npm - hackmyagent-core - Versions diffs - 0.3.1 → 0.3.3 - Mend

hackmyagent-core 0.3.1 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md +19 -14
package/dist/benchmarks/index.d.ts +1 -1
package/dist/benchmarks/index.js +1 -1
package/dist/benchmarks/oasb-1.d.ts +24 -7
package/dist/benchmarks/oasb-1.d.ts.map +1 -1
package/dist/benchmarks/oasb-1.js +582 -81
package/dist/benchmarks/oasb-1.js.map +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -17,7 +17,7 @@ npx hackmyagent secure                      # harden your agent setup (100 check
 npx hackmyagent secure --fix                # auto-fix security issues
 npx hackmyagent scan example.com            # scan for exposed infrastructure
 npx hackmyagent attack --local              # red team with 55 attack payloads
-npx hackmyagent benchmark --benchmark oasb-1  # run OASB-1 security benchmark
+npx hackmyagent secure --benchmark oasb-1   # run OASB-1 security benchmark
 ```
 ## Two Ways to Scan
@@ -38,7 +38,7 @@ AI agents are powerful but introduce new attack surfaces. Skills can be maliciou
 ## Installation
 ```bash
-# Use directly with npx (no install needed)
+# Use directly with npx
 npx hackmyagent secure
 # Or install globally
@@ -191,25 +191,30 @@ hackmyagent attack --local --verbose
 - 50-69: HIGH - Significant vulnerabilities, action required
 - 70-100: CRITICAL - Severe vulnerabilities, immediate action needed
-### `hackmyagent benchmark`
+### `hackmyagent secure --benchmark`
-Run the OASB-1 (OpenA2A Security Benchmark) against your agent configuration.
+Run the OASB-1 (Open Agent Security Benchmark) against your agent configuration.
 ```bash
-# Run benchmark
-hackmyagent benchmark --benchmark oasb-1
+# Run benchmark (L1 by default)
+hackmyagent secure --benchmark oasb-1
 # Target specific directory
-hackmyagent benchmark --benchmark oasb-1 ./my-project
+hackmyagent secure ./my-project --benchmark oasb-1
+# Different maturity levels
+hackmyagent secure -b oasb-1 -l L1    # Essential (baseline)
+hackmyagent secure -b oasb-1 -l L2    # Standard
+hackmyagent secure -b oasb-1 -l L3    # Hardened
 # Output formats
-hackmyagent benchmark --benchmark oasb-1 -f json
-hackmyagent benchmark --benchmark oasb-1 -f sarif -o results.sarif
-hackmyagent benchmark --benchmark oasb-1 -f html -o report.html
-hackmyagent benchmark --benchmark oasb-1 -f asp -o profile.asp.json
+hackmyagent secure -b oasb-1 -f json
+hackmyagent secure -b oasb-1 -f sarif -o results.sarif
+hackmyagent secure -b oasb-1 -f html -o report.html
+hackmyagent secure -b oasb-1 -f asp -o profile.asp.json
 # CI/CD with fail threshold
-hackmyagent benchmark --benchmark oasb-1 --fail-below 70
+hackmyagent secure -b oasb-1 --fail-below 70
 ```
 **Output Formats:**
@@ -322,7 +327,7 @@ jobs:
         with:
           node-version: '20'
       - name: Run OASB-1 benchmark
-        run: npx hackmyagent benchmark --benchmark oasb-1 --fail-below 70
+        run: npx hackmyagent secure -b oasb-1 --fail-below 70
 ```
 ### Pre-commit Hook
@@ -406,7 +411,7 @@ Contributions welcome! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
 ```bash
 # Development setup
-git clone https://github.com/ecolibria/hackmyagent.git
+git clone https://github.com/opena2a-org/hackmyagent.git
 cd hackmyagent
 npm install
 npm run build

package/dist/benchmarks/index.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 /**
  * Benchmarks module
- * OASB (OpenA2A Security Benchmark) implementations
+ * OASB (Open Agent Security Benchmark) implementations
  */
 export { OASB_1_CATEGORIES, OASB_1_VERSION, OASB_1_NAME, getControlsForLevel, getControlsForCategory, getCheckIdsForLevel, calculateRating, } from './oasb-1';
 export type { BenchmarkLevel, BenchmarkControl, BenchmarkCategory, BenchmarkResult, BenchmarkCategoryResult, BenchmarkControlResult, } from './oasb-1';

package/dist/benchmarks/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
 "use strict";
 /**
  * Benchmarks module
- * OASB (OpenA2A Security Benchmark) implementations
+ * OASB (Open Agent Security Benchmark) implementations
  */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AVAILABLE_BENCHMARKS = exports.calculateRating = exports.getCheckIdsForLevel = exports.getControlsForCategory = exports.getControlsForLevel = exports.OASB_1_NAME = exports.OASB_1_VERSION = exports.OASB_1_CATEGORIES = void 0;

package/dist/benchmarks/oasb-1.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 /**
- * OASB-1: AI Agent Security Benchmark
+ * OASB-1: Open Agent Security Benchmark
  * Version 1.0.0
  *
  * Maps OASB-1 controls to HackMyAgent check IDs
@@ -11,15 +11,32 @@ export interface BenchmarkControl {
     category: string;
     level: BenchmarkLevel;
     scored: boolean;
+    /** Detailed description of the control requirement */
     description: string;
+    /** Why this control is important - threat context and risk */
+    rationale?: string;
+    /** Step-by-step instructions to verify compliance */
+    audit?: string;
+    /** Step-by-step instructions to implement the control */
+    remediation?: string;
+    /** Potential impact of implementing this control */
+    impact?: string;
+    /** Default value/state in most deployments */
+    defaultValue?: string;
     /** HackMyAgent check IDs that verify this control */
     checkIds: string[];
-    /** Control is automated (🤖), manual (👤), or forward-looking (🔮) */
+    /** Control is automated, manual, or forward-looking */
     verification: 'automated' | 'manual' | 'forward';
-    /** Remediation guidance for this control */
-    remediation?: string;
-    /** URL to detailed documentation */
-    helpUrl?: string;
+    /** External references (OWASP, NIST, etc.) */
+    references?: string[];
+    /** Mapping to compliance frameworks */
+    frameworkMappings?: {
+        cisControls?: string[];
+        nistCsf?: string[];
+        owaspTop10?: string[];
+        iso27001?: string[];
+        soc2?: string[];
+    };
 }
 export interface BenchmarkCategory {
     id: number;
@@ -91,5 +108,5 @@ export declare function getCheckIdsForLevel(level: BenchmarkLevel): string[];
  */
 export declare function calculateRating(l1Compliance: number, l2Compliance: number, l3Compliance: number, level: BenchmarkLevel): BenchmarkResult['rating'];
 export declare const OASB_1_VERSION = "1.0.0";
-export declare const OASB_1_NAME = "OASB-1: AI Agent Security Benchmark";
+export declare const OASB_1_NAME = "OASB-1: Open Agent Security Benchmark";
 //# sourceMappingURL=oasb-1.d.ts.map

package/dist/benchmarks/oasb-1.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"oasb-1.d.ts","sourceRoot":"","sources":["../../src/benchmarks/oasb-1.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,MAAM,cAAc,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;AAEhD,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,cAAc,CAAC;IACtB,MAAM,EAAE,OAAO,CAAC;~~IAChB~~,WAAW,EAAE,MAAM,CAAC;~~IACpB~~,qDAAqD;IACrD,QAAQ,EAAE,MAAM,EAAE,CAAC;~~IACnB~~,~~sEAAsE~~;~~IACtE~~,YAAY,EAAE,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAC;~~IACjD~~,~~4CAA4C~~;~~IAC5C~~,~~WAAW~~,CAAC,EAAE,MAAM,CAAC;~~IACrB~~,~~oCAAoC~~;~~IACpC~~,OAAO,CAAC,EAAE,MAAM,CAAC;~~CAClB~~;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,gBAAgB,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,cAAc,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,oCAAoC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,gDAAgD;IAChD,YAAY,EAAE,MAAM,CAAC;IACrB,iCAAiC;IACjC,MAAM,EAAE,WAAW,GAAG,WAAW,GAAG,SAAS,GAAG,mBAAmB,GAAG,SAAS,CAAC;IAChF,UAAU,EAAE,uBAAuB,EAAE,CAAC;IACtC,6BAA6B;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,2BAA2B;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,2BAA2B;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,0DAA0D;IAC1D,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,sBAAsB,EAAE,CAAC;CACpC;AAED,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,cAAc,CAAC;IACtB,MAAM,EAAE,QAAQ,GAAG,QAAQ,GAAG,YAAY,CAAC;IAC3C,2CAA2C;IAC3C,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,iBAAiB,~~EA6hBhD~~,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,cAAc,GAAG,gBAAgB,EAAE,CAO7E;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,gBAAgB,EAAE,CAK/E;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,cAAc,GAAG,MAAM,EAAE,CASnE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,cAAc,GACpB,eAAe,CAAC,QAAQ,CAAC,CAsB3B;AAED,eAAO,MAAM,cAAc,UAAU,CAAC;AACtC,eAAO,MAAM,WAAW,~~wCAAwC~~,CAAC"}
1	+ {"version":3,"file":"oasb-1.d.ts","sourceRoot":"","sources":["../../src/benchmarks/oasb-1.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,MAAM,cAAc,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;AAEhD,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,cAAc,CAAC;IACtB,MAAM,EAAE,OAAO,CAAC;IAEhB,sDAAsD;IACtD,WAAW,EAAE,MAAM,CAAC;IAEpB,8DAA8D;IAC9D,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,qDAAqD;IACrD,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,yDAAyD;IACzD,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,oDAAoD;IACpD,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,8CAA8C;IAC9C,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,qDAAqD;IACrD,QAAQ,EAAE,MAAM,EAAE,CAAC;IAEnB,uDAAuD;IACvD,YAAY,EAAE,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAC;IAEjD,8CAA8C;IAC9C,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtB,uCAAuC;IACvC,iBAAiB,CAAC,EAAE;QAClB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;QACvB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;QACnB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QACtB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;QACpB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;KACjB,CAAC;CACH;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,gBAAgB,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,cAAc,CAAC;IACtB,SAAS,EAAE,IAAI,CAAC;IAChB,oCAAoC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,YAAY,EAAE,MAAM,CAAC;IACrB,gDAAgD;IAChD,YAAY,EAAE,MAAM,CAAC;IACrB,iCAAiC;IACjC,MAAM,EAAE,WAAW,GAAG,WAAW,GAAG,SAAS,GAAG,mBAAmB,GAAG,SAAS,CAAC;IAChF,UAAU,EAAE,uBAAuB,EAAE,CAAC;IACtC,6BAA6B;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,2BAA2B;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,2BAA2B;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,0DAA0D;IAC1D,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,sBAAsB,EAAE,CAAC;CACpC;AAED,MAAM,WAAW,sBAAsB;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,cAAc,CAAC;IACtB,MAAM,EAAE,QAAQ,GAAG,QAAQ,GAAG,YAAY,CAAC;IAC3C,2CAA2C;IAC3C,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,iBAAiB,EA2sChD,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,cAAc,GAAG,gBAAgB,EAAE,CAO7E;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,gBAAgB,EAAE,CAK/E;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,cAAc,GAAG,MAAM,EAAE,CASnE;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,cAAc,GACpB,eAAe,CAAC,QAAQ,CAAC,CAsB3B;AAED,eAAO,MAAM,cAAc,UAAU,CAAC;AACtC,eAAO,MAAM,WAAW,0CAA0C,CAAC"}