailbreak.d.ts.map +1 -0
- package/dist/attack/payloads/jailbreak.js +236 -0
- package/dist/attack/payloads/jailbreak.js.map +1 -0
- package/dist/attack/payloads/prompt-injection.d.ts +8 -0
- package/dist/attack/payloads/prompt-injection.d.ts.map +1 -0
- package/dist/attack/payloads/prompt-injection.js +235 -0
- package/dist/attack/payloads/prompt-injection.js.map +1 -0
- package/dist/attack/scanner.d.ts +59 -0
- package/dist/attack/scanner.d.ts.map +1 -0
- package/dist/attack/scanner.js +312 -0
- package/dist/attack/scanner.js.map +1 -0
- package/dist/attack/types.d.ts +128 -0
- package/dist/attack/types.d.ts.map +1 -0
- package/dist/attack/types.js +36 -0
- package/dist/attack/types.js.map +1 -0
- package/dist/benchmarks/index.d.ts +16 -0
- package/dist/benchmarks/index.d.ts.map +1 -0
- package/dist/benchmarks/index.js +27 -0
- package/dist/benchmarks/index.js.map +1 -0
- package/dist/benchmarks/oasb-1.d.ts +95 -0
- package/dist/benchmarks/oasb-1.d.ts.map +1 -0
- package/dist/benchmarks/oasb-1.js +623 -0
- package/dist/benchmarks/oasb-1.js.map +1 -0
- package/dist/hardening/scanner.d.ts.map +1 -1
- package/dist/hardening/scanner.js +1 -0
- package/dist/hardening/scanner.js.map +1 -1
- package/dist/hardening/security-check.d.ts +3 -0
- package/dist/hardening/security-check.d.ts.map +1 -1
- package/dist/index.d.ts +6 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +24 -2
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
|
@@ -0,0 +1,623 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* OASB-1: AI Agent Security Benchmark
|
|
4
|
+
* Version 1.0.0
|
|
5
|
+
*
|
|
6
|
+
* Maps OASB-1 controls to HackMyAgent check IDs
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.OASB_1_NAME = exports.OASB_1_VERSION = exports.OASB_1_CATEGORIES = void 0;
|
|
10
|
+
exports.getControlsForLevel = getControlsForLevel;
|
|
11
|
+
exports.getControlsForCategory = getControlsForCategory;
|
|
12
|
+
exports.getCheckIdsForLevel = getCheckIdsForLevel;
|
|
13
|
+
exports.calculateRating = calculateRating;
|
|
14
|
+
/**
|
|
15
|
+
* OASB-1 Benchmark Definition
|
|
16
|
+
*/
|
|
17
|
+
exports.OASB_1_CATEGORIES = [
|
|
18
|
+
{
|
|
19
|
+
id: 1,
|
|
20
|
+
name: 'Identity & Provenance',
|
|
21
|
+
description: 'Who is this agent? Can we verify?',
|
|
22
|
+
controls: [
|
|
23
|
+
{
|
|
24
|
+
id: '1.1',
|
|
25
|
+
name: 'Agent Cryptographic Identity',
|
|
26
|
+
category: 'Identity & Provenance',
|
|
27
|
+
level: 'L1',
|
|
28
|
+
scored: true,
|
|
29
|
+
description: 'Every agent must have a unique cryptographic identity',
|
|
30
|
+
checkIds: [], // Forward-looking
|
|
31
|
+
verification: 'forward',
|
|
32
|
+
remediation: 'Generate a unique keypair for your agent using: openssl genrsa -out agent-key.pem 4096. Store the private key securely and publish the public key in your agent manifest.',
|
|
33
|
+
helpUrl: 'https://oasb.ai/controls/1.1',
|
|
34
|
+
},
|
|
35
|
+
{
|
|
36
|
+
id: '1.2',
|
|
37
|
+
name: 'Verified Ownership',
|
|
38
|
+
category: 'Identity & Provenance',
|
|
39
|
+
level: 'L1',
|
|
40
|
+
scored: true,
|
|
41
|
+
description: 'Every agent must have a verified human or organizational owner',
|
|
42
|
+
checkIds: [], // Manual verification
|
|
43
|
+
verification: 'manual',
|
|
44
|
+
remediation: 'Document the human/organization responsible for this agent. Add a SECURITY.md file with contact information and publish ownership in DNS TXT records (e.g., _agent-owner.example.com).',
|
|
45
|
+
helpUrl: 'https://oasb.ai/controls/1.2',
|
|
46
|
+
},
|
|
47
|
+
{
|
|
48
|
+
id: '1.3',
|
|
49
|
+
name: 'Provenance Chain',
|
|
50
|
+
category: 'Identity & Provenance',
|
|
51
|
+
level: 'L2',
|
|
52
|
+
scored: true,
|
|
53
|
+
description: 'Agent provenance must be traceable from deployment to source',
|
|
54
|
+
checkIds: [], // Forward-looking (SLSA)
|
|
55
|
+
verification: 'forward',
|
|
56
|
+
remediation: 'Implement SLSA Level 2+ build provenance. Use sigstore/cosign to sign artifacts and publish attestations.',
|
|
57
|
+
helpUrl: 'https://oasb.ai/controls/1.3',
|
|
58
|
+
},
|
|
59
|
+
{
|
|
60
|
+
id: '1.4',
|
|
61
|
+
name: 'Identity Lifecycle Management',
|
|
62
|
+
category: 'Identity & Provenance',
|
|
63
|
+
level: 'L2',
|
|
64
|
+
scored: true,
|
|
65
|
+
description: 'Agent identities must be managed through their full lifecycle',
|
|
66
|
+
checkIds: [], // Manual verification
|
|
67
|
+
verification: 'manual',
|
|
68
|
+
remediation: 'Establish key rotation policy (recommend 90 days). Document identity revocation process. Use AIM registry for identity management.',
|
|
69
|
+
helpUrl: 'https://oasb.ai/controls/1.4',
|
|
70
|
+
},
|
|
71
|
+
],
|
|
72
|
+
},
|
|
73
|
+
{
|
|
74
|
+
id: 2,
|
|
75
|
+
name: 'Capability & Authorization',
|
|
76
|
+
description: 'What can this agent do?',
|
|
77
|
+
controls: [
|
|
78
|
+
{
|
|
79
|
+
id: '2.1',
|
|
80
|
+
name: 'Explicit Capability Grants',
|
|
81
|
+
category: 'Capability & Authorization',
|
|
82
|
+
level: 'L1',
|
|
83
|
+
scored: true,
|
|
84
|
+
description: 'Agent capabilities must be explicitly granted, not implicitly assumed',
|
|
85
|
+
checkIds: [], // Forward-looking (AIM)
|
|
86
|
+
verification: 'forward',
|
|
87
|
+
remediation: 'Define agent capabilities in a manifest file. Use AIM capability grants to explicitly declare what the agent can do. Avoid wildcard permissions.',
|
|
88
|
+
helpUrl: 'https://oasb.ai/controls/2.1',
|
|
89
|
+
},
|
|
90
|
+
{
|
|
91
|
+
id: '2.2',
|
|
92
|
+
name: 'Least Privilege Principle',
|
|
93
|
+
category: 'Capability & Authorization',
|
|
94
|
+
level: 'L1',
|
|
95
|
+
scored: true,
|
|
96
|
+
description: 'Agents must operate with minimum necessary permissions',
|
|
97
|
+
checkIds: ['PERM-001', 'PERM-002'],
|
|
98
|
+
verification: 'automated',
|
|
99
|
+
},
|
|
100
|
+
{
|
|
101
|
+
id: '2.3',
|
|
102
|
+
name: 'Capability Boundaries',
|
|
103
|
+
category: 'Capability & Authorization',
|
|
104
|
+
level: 'L1',
|
|
105
|
+
scored: true,
|
|
106
|
+
description: 'Agent capabilities must be enforced at runtime',
|
|
107
|
+
checkIds: ['TOOL-001', 'TOOL-002'],
|
|
108
|
+
verification: 'automated',
|
|
109
|
+
},
|
|
110
|
+
{
|
|
111
|
+
id: '2.4',
|
|
112
|
+
name: 'No Implicit Trust Escalation',
|
|
113
|
+
category: 'Capability & Authorization',
|
|
114
|
+
level: 'L2',
|
|
115
|
+
scored: true,
|
|
116
|
+
description: 'Trust must not transitively escalate between agents',
|
|
117
|
+
checkIds: [], // Forward-looking
|
|
118
|
+
verification: 'forward',
|
|
119
|
+
},
|
|
120
|
+
{
|
|
121
|
+
id: '2.5',
|
|
122
|
+
name: 'Human-in-the-Loop for Sensitive Actions',
|
|
123
|
+
category: 'Capability & Authorization',
|
|
124
|
+
level: 'L2',
|
|
125
|
+
scored: true,
|
|
126
|
+
description: 'Sensitive actions must require human confirmation',
|
|
127
|
+
checkIds: ['MCP-003'], // Approval confirmations
|
|
128
|
+
verification: 'automated',
|
|
129
|
+
},
|
|
130
|
+
],
|
|
131
|
+
},
|
|
132
|
+
{
|
|
133
|
+
id: 3,
|
|
134
|
+
name: 'Input Security',
|
|
135
|
+
description: 'How do we protect against malicious input?',
|
|
136
|
+
controls: [
|
|
137
|
+
{
|
|
138
|
+
id: '3.1',
|
|
139
|
+
name: 'Prompt Injection Protection',
|
|
140
|
+
category: 'Input Security',
|
|
141
|
+
level: 'L1',
|
|
142
|
+
scored: true,
|
|
143
|
+
description: 'Agents must be protected against prompt injection attacks',
|
|
144
|
+
checkIds: ['PROMPT-001', 'PROMPT-002'],
|
|
145
|
+
verification: 'automated',
|
|
146
|
+
},
|
|
147
|
+
{
|
|
148
|
+
id: '3.2',
|
|
149
|
+
name: 'Instruction Boundary Enforcement',
|
|
150
|
+
category: 'Input Security',
|
|
151
|
+
level: 'L1',
|
|
152
|
+
scored: true,
|
|
153
|
+
description: 'System instructions must be immutable to user input',
|
|
154
|
+
checkIds: ['PROMPT-001'],
|
|
155
|
+
verification: 'automated',
|
|
156
|
+
},
|
|
157
|
+
{
|
|
158
|
+
id: '3.3',
|
|
159
|
+
name: 'Input Validation',
|
|
160
|
+
category: 'Input Security',
|
|
161
|
+
level: 'L1',
|
|
162
|
+
scored: true,
|
|
163
|
+
description: 'All inputs must be validated before processing',
|
|
164
|
+
checkIds: ['IO-001', 'IO-002'],
|
|
165
|
+
verification: 'automated',
|
|
166
|
+
},
|
|
167
|
+
{
|
|
168
|
+
id: '3.4',
|
|
169
|
+
name: 'URL and Resource Validation',
|
|
170
|
+
category: 'Input Security',
|
|
171
|
+
level: 'L1',
|
|
172
|
+
scored: true,
|
|
173
|
+
description: 'URLs and external resources must be validated before access',
|
|
174
|
+
checkIds: ['SKILL-002', 'NET-001'],
|
|
175
|
+
verification: 'automated',
|
|
176
|
+
},
|
|
177
|
+
{
|
|
178
|
+
id: '3.5',
|
|
179
|
+
name: 'Multi-Modal Input Security',
|
|
180
|
+
category: 'Input Security',
|
|
181
|
+
level: 'L3',
|
|
182
|
+
scored: true,
|
|
183
|
+
description: 'Non-text inputs must be scanned before processing',
|
|
184
|
+
checkIds: [], // Forward-looking
|
|
185
|
+
verification: 'forward',
|
|
186
|
+
},
|
|
187
|
+
],
|
|
188
|
+
},
|
|
189
|
+
{
|
|
190
|
+
id: 4,
|
|
191
|
+
name: 'Output Security',
|
|
192
|
+
description: 'How do we validate agent outputs?',
|
|
193
|
+
controls: [
|
|
194
|
+
{
|
|
195
|
+
id: '4.1',
|
|
196
|
+
name: 'Output Validation',
|
|
197
|
+
category: 'Output Security',
|
|
198
|
+
level: 'L1',
|
|
199
|
+
scored: true,
|
|
200
|
+
description: 'Agent outputs must be validated before execution or delivery',
|
|
201
|
+
checkIds: ['TOOL-001'],
|
|
202
|
+
verification: 'automated',
|
|
203
|
+
},
|
|
204
|
+
{
|
|
205
|
+
id: '4.2',
|
|
206
|
+
name: 'Action Confirmation for Destructive Operations',
|
|
207
|
+
category: 'Output Security',
|
|
208
|
+
level: 'L1',
|
|
209
|
+
scored: true,
|
|
210
|
+
description: 'Destructive or irreversible actions must require confirmation',
|
|
211
|
+
checkIds: ['MCP-003'],
|
|
212
|
+
verification: 'automated',
|
|
213
|
+
},
|
|
214
|
+
{
|
|
215
|
+
id: '4.3',
|
|
216
|
+
name: 'Data Exfiltration Prevention',
|
|
217
|
+
category: 'Output Security',
|
|
218
|
+
level: 'L1',
|
|
219
|
+
scored: true,
|
|
220
|
+
description: 'Agents must not send sensitive data to unauthorized destinations',
|
|
221
|
+
checkIds: ['SKILL-006', 'NET-002'],
|
|
222
|
+
verification: 'automated',
|
|
223
|
+
},
|
|
224
|
+
{
|
|
225
|
+
id: '4.4',
|
|
226
|
+
name: 'Output Attribution',
|
|
227
|
+
category: 'Output Security',
|
|
228
|
+
level: 'L2',
|
|
229
|
+
scored: true,
|
|
230
|
+
description: 'Agent outputs must be attributable to their source',
|
|
231
|
+
checkIds: [], // Forward-looking
|
|
232
|
+
verification: 'forward',
|
|
233
|
+
},
|
|
234
|
+
],
|
|
235
|
+
},
|
|
236
|
+
{
|
|
237
|
+
id: 5,
|
|
238
|
+
name: 'Credential Protection',
|
|
239
|
+
description: 'How do we protect secrets?',
|
|
240
|
+
controls: [
|
|
241
|
+
{
|
|
242
|
+
id: '5.1',
|
|
243
|
+
name: 'No Hardcoded Credentials',
|
|
244
|
+
category: 'Credential Protection',
|
|
245
|
+
level: 'L1',
|
|
246
|
+
scored: true,
|
|
247
|
+
description: 'Credentials must not be hardcoded in configuration, code, or prompts',
|
|
248
|
+
checkIds: ['CRED-001', 'CRED-002', 'CLAUDE-001'],
|
|
249
|
+
verification: 'automated',
|
|
250
|
+
},
|
|
251
|
+
{
|
|
252
|
+
id: '5.2',
|
|
253
|
+
name: 'Context Window Isolation',
|
|
254
|
+
category: 'Credential Protection',
|
|
255
|
+
level: 'L1',
|
|
256
|
+
scored: true,
|
|
257
|
+
description: 'Credentials must not appear in LLM context windows',
|
|
258
|
+
checkIds: ['CRED-001', 'MCP-001'],
|
|
259
|
+
verification: 'automated',
|
|
260
|
+
},
|
|
261
|
+
{
|
|
262
|
+
id: '5.3',
|
|
263
|
+
name: 'Credential Scope Limitation',
|
|
264
|
+
category: 'Credential Protection',
|
|
265
|
+
level: 'L2',
|
|
266
|
+
scored: true,
|
|
267
|
+
description: 'Credentials must be scoped to minimum required access',
|
|
268
|
+
checkIds: [], // Manual verification
|
|
269
|
+
verification: 'manual',
|
|
270
|
+
},
|
|
271
|
+
{
|
|
272
|
+
id: '5.4',
|
|
273
|
+
name: 'Credential Rotation',
|
|
274
|
+
category: 'Credential Protection',
|
|
275
|
+
level: 'L2',
|
|
276
|
+
scored: false, // Not scored - best practice
|
|
277
|
+
description: 'Credentials must be rotated on a defined schedule',
|
|
278
|
+
checkIds: [], // Manual verification
|
|
279
|
+
verification: 'manual',
|
|
280
|
+
},
|
|
281
|
+
{
|
|
282
|
+
id: '5.5',
|
|
283
|
+
name: 'Secrets Not Logged',
|
|
284
|
+
category: 'Credential Protection',
|
|
285
|
+
level: 'L1',
|
|
286
|
+
scored: true,
|
|
287
|
+
description: 'Credentials must not appear in logs',
|
|
288
|
+
checkIds: ['LOG-001'],
|
|
289
|
+
verification: 'automated',
|
|
290
|
+
},
|
|
291
|
+
],
|
|
292
|
+
},
|
|
293
|
+
{
|
|
294
|
+
id: 6,
|
|
295
|
+
name: 'Supply Chain Integrity',
|
|
296
|
+
description: 'How do we trust components?',
|
|
297
|
+
controls: [
|
|
298
|
+
{
|
|
299
|
+
id: '6.1',
|
|
300
|
+
name: 'Verified Component Sources',
|
|
301
|
+
category: 'Supply Chain Integrity',
|
|
302
|
+
level: 'L1',
|
|
303
|
+
scored: true,
|
|
304
|
+
description: 'All agent components must come from verified sources',
|
|
305
|
+
checkIds: ['SKILL-001', 'DEP-001'],
|
|
306
|
+
verification: 'automated',
|
|
307
|
+
},
|
|
308
|
+
{
|
|
309
|
+
id: '6.2',
|
|
310
|
+
name: 'Cryptographic Integrity Verification',
|
|
311
|
+
category: 'Supply Chain Integrity',
|
|
312
|
+
level: 'L1',
|
|
313
|
+
scored: true,
|
|
314
|
+
description: 'Component integrity must be cryptographically verified',
|
|
315
|
+
checkIds: ['SKILL-001', 'HEARTBEAT-003'],
|
|
316
|
+
verification: 'automated',
|
|
317
|
+
},
|
|
318
|
+
{
|
|
319
|
+
id: '6.3',
|
|
320
|
+
name: 'Rug Pull Protection',
|
|
321
|
+
category: 'Supply Chain Integrity',
|
|
322
|
+
level: 'L1',
|
|
323
|
+
scored: true,
|
|
324
|
+
description: 'Remote components must be pinned and monitored for changes',
|
|
325
|
+
checkIds: ['HEARTBEAT-001', 'HEARTBEAT-002', 'SKILL-002'],
|
|
326
|
+
verification: 'automated',
|
|
327
|
+
},
|
|
328
|
+
{
|
|
329
|
+
id: '6.4',
|
|
330
|
+
name: 'Dependency Vulnerability Scanning',
|
|
331
|
+
category: 'Supply Chain Integrity',
|
|
332
|
+
level: 'L1',
|
|
333
|
+
scored: true,
|
|
334
|
+
description: 'Dependencies must be scanned for known vulnerabilities',
|
|
335
|
+
checkIds: ['DEP-001', 'DEP-002'],
|
|
336
|
+
verification: 'automated',
|
|
337
|
+
},
|
|
338
|
+
{
|
|
339
|
+
id: '6.5',
|
|
340
|
+
name: 'Software Bill of Materials',
|
|
341
|
+
category: 'Supply Chain Integrity',
|
|
342
|
+
level: 'L2',
|
|
343
|
+
scored: true,
|
|
344
|
+
description: 'Agents must have a complete Software Bill of Materials (SBOM)',
|
|
345
|
+
checkIds: [], // Forward-looking (ABOM)
|
|
346
|
+
verification: 'forward',
|
|
347
|
+
},
|
|
348
|
+
],
|
|
349
|
+
},
|
|
350
|
+
{
|
|
351
|
+
id: 7,
|
|
352
|
+
name: 'Agent-to-Agent Security',
|
|
353
|
+
description: 'How do agents trust each other?',
|
|
354
|
+
controls: [
|
|
355
|
+
{
|
|
356
|
+
id: '7.1',
|
|
357
|
+
name: 'Mutual Authentication',
|
|
358
|
+
category: 'Agent-to-Agent Security',
|
|
359
|
+
level: 'L2',
|
|
360
|
+
scored: true,
|
|
361
|
+
description: 'Agent-to-agent communication must use mutual authentication',
|
|
362
|
+
checkIds: [], // Forward-looking (A2A)
|
|
363
|
+
verification: 'forward',
|
|
364
|
+
},
|
|
365
|
+
{
|
|
366
|
+
id: '7.2',
|
|
367
|
+
name: 'Message Integrity',
|
|
368
|
+
category: 'Agent-to-Agent Security',
|
|
369
|
+
level: 'L2',
|
|
370
|
+
scored: true,
|
|
371
|
+
description: 'Agent-to-agent messages must be integrity-protected',
|
|
372
|
+
checkIds: [], // Forward-looking (A2A)
|
|
373
|
+
verification: 'forward',
|
|
374
|
+
},
|
|
375
|
+
{
|
|
376
|
+
id: '7.3',
|
|
377
|
+
name: 'Trust Boundary Enforcement',
|
|
378
|
+
category: 'Agent-to-Agent Security',
|
|
379
|
+
level: 'L2',
|
|
380
|
+
scored: true,
|
|
381
|
+
description: 'Agents must enforce trust boundaries with other agents',
|
|
382
|
+
checkIds: [], // Forward-looking (A2A)
|
|
383
|
+
verification: 'forward',
|
|
384
|
+
},
|
|
385
|
+
{
|
|
386
|
+
id: '7.4',
|
|
387
|
+
name: 'Communication Logging',
|
|
388
|
+
category: 'Agent-to-Agent Security',
|
|
389
|
+
level: 'L2',
|
|
390
|
+
scored: true,
|
|
391
|
+
description: 'All agent-to-agent communication must be logged',
|
|
392
|
+
checkIds: ['LOG-001', 'AUDIT-001'],
|
|
393
|
+
verification: 'automated',
|
|
394
|
+
},
|
|
395
|
+
],
|
|
396
|
+
},
|
|
397
|
+
{
|
|
398
|
+
id: 8,
|
|
399
|
+
name: 'Memory & Context Integrity',
|
|
400
|
+
description: 'How do we protect agent memory?',
|
|
401
|
+
controls: [
|
|
402
|
+
{
|
|
403
|
+
id: '8.1',
|
|
404
|
+
name: 'Conversation Integrity',
|
|
405
|
+
category: 'Memory & Context Integrity',
|
|
406
|
+
level: 'L2',
|
|
407
|
+
scored: true,
|
|
408
|
+
description: 'Conversation history must be protected from tampering',
|
|
409
|
+
checkIds: [], // Forward-looking
|
|
410
|
+
verification: 'forward',
|
|
411
|
+
},
|
|
412
|
+
{
|
|
413
|
+
id: '8.2',
|
|
414
|
+
name: 'Context Injection Protection',
|
|
415
|
+
category: 'Memory & Context Integrity',
|
|
416
|
+
level: 'L1',
|
|
417
|
+
scored: true,
|
|
418
|
+
description: 'Agents must detect and reject injected context',
|
|
419
|
+
checkIds: ['PROMPT-001', 'PROMPT-002'],
|
|
420
|
+
verification: 'automated',
|
|
421
|
+
},
|
|
422
|
+
{
|
|
423
|
+
id: '8.3',
|
|
424
|
+
name: 'Memory Isolation',
|
|
425
|
+
category: 'Memory & Context Integrity',
|
|
426
|
+
level: 'L2',
|
|
427
|
+
scored: true,
|
|
428
|
+
description: 'Agent memory must be isolated between sessions and users',
|
|
429
|
+
checkIds: [], // Forward-looking
|
|
430
|
+
verification: 'forward',
|
|
431
|
+
},
|
|
432
|
+
{
|
|
433
|
+
id: '8.4',
|
|
434
|
+
name: 'Summarization Security',
|
|
435
|
+
category: 'Memory & Context Integrity',
|
|
436
|
+
level: 'L3',
|
|
437
|
+
scored: true,
|
|
438
|
+
description: 'Conversation summarization must preserve security properties',
|
|
439
|
+
checkIds: [], // Forward-looking
|
|
440
|
+
verification: 'forward',
|
|
441
|
+
},
|
|
442
|
+
],
|
|
443
|
+
},
|
|
444
|
+
{
|
|
445
|
+
id: 9,
|
|
446
|
+
name: 'Operational Security',
|
|
447
|
+
description: 'How do we run agents safely?',
|
|
448
|
+
controls: [
|
|
449
|
+
{
|
|
450
|
+
id: '9.1',
|
|
451
|
+
name: 'Non-Root Execution',
|
|
452
|
+
category: 'Operational Security',
|
|
453
|
+
level: 'L1',
|
|
454
|
+
scored: true,
|
|
455
|
+
description: 'Agents must not run with root or administrator privileges',
|
|
456
|
+
checkIds: ['DAEMON-001', 'PERM-001'],
|
|
457
|
+
verification: 'automated',
|
|
458
|
+
},
|
|
459
|
+
{
|
|
460
|
+
id: '9.2',
|
|
461
|
+
name: 'Resource Limits',
|
|
462
|
+
category: 'Operational Security',
|
|
463
|
+
level: 'L1',
|
|
464
|
+
scored: true,
|
|
465
|
+
description: 'Agent resource consumption must be limited',
|
|
466
|
+
checkIds: ['RATE-001'],
|
|
467
|
+
verification: 'automated',
|
|
468
|
+
},
|
|
469
|
+
{
|
|
470
|
+
id: '9.3',
|
|
471
|
+
name: 'Network Isolation',
|
|
472
|
+
category: 'Operational Security',
|
|
473
|
+
level: 'L1',
|
|
474
|
+
scored: true,
|
|
475
|
+
description: 'Agent network access must be restricted to required endpoints',
|
|
476
|
+
checkIds: ['NET-001', 'GATEWAY-001'],
|
|
477
|
+
verification: 'automated',
|
|
478
|
+
},
|
|
479
|
+
{
|
|
480
|
+
id: '9.4',
|
|
481
|
+
name: 'Sandboxing',
|
|
482
|
+
category: 'Operational Security',
|
|
483
|
+
level: 'L2',
|
|
484
|
+
scored: true,
|
|
485
|
+
description: 'Agent execution must be sandboxed',
|
|
486
|
+
checkIds: ['SANDBOX-001', 'MCP-002'],
|
|
487
|
+
verification: 'automated',
|
|
488
|
+
},
|
|
489
|
+
{
|
|
490
|
+
id: '9.5',
|
|
491
|
+
name: 'Secure Configuration Defaults',
|
|
492
|
+
category: 'Operational Security',
|
|
493
|
+
level: 'L1',
|
|
494
|
+
scored: true,
|
|
495
|
+
description: 'Agent default configurations must be secure',
|
|
496
|
+
checkIds: ['CONFIG-001', 'MCP-001'],
|
|
497
|
+
verification: 'automated',
|
|
498
|
+
},
|
|
499
|
+
],
|
|
500
|
+
},
|
|
501
|
+
{
|
|
502
|
+
id: 10,
|
|
503
|
+
name: 'Monitoring & Response',
|
|
504
|
+
description: 'How do we detect and respond?',
|
|
505
|
+
controls: [
|
|
506
|
+
{
|
|
507
|
+
id: '10.1',
|
|
508
|
+
name: 'Security Event Logging',
|
|
509
|
+
category: 'Monitoring & Response',
|
|
510
|
+
level: 'L1',
|
|
511
|
+
scored: true,
|
|
512
|
+
description: 'All security-relevant events must be logged',
|
|
513
|
+
checkIds: ['LOG-001', 'AUDIT-001'],
|
|
514
|
+
verification: 'automated',
|
|
515
|
+
},
|
|
516
|
+
{
|
|
517
|
+
id: '10.2',
|
|
518
|
+
name: 'Anomaly Detection',
|
|
519
|
+
category: 'Monitoring & Response',
|
|
520
|
+
level: 'L2',
|
|
521
|
+
scored: true,
|
|
522
|
+
description: 'Agent behavior anomalies must be detected and alerted',
|
|
523
|
+
checkIds: [], // Forward-looking
|
|
524
|
+
verification: 'forward',
|
|
525
|
+
},
|
|
526
|
+
{
|
|
527
|
+
id: '10.3',
|
|
528
|
+
name: 'Kill Switch',
|
|
529
|
+
category: 'Monitoring & Response',
|
|
530
|
+
level: 'L1',
|
|
531
|
+
scored: true,
|
|
532
|
+
description: 'Agents must have an immediate termination capability',
|
|
533
|
+
checkIds: [], // Manual verification
|
|
534
|
+
verification: 'manual',
|
|
535
|
+
},
|
|
536
|
+
{
|
|
537
|
+
id: '10.4',
|
|
538
|
+
name: 'Incident Response Procedures',
|
|
539
|
+
category: 'Monitoring & Response',
|
|
540
|
+
level: 'L2',
|
|
541
|
+
scored: true,
|
|
542
|
+
description: 'Agent incident response procedures must be documented and tested',
|
|
543
|
+
checkIds: [], // Manual verification
|
|
544
|
+
verification: 'manual',
|
|
545
|
+
},
|
|
546
|
+
{
|
|
547
|
+
id: '10.5',
|
|
548
|
+
name: 'Recovery and Rollback',
|
|
549
|
+
category: 'Monitoring & Response',
|
|
550
|
+
level: 'L2',
|
|
551
|
+
scored: true,
|
|
552
|
+
description: 'Agents must support recovery to known-good state',
|
|
553
|
+
checkIds: [], // Manual verification
|
|
554
|
+
verification: 'manual',
|
|
555
|
+
},
|
|
556
|
+
],
|
|
557
|
+
},
|
|
558
|
+
];
|
|
559
|
+
/**
|
|
560
|
+
* Get all controls for a specific level (includes lower levels)
|
|
561
|
+
*/
|
|
562
|
+
function getControlsForLevel(level) {
|
|
563
|
+
const levels = level === 'L1' ? ['L1'] : level === 'L2' ? ['L1', 'L2'] : ['L1', 'L2', 'L3'];
|
|
564
|
+
return exports.OASB_1_CATEGORIES.flatMap((cat) => cat.controls.filter((ctrl) => levels.includes(ctrl.level)));
|
|
565
|
+
}
|
|
566
|
+
/**
|
|
567
|
+
* Get all controls for a specific category
|
|
568
|
+
*/
|
|
569
|
+
function getControlsForCategory(categoryName) {
|
|
570
|
+
const category = exports.OASB_1_CATEGORIES.find((cat) => cat.name.toLowerCase() === categoryName.toLowerCase());
|
|
571
|
+
return category?.controls ?? [];
|
|
572
|
+
}
|
|
573
|
+
/**
|
|
574
|
+
* Get all check IDs that map to OASB-1 controls for a given level
|
|
575
|
+
*/
|
|
576
|
+
function getCheckIdsForLevel(level) {
|
|
577
|
+
const controls = getControlsForLevel(level);
|
|
578
|
+
const checkIds = new Set();
|
|
579
|
+
for (const control of controls) {
|
|
580
|
+
for (const checkId of control.checkIds) {
|
|
581
|
+
checkIds.add(checkId);
|
|
582
|
+
}
|
|
583
|
+
}
|
|
584
|
+
return Array.from(checkIds);
|
|
585
|
+
}
|
|
586
|
+
/**
|
|
587
|
+
* Calculate compliance rating based on percentages
|
|
588
|
+
*/
|
|
589
|
+
function calculateRating(l1Compliance, l2Compliance, l3Compliance, level) {
|
|
590
|
+
if (level === 'L1') {
|
|
591
|
+
if (l1Compliance === 100)
|
|
592
|
+
return 'Certified';
|
|
593
|
+
if (l1Compliance >= 90)
|
|
594
|
+
return 'Passing';
|
|
595
|
+
if (l1Compliance >= 70)
|
|
596
|
+
return 'Needs Improvement';
|
|
597
|
+
return 'Failing';
|
|
598
|
+
}
|
|
599
|
+
if (level === 'L2') {
|
|
600
|
+
if (l1Compliance === 100 && l2Compliance >= 90)
|
|
601
|
+
return 'Compliant';
|
|
602
|
+
if (l1Compliance === 100 && l2Compliance >= 100)
|
|
603
|
+
return 'Certified';
|
|
604
|
+
if (l1Compliance >= 90)
|
|
605
|
+
return 'Passing';
|
|
606
|
+
if (l1Compliance >= 70)
|
|
607
|
+
return 'Needs Improvement';
|
|
608
|
+
return 'Failing';
|
|
609
|
+
}
|
|
610
|
+
// L3
|
|
611
|
+
if (l1Compliance === 100 && l2Compliance === 100 && l3Compliance === 100)
|
|
612
|
+
return 'Certified';
|
|
613
|
+
if (l1Compliance === 100 && l2Compliance >= 90)
|
|
614
|
+
return 'Compliant';
|
|
615
|
+
if (l1Compliance >= 90)
|
|
616
|
+
return 'Passing';
|
|
617
|
+
if (l1Compliance >= 70)
|
|
618
|
+
return 'Needs Improvement';
|
|
619
|
+
return 'Failing';
|
|
620
|
+
}
|
|
621
|
+
exports.OASB_1_VERSION = '1.0.0';
|
|
622
|
+
exports.OASB_1_NAME = 'OASB-1: AI Agent Security Benchmark';
|
|
623
|
+
//# sourceMappingURL=oasb-1.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"oasb-1.js","sourceRoot":"","sources":["../../src/benchmarks/oasb-1.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AA+mBH,kDAOC;AAKD,wDAKC;AAKD,kDASC;AAKD,0CA2BC;AApmBD;;GAEG;AACU,QAAA,iBAAiB,GAAwB;IACpD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,mCAAmC;QAChD,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,8BAA8B;gBACpC,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,uDAAuD;gBACpE,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;gBACvB,WAAW,EAAE,2KAA2K;gBACxL,OAAO,EAAE,8BAA8B;aACxC;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,gEAAgE;gBAC7E,QAAQ,EAAE,EAAE,EAAE,sBAAsB;gBACpC,YAAY,EAAE,QAAQ;gBACtB,WAAW,EAAE,wLAAwL;gBACrM,OAAO,EAAE,8BAA8B;aACxC;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,8DAA8D;gBAC3E,QAAQ,EAAE,EAAE,EAAE,yBAAyB;gBACvC,YAAY,EAAE,SAAS;gBACvB,WAAW,EAAE,2GAA2G;gBACxH,OAAO,EAAE,8BAA8B;aACxC;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,+BAA+B;gBACrC,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,+DAA+D;gBAC5E,QAAQ,EAAE,EAAE,EAAE,sBAAsB;gBACpC,YAAY,EAAE,QAAQ;gBACtB,WAAW,EAAE,oIAAoI;gBACjJ,OAAO,EAAE,8BAA8B;aACxC;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,yBAAyB;QACtC,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,4BAA4B;gBAClC,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,uEAAuE;gBACpF,QAAQ,EAAE,EAAE,EAAE,wBAAwB;gBACtC,YAAY,EAAE,SAAS;gBACvB,WAAW,EAAE,kJAAkJ;gBAC/J,OAAO,EAAE,8BAA8B;aACxC;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,2BAA2B;gBACjC,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,wDAAwD;gBACrE,QAAQ,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC;gBAClC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,uBAAuB;gBAC7B,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,gDAAgD;gBAC7D,QAAQ,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC;gBAClC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,8BAA8B;gBACpC,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,qDAAqD;gBAClE,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;aACxB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,yCAAyC;gBAC/C,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,CAAC,SAAS,CAAC,EAAE,yBAAyB;gBAChD,YAAY,EAAE,WAAW;aAC1B;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,4CAA4C;QACzD,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,6BAA6B;gBACnC,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,2DAA2D;gBACxE,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;gBACtC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,kCAAkC;gBACxC,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,qDAAqD;gBAClE,QAAQ,EAAE,CAAC,YAAY,CAAC;gBACxB,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,gDAAgD;gBAC7D,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;gBAC9B,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,6BAA6B;gBACnC,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,6DAA6D;gBAC1E,QAAQ,EAAE,CAAC,WAAW,EAAE,SAAS,CAAC;gBAClC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,4BAA4B;gBAClC,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;aACxB;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,mCAAmC;QAChD,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,8DAA8D;gBAC3E,QAAQ,EAAE,CAAC,UAAU,CAAC;gBACtB,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,gDAAgD;gBACtD,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,+DAA+D;gBAC5E,QAAQ,EAAE,CAAC,SAAS,CAAC;gBACrB,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,8BAA8B;gBACpC,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,kEAAkE;gBAC/E,QAAQ,EAAE,CAAC,WAAW,EAAE,SAAS,CAAC;gBAClC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,oDAAoD;gBACjE,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;aACxB;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,4BAA4B;QACzC,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,0BAA0B;gBAChC,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,sEAAsE;gBACnF,QAAQ,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,YAAY,CAAC;gBAChD,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,0BAA0B;gBAChC,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,oDAAoD;gBACjE,QAAQ,EAAE,CAAC,UAAU,EAAE,SAAS,CAAC;gBACjC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,6BAA6B;gBACnC,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,uDAAuD;gBACpE,QAAQ,EAAE,EAAE,EAAE,sBAAsB;gBACpC,YAAY,EAAE,QAAQ;aACvB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,qBAAqB;gBAC3B,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,KAAK,EAAE,6BAA6B;gBAC5C,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,EAAE,EAAE,sBAAsB;gBACpC,YAAY,EAAE,QAAQ;aACvB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,qCAAqC;gBAClD,QAAQ,EAAE,CAAC,SAAS,CAAC;gBACrB,YAAY,EAAE,WAAW;aAC1B;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,6BAA6B;QAC1C,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,4BAA4B;gBAClC,QAAQ,EAAE,wBAAwB;gBAClC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,sDAAsD;gBACnE,QAAQ,EAAE,CAAC,WAAW,EAAE,SAAS,CAAC;gBAClC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,sCAAsC;gBAC5C,QAAQ,EAAE,wBAAwB;gBAClC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,wDAAwD;gBACrE,QAAQ,EAAE,CAAC,WAAW,EAAE,eAAe,CAAC;gBACxC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,qBAAqB;gBAC3B,QAAQ,EAAE,wBAAwB;gBAClC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,4DAA4D;gBACzE,QAAQ,EAAE,CAAC,eAAe,EAAE,eAAe,EAAE,WAAW,CAAC;gBACzD,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,mCAAmC;gBACzC,QAAQ,EAAE,wBAAwB;gBAClC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,wDAAwD;gBACrE,QAAQ,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;gBAChC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,4BAA4B;gBAClC,QAAQ,EAAE,wBAAwB;gBAClC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,+DAA+D;gBAC5E,QAAQ,EAAE,EAAE,EAAE,yBAAyB;gBACvC,YAAY,EAAE,SAAS;aACxB;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,iCAAiC;QAC9C,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,uBAAuB;gBAC7B,QAAQ,EAAE,yBAAyB;gBACnC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,6DAA6D;gBAC1E,QAAQ,EAAE,EAAE,EAAE,wBAAwB;gBACtC,YAAY,EAAE,SAAS;aACxB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,yBAAyB;gBACnC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,qDAAqD;gBAClE,QAAQ,EAAE,EAAE,EAAE,wBAAwB;gBACtC,YAAY,EAAE,SAAS;aACxB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,4BAA4B;gBAClC,QAAQ,EAAE,yBAAyB;gBACnC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,wDAAwD;gBACrE,QAAQ,EAAE,EAAE,EAAE,wBAAwB;gBACtC,YAAY,EAAE,SAAS;aACxB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,uBAAuB;gBAC7B,QAAQ,EAAE,yBAAyB;gBACnC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,CAAC,SAAS,EAAE,WAAW,CAAC;gBAClC,YAAY,EAAE,WAAW;aAC1B;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,iCAAiC;QAC9C,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,uDAAuD;gBACpE,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;aACxB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,8BAA8B;gBACpC,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,gDAAgD;gBAC7D,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;gBACtC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,0DAA0D;gBACvE,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;aACxB;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,4BAA4B;gBACtC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,8DAA8D;gBAC3E,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;aACxB;SACF;KACF;IACD;QACE,EAAE,EAAE,CAAC;QACL,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,sBAAsB;gBAChC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,2DAA2D;gBACxE,QAAQ,EAAE,CAAC,YAAY,EAAE,UAAU,CAAC;gBACpC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,sBAAsB;gBAChC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,CAAC,UAAU,CAAC;gBACtB,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,sBAAsB;gBAChC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,+DAA+D;gBAC5E,QAAQ,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;gBACpC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,sBAAsB;gBAChC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,CAAC,aAAa,EAAE,SAAS,CAAC;gBACpC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,KAAK;gBACT,IAAI,EAAE,+BAA+B;gBACrC,QAAQ,EAAE,sBAAsB;gBAChC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,6CAA6C;gBAC1D,QAAQ,EAAE,CAAC,YAAY,EAAE,SAAS,CAAC;gBACnC,YAAY,EAAE,WAAW;aAC1B;SACF;KACF;IACD;QACE,EAAE,EAAE,EAAE;QACN,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,+BAA+B;QAC5C,QAAQ,EAAE;YACR;gBACE,EAAE,EAAE,MAAM;gBACV,IAAI,EAAE,wBAAwB;gBAC9B,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,6CAA6C;gBAC1D,QAAQ,EAAE,CAAC,SAAS,EAAE,WAAW,CAAC;gBAClC,YAAY,EAAE,WAAW;aAC1B;YACD;gBACE,EAAE,EAAE,MAAM;gBACV,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,uDAAuD;gBACpE,QAAQ,EAAE,EAAE,EAAE,kBAAkB;gBAChC,YAAY,EAAE,SAAS;aACxB;YACD;gBACE,EAAE,EAAE,MAAM;gBACV,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,sDAAsD;gBACnE,QAAQ,EAAE,EAAE,EAAE,sBAAsB;gBACpC,YAAY,EAAE,QAAQ;aACvB;YACD;gBACE,EAAE,EAAE,MAAM;gBACV,IAAI,EAAE,8BAA8B;gBACpC,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,kEAAkE;gBAC/E,QAAQ,EAAE,EAAE,EAAE,sBAAsB;gBACpC,YAAY,EAAE,QAAQ;aACvB;YACD;gBACE,EAAE,EAAE,MAAM;gBACV,IAAI,EAAE,uBAAuB;gBAC7B,QAAQ,EAAE,uBAAuB;gBACjC,KAAK,EAAE,IAAI;gBACX,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,kDAAkD;gBAC/D,QAAQ,EAAE,EAAE,EAAE,sBAAsB;gBACpC,YAAY,EAAE,QAAQ;aACvB;SACF;KACF;CACF,CAAC;AAEF;;GAEG;AACH,SAAgB,mBAAmB,CAAC,KAAqB;IACvD,MAAM,MAAM,GACV,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAE/E,OAAO,yBAAiB,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE,CACvC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAC3D,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,sBAAsB,CAAC,YAAoB;IACzD,MAAM,QAAQ,GAAG,yBAAiB,CAAC,IAAI,CACrC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,YAAY,CAAC,WAAW,EAAE,CAC/D,CAAC;IACF,OAAO,QAAQ,EAAE,QAAQ,IAAI,EAAE,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,KAAqB;IACvD,MAAM,QAAQ,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IAC5C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IACnC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACvC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAC7B,YAAoB,EACpB,YAAoB,EACpB,YAAoB,EACpB,KAAqB;IAErB,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACnB,IAAI,YAAY,KAAK,GAAG;YAAE,OAAO,WAAW,CAAC;QAC7C,IAAI,YAAY,IAAI,EAAE;YAAE,OAAO,SAAS,CAAC;QACzC,IAAI,YAAY,IAAI,EAAE;YAAE,OAAO,mBAAmB,CAAC;QACnD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACnB,IAAI,YAAY,KAAK,GAAG,IAAI,YAAY,IAAI,EAAE;YAAE,OAAO,WAAW,CAAC;QACnE,IAAI,YAAY,KAAK,GAAG,IAAI,YAAY,IAAI,GAAG;YAAE,OAAO,WAAW,CAAC;QACpE,IAAI,YAAY,IAAI,EAAE;YAAE,OAAO,SAAS,CAAC;QACzC,IAAI,YAAY,IAAI,EAAE;YAAE,OAAO,mBAAmB,CAAC;QACnD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,KAAK;IACL,IAAI,YAAY,KAAK,GAAG,IAAI,YAAY,KAAK,GAAG,IAAI,YAAY,KAAK,GAAG;QAAE,OAAO,WAAW,CAAC;IAC7F,IAAI,YAAY,KAAK,GAAG,IAAI,YAAY,IAAI,EAAE;QAAE,OAAO,WAAW,CAAC;IACnE,IAAI,YAAY,IAAI,EAAE;QAAE,OAAO,SAAS,CAAC;IACzC,IAAI,YAAY,IAAI,EAAE;QAAE,OAAO,mBAAmB,CAAC;IACnD,OAAO,SAAS,CAAC;AACnB,CAAC;AAEY,QAAA,cAAc,GAAG,OAAO,CAAC;AACzB,QAAA,WAAW,GAAG,qCAAqC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/hardening/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,UAAU,EAA0C,MAAM,kBAAkB,CAAC;AAwD3F,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,0CAA0C;IAC1C,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,0DAA0D;IAC1D,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,wEAAwE;IACxE,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAgHD,qBAAa,gBAAgB;IAE3B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAelC;IAEF;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAMvB,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/hardening/scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,KAAK,EAAE,UAAU,EAA0C,MAAM,kBAAkB,CAAC;AAwD3F,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,0CAA0C;IAC1C,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,0DAA0D;IAC1D,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,wEAAwE;IACxE,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAgHD,qBAAa,gBAAgB;IAE3B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,YAAY,CAelC;IAEF;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAMvB,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;YA0NvC,cAAc;IAsE5B;;OAEG;YACW,iBAAiB;IA+F/B;;OAEG;IACH,OAAO,CAAC,gBAAgB;YAeV,uBAAuB;YAmGvB,aAAa;YAgDb,cAAc;YA+Fd,oBAAoB;YAwDpB,gBAAgB;YA0IhB,oBAAoB;YAgFpB,gBAAgB;YA2IhB,mBAAmB;YA4EnB,iBAAiB;YAyCjB,iBAAiB;YA+DjB,wBAAwB;YA0FxB,wBAAwB;YAmExB,wBAAwB;YAqHxB,oBAAoB;YA+GpB,uBAAuB;YA8HvB,iBAAiB;YA8GjB,oBAAoB;YAuGpB,mBAAmB;YAiGnB,gBAAgB;YAmIhB,oBAAoB;YAoIpB,gBAAgB;YAyHhB,qBAAqB;YA+GrB,eAAe;IAiI7B;;OAEG;YACW,mBAAmB;IA8GjC;;OAEG;YACW,oBAAoB;IAiKlC;;OAEG;YACW,iBAAiB;IA4I/B;;OAEG;YACW,oBAAoB;IAwIlC;;OAEG;YACW,eAAe;IAqJ7B;;OAEG;YACW,eAAe;IAuI7B;;OAEG;YACW,eAAe;IAyG7B;;OAEG;YACW,mBAAmB;IAmHjC,OAAO,CAAC,cAAc;IAsBtB;;OAEG;YACW,YAAY;IAkD1B;;OAEG;IACG,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA6DhD;;;OAGG;YACW,cAAc;IAgD5B;;OAEG;YACW,mBAAmB;IAoUjC;;;OAGG;YACW,kBAAkB;IAgDhC;;OAEG;YACW,sBAAsB;IA2LpC;;OAEG;YACW,sBAAsB;IA+BpC;;OAEG;YACW,oBAAoB;IA0RlC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA4B3B;;OAEG;YACW,iBAAiB;IA8D/B;;OAEG;YACW,mBAAmB;IAmRjC;;OAEG;YACW,wBAAwB;CAsJvC"}
|