hackmyagent 0.11.12 → 0.11.14

package/dist/attack-engine/target-reader.js

@@ -0,0 +1,152 @@
+"use strict";
+/**
+ * Target Reader -- Semantic Vulnerability Surface Extraction
+ *
+ * NanoMind reads the target artifact semantically and extracts:
+ * declared purpose, constraints, capabilities, data access patterns,
+ * governance mechanisms, and a vulnerability surface map.
+ *
+ * The attack surface is derived from the target's own declarations.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.readTarget = readTarget;
+/**
+ * Read a target artifact and extract its semantic vulnerability surface.
+ */
+function readTarget(content, artifactType, name = 'unknown') {
+    const text = content.toLowerCase();
+    // Extract declared purpose (first meaningful paragraph or description)
+    const declaredPurpose = extractPurpose(content);
+    // Extract capabilities from manifests, tool declarations, etc.
+    const capabilities = extractCapabilities(content);
+    // Extract constraints (must/should/never/always patterns)
+    const constraints = extractConstraints(content);
+    // Determine governance mechanism
+    const governanceMechanism = detectGovernance(content);
+    // Extract data access patterns
+    const dataAccessPatterns = extractDataAccess(content, capabilities);
+    // Build vulnerability surface from all extracted signals
+    const vulnerabilitySurface = buildVulnerabilitySurface(declaredPurpose, capabilities, constraints, governanceMechanism, dataAccessPatterns, text);
+    return {
+        artifactType,
+        declaredPurpose,
+        capabilities,
+        constraints,
+        governanceMechanism,
+        dataAccessPatterns,
+        vulnerabilitySurface,
+    };
+}
+function extractPurpose(content) {
+    // Check YAML frontmatter
+    const descMatch = content.match(/description:\s*(.+)/);
+    if (descMatch)
+        return descMatch[1].trim();
+    // Check first heading + paragraph
+    const lines = content.split('\n').filter(l => l.trim().length > 0);
+    for (const line of lines) {
+        if (!line.startsWith('#') && !line.startsWith('-') && !line.startsWith('---') && line.trim().length > 20) {
+            return line.trim().slice(0, 200);
+        }
+    }
+    return 'Unknown purpose';
+}
+function extractCapabilities(content) {
+    const caps = [];
+    // YAML capabilities list
+    const yamlCaps = content.match(/capabilities:\s*\n((?:\s+-\s+.+\n?)*)/);
+    if (yamlCaps) {
+        const items = yamlCaps[1].split('\n')
+            .filter(l => l.trim().startsWith('-'))
+            .map(l => l.replace(/^\s*-\s*/, '').trim());
+        caps.push(...items);
+    }
+    // Tool-use patterns in content
+    const toolPatterns = [
+        /(?:can|will|may)\s+(read|write|delete|update|send|fetch|call|access|query|execute)\s+([a-z_.\s]+)/gi,
+    ];
+    for (const pattern of toolPatterns) {
+        let match;
+        while ((match = pattern.exec(content)) !== null) {
+            caps.push(`${match[1]}.${match[2].trim().split(/\s+/)[0]}`);
+        }
+    }
+    return [...new Set(caps)];
+}
+function extractConstraints(content) {
+    const patterns = /(?:must|should|never|always|cannot|will not|forbidden|shall not|restricted)[^.]+\./gi;
+    const matches = content.match(patterns);
+    return matches ? [...new Set(matches.map(m => m.trim()))] : [];
+}
+function detectGovernance(content) {
+    if (/soul\.md/i.test(content))
+        return 'soul';
+    if (/system.?prompt/i.test(content))
+        return 'system_prompt';
+    if (/runtime.?check|enforcement/i.test(content))
+        return 'runtime_check';
+    return 'none';
+}
+function extractDataAccess(content, capabilities) {
+    const patterns = [];
+    const dataTypes = ['user', 'customer', 'payment', 'session', 'credential', 'email', 'profile', 'ticket', 'order', 'transaction'];
+    for (const dt of dataTypes) {
+        if (content.toLowerCase().includes(dt)) {
+            patterns.push(dt);
+        }
+    }
+    return patterns;
+}
+function buildVulnerabilitySurface(purpose, capabilities, constraints, governance, dataAccess, text) {
+    const surface = [];
+    // Each capability is a potential attack surface
+    for (const cap of capabilities) {
+        if (/write|send|call|execute|delete/i.test(cap)) {
+            surface.push({
+                surface: `Capability: ${cap}`,
+                exploitApproach: `Exploit ${cap} to perform actions outside declared scope`,
+                attackCategory: 'capability_abuse',
+                estimatedSuccess: 0.3,
+            });
+        }
+    }
+    // Each constraint is a potential bypass surface
+    for (const constraint of constraints) {
+        if (/never|must not|forbidden/i.test(constraint)) {
+            surface.push({
+                surface: `Constraint: ${constraint.slice(0, 80)}`,
+                exploitApproach: 'Craft input that satisfies constraint wording while violating intent',
+                attackCategory: 'soul_bypass',
+                estimatedSuccess: 0.4,
+            });
+        }
+    }
+    // Data access creates exfiltration surface
+    if (dataAccess.length > 0) {
+        surface.push({
+            surface: `Data access: ${dataAccess.join(', ')}`,
+            exploitApproach: 'Social engineering using the target\'s own data domain',
+            attackCategory: 'social_engineering',
+            estimatedSuccess: 0.5,
+        });
+        if (dataAccess.some(d => ['credential', 'session', 'payment'].includes(d))) {
+            surface.push({
+                surface: `Sensitive data: ${dataAccess.filter(d => ['credential', 'session', 'payment'].includes(d)).join(', ')}`,
+                exploitApproach: 'Exfiltrate sensitive data via compliance framing',
+                attackCategory: 'data_exfiltration',
+                estimatedSuccess: 0.4,
+            });
+        }
+    }
+    // Weak governance
+    if (governance === 'none') {
+        surface.push({
+            surface: 'No governance mechanism detected',
+            exploitApproach: 'Direct instruction override without governance resistance',
+            attackCategory: 'instruction_override',
+            estimatedSuccess: 0.7,
+        });
+    }
+    return surface;
+}
+//# sourceMappingURL=target-reader.js.map

package/dist/attack-engine/target-reader.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"target-reader.js","sourceRoot":"","sources":["../../src/attack-engine/target-reader.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AAOH,gCAoCC;AAvCD;;GAEG;AACH,SAAgB,UAAU,CACxB,OAAe,EACf,YAAmD,EACnD,OAAe,SAAS;IAExB,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAEnC,uEAAuE;IACvE,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IAEhD,+DAA+D;IAC/D,MAAM,YAAY,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAElD,0DAA0D;IAC1D,MAAM,WAAW,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAEhD,iCAAiC;IACjC,MAAM,mBAAmB,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAEtD,+BAA+B;IAC/B,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;IAEpE,yDAAyD;IACzD,MAAM,oBAAoB,GAAG,yBAAyB,CACpD,eAAe,EAAE,YAAY,EAAE,WAAW,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,IAAI,CAC1F,CAAC;IAEF,OAAO;QACL,YAAY;QACZ,eAAe;QACf,YAAY;QACZ,WAAW;QACX,mBAAmB;QACnB,kBAAkB;QAClB,oBAAoB;KACrB,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,OAAe;IACrC,yBAAyB;IACzB,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACvD,IAAI,SAAS;QAAE,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAE1C,kCAAkC;IAClC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACnE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YACzG,OAAO,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IACD,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe;IAC1C,MAAM,IAAI,GAAa,EAAE,CAAC;IAE1B,yBAAyB;IACzB,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACxE,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC;aAClC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;aACrC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAC9C,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;IACtB,CAAC;IAED,+BAA+B;IAC/B,MAAM,YAAY,GAAG;QACnB,qGAAqG;KACtG,CAAC;IACF,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,IAAI,KAAK,CAAC;QACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAChD,IAAI,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;AAC5B,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAe;IACzC,MAAM,QAAQ,GAAG,sFAAsF,CAAC;IACxG,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACxC,OAAO,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACjE,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAe;IACvC,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,MAAM,CAAC;IAC7C,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,eAAe,CAAC;IAC5D,IAAI,6BAA6B,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,eAAe,CAAC;IACxE,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe,EAAE,YAAsB;IAChE,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,YAAY,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;IAEjI,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;QAC3B,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;YACvC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,yBAAyB,CAChC,OAAe,EACf,YAAsB,EACtB,WAAqB,EACrB,UAAkB,EAClB,UAAoB,EACpB,IAAY;IAEZ,MAAM,OAAO,GAAgC,EAAE,CAAC;IAEhD,gDAAgD;IAChD,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,IAAI,iCAAiC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAChD,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO,EAAE,eAAe,GAAG,EAAE;gBAC7B,eAAe,EAAE,WAAW,GAAG,4CAA4C;gBAC3E,cAAc,EAAE,kBAAkB;gBAClC,gBAAgB,EAAE,GAAG;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,gDAAgD;IAChD,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACrC,IAAI,2BAA2B,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YACjD,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO,EAAE,eAAe,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE;gBACjD,eAAe,EAAE,sEAAsE;gBACvF,cAAc,EAAE,aAAa;gBAC7B,gBAAgB,EAAE,GAAG;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,2CAA2C;IAC3C,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,IAAI,CAAC;YACX,OAAO,EAAE,gBAAgB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAChD,eAAe,EAAE,wDAAwD;YACzE,cAAc,EAAE,oBAAoB;YACpC,gBAAgB,EAAE,GAAG;SACtB,CAAC,CAAC;QAEH,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3E,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO,EAAE,mBAAmB,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,YAAY,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBACjH,eAAe,EAAE,kDAAkD;gBACnE,cAAc,EAAE,mBAAmB;gBACnC,gBAAgB,EAAE,GAAG;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;QAC1B,OAAO,CAAC,IAAI,CAAC;YACX,OAAO,EAAE,kCAAkC;YAC3C,eAAe,EAAE,2DAA2D;YAC5E,cAAc,EAAE,sBAAsB;YACtC,gBAAgB,EAAE,GAAG;SACtB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/attack-engine/training-pipeline.d.ts

@@ -0,0 +1,57 @@
+/**
+ * Automated Training Data Pipeline
+ *
+ * Every HMA scan with --semantic or --simulate flags automatically
+ * generates labeled training data for NanoMind. This closes the
+ * improvement loop: scan -> observe -> label -> train -> improve.
+ *
+ * Training data is written to ~/.opena2a/training-data/ as JSONL files.
+ * The NanoMind training pipeline reads from this directory during
+ * SFT (supervised fine-tuning) stages.
+ */
+import type { AttackSessionResult } from './types.js';
+import type { SimulationResult } from '../simulation/types.js';
+export interface TrainingPair {
+    /** The artifact content that was scanned/attacked */
+    input: string;
+    /** Ground truth label */
+    label: 'malicious' | 'benign' | 'edge_case' | 'defense';
+    /** Attack class (for malicious) or defense mechanism (for defense) */
+    attackClass: string;
+    /** Behavioral evidence from simulation or attack */
+    evidence: string;
+    /** Confidence in the label (0-1) */
+    confidence: number;
+    /** Source of this training pair */
+    source: 'simulation' | 'attack_session' | 'scan';
+    /** When this pair was generated */
+    timestamp: string;
+}
+/**
+ * Initialize the training data directory.
+ */
+export declare function initTrainingPipeline(): void;
+/**
+ * Export simulation results as training data.
+ * CLEAN simulations -> benign labels. MALICIOUS -> malicious labels.
+ */
+export declare function exportSimulationTraining(artifactContent: string, result: SimulationResult): number;
+/**
+ * Export attack session results as training data.
+ * Successful attacks -> malicious behavior. Failed attacks -> defense patterns.
+ */
+export declare function exportAttackTraining(session: AttackSessionResult): number;
+/**
+ * Export a single scan result as training data.
+ * Used by the --semantic flag when NanoMind classifies a finding.
+ */
+export declare function exportScanTraining(artifactContent: string, label: 'malicious' | 'benign', attackClass: string, confidence: number): void;
+/**
+ * Get training data statistics.
+ */
+export declare function getTrainingStats(): {
+    totalPairs: number;
+    corpusPath: string;
+    exists: boolean;
+};
+//# sourceMappingURL=training-pipeline.d.ts.map

package/dist/attack-engine/training-pipeline.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"training-pipeline.d.ts","sourceRoot":"","sources":["../../src/attack-engine/training-pipeline.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAKH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAM/D,MAAM,WAAW,YAAY;IAC3B,qDAAqD;IACrD,KAAK,EAAE,MAAM,CAAC;IACd,yBAAyB;IACzB,KAAK,EAAE,WAAW,GAAG,QAAQ,GAAG,WAAW,GAAG,SAAS,CAAC;IACxD,sEAAsE;IACtE,WAAW,EAAE,MAAM,CAAC;IACpB,oDAAoD;IACpD,QAAQ,EAAE,MAAM,CAAC;IACjB,oCAAoC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,mCAAmC;IACnC,MAAM,EAAE,YAAY,GAAG,gBAAgB,GAAG,MAAM,CAAC;IACjD,mCAAmC;IACnC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,IAAI,CAW3C;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CACtC,eAAe,EAAE,MAAM,EACvB,MAAM,EAAE,gBAAgB,GACvB,MAAM,CA+BR;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,mBAAmB,GAAG,MAAM,CA+BzE;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,eAAe,EAAE,MAAM,EACvB,KAAK,EAAE,WAAW,GAAG,QAAQ,EAC7B,WAAW,EAAE,MAAM,EACnB,UAAU,EAAE,MAAM,GACjB,IAAI,CAYN;AASD;;GAEG;AACH,wBAAgB,gBAAgB,IAAI;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,OAAO,CAAC;CACjB,CAYA"}

package/dist/attack-engine/training-pipeline.js

@@ -0,0 +1,146 @@
+"use strict";
+/**
+ * Automated Training Data Pipeline
+ *
+ * Every HMA scan with --semantic or --simulate flags automatically
+ * generates labeled training data for NanoMind. This closes the
+ * improvement loop: scan -> observe -> label -> train -> improve.
+ *
+ * Training data is written to ~/.opena2a/training-data/ as JSONL files.
+ * The NanoMind training pipeline reads from this directory during
+ * SFT (supervised fine-tuning) stages.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initTrainingPipeline = initTrainingPipeline;
+exports.exportSimulationTraining = exportSimulationTraining;
+exports.exportAttackTraining = exportAttackTraining;
+exports.exportScanTraining = exportScanTraining;
+exports.getTrainingStats = getTrainingStats;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+const node_os_1 = require("node:os");
+const TRAINING_DIR = (0, node_path_1.join)((0, node_os_1.homedir)(), '.opena2a', 'training-data');
+const CORPUS_FILE = (0, node_path_1.join)(TRAINING_DIR, 'labeled-pairs.jsonl');
+const MANIFEST_FILE = (0, node_path_1.join)(TRAINING_DIR, 'manifest.json');
+/**
+ * Initialize the training data directory.
+ */
+function initTrainingPipeline() {
+    (0, node_fs_1.mkdirSync)(TRAINING_DIR, { recursive: true });
+    if (!(0, node_fs_1.existsSync)(MANIFEST_FILE)) {
+        (0, node_fs_1.writeFileSync)(MANIFEST_FILE, JSON.stringify({
+            version: '1.0',
+            createdAt: new Date().toISOString(),
+            totalPairs: 0,
+            pairsByLabel: { malicious: 0, benign: 0, edge_case: 0, defense: 0 },
+            pairsBySource: { simulation: 0, attack_session: 0, scan: 0 },
+        }, null, 2));
+    }
+}
+/**
+ * Export simulation results as training data.
+ * CLEAN simulations -> benign labels. MALICIOUS -> malicious labels.
+ */
+function exportSimulationTraining(artifactContent, result) {
+    initTrainingPipeline();
+    let count = 0;
+    if (result.verdict === 'CLEAN') {
+        appendPair({
+            input: artifactContent.slice(0, 4096),
+            label: 'benign',
+            attackClass: 'none',
+            evidence: `All ${result.probeCount} probes passed. Semantic delta: ${result.semanticDelta.toFixed(2)}.`,
+            confidence: result.confidence,
+            source: 'simulation',
+            timestamp: new Date().toISOString(),
+        });
+        count++;
+    }
+    else if (result.verdict === 'MALICIOUS') {
+        for (const probe of result.failedProbes) {
+            appendPair({
+                input: artifactContent.slice(0, 4096),
+                label: 'malicious',
+                attackClass: probe.attackClass,
+                evidence: probe.observedBehavior,
+                confidence: probe.confidence,
+                source: 'simulation',
+                timestamp: new Date().toISOString(),
+            });
+            count++;
+        }
+    }
+    return count;
+}
+/**
+ * Export attack session results as training data.
+ * Successful attacks -> malicious behavior. Failed attacks -> defense patterns.
+ */
+function exportAttackTraining(session) {
+    initTrainingPipeline();
+    let count = 0;
+    for (const result of session.results) {
+        if (result.outcome === 'SUCCESS') {
+            appendPair({
+                input: result.observedBehavior,
+                label: 'malicious',
+                attackClass: result.category,
+                evidence: `Attack succeeded: ${result.payloadId}`,
+                confidence: result.confidence,
+                source: 'attack_session',
+                timestamp: new Date().toISOString(),
+            });
+            count++;
+        }
+        else if (result.outcome === 'FAIL' && result.defenseMechanism) {
+            appendPair({
+                input: result.observedBehavior,
+                label: 'defense',
+                attackClass: result.category,
+                evidence: `Defense held: ${result.defenseMechanism}`,
+                confidence: result.confidence,
+                source: 'attack_session',
+                timestamp: new Date().toISOString(),
+            });
+            count++;
+        }
+    }
+    return count;
+}
+/**
+ * Export a single scan result as training data.
+ * Used by the --semantic flag when NanoMind classifies a finding.
+ */
+function exportScanTraining(artifactContent, label, attackClass, confidence) {
+    initTrainingPipeline();
+    appendPair({
+        input: artifactContent.slice(0, 4096),
+        label,
+        attackClass,
+        evidence: `NanoMind semantic classification`,
+        confidence,
+        source: 'scan',
+        timestamp: new Date().toISOString(),
+    });
+}
+/**
+ * Append a training pair to the JSONL corpus file.
+ */
+function appendPair(pair) {
+    (0, node_fs_1.appendFileSync)(CORPUS_FILE, JSON.stringify(pair) + '\n');
+}
+/**
+ * Get training data statistics.
+ */
+function getTrainingStats() {
+    const exists = (0, node_fs_1.existsSync)(CORPUS_FILE);
+    if (!exists) {
+        return { totalPairs: 0, corpusPath: CORPUS_FILE, exists: false };
+    }
+    // Count lines (each line = one training pair)
+    const { readFileSync } = require('node:fs');
+    const content = readFileSync(CORPUS_FILE, 'utf-8');
+    const lines = content.split('\n').filter((l) => l.trim().length > 0);
+    return { totalPairs: lines.length, corpusPath: CORPUS_FILE, exists: true };
+}
+//# sourceMappingURL=training-pipeline.js.map

package/dist/attack-engine/training-pipeline.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"training-pipeline.js","sourceRoot":"","sources":["../../src/attack-engine/training-pipeline.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;AAgCH,oDAWC;AAMD,4DAkCC;AAMD,oDA+BC;AAMD,gDAiBC;AAYD,4CAgBC;AAzKD,qCAA+E;AAC/E,yCAAiC;AACjC,qCAAkC;AAIlC,MAAM,YAAY,GAAG,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;AAClE,MAAM,WAAW,GAAG,IAAA,gBAAI,EAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;AAC9D,MAAM,aAAa,GAAG,IAAA,gBAAI,EAAC,YAAY,EAAE,eAAe,CAAC,CAAC;AAmB1D;;GAEG;AACH,SAAgB,oBAAoB;IAClC,IAAA,mBAAS,EAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7C,IAAI,CAAC,IAAA,oBAAU,EAAC,aAAa,CAAC,EAAE,CAAC;QAC/B,IAAA,uBAAa,EAAC,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC;YAC1C,OAAO,EAAE,KAAK;YACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,UAAU,EAAE,CAAC;YACb,YAAY,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE;YACnE,aAAa,EAAE,EAAE,UAAU,EAAE,CAAC,EAAE,cAAc,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;SAC7D,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,wBAAwB,CACtC,eAAuB,EACvB,MAAwB;IAExB,oBAAoB,EAAE,CAAC;IACvB,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,IAAI,MAAM,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;QAC/B,UAAU,CAAC;YACT,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;YACrC,KAAK,EAAE,QAAQ;YACf,WAAW,EAAE,MAAM;YACnB,QAAQ,EAAE,OAAO,MAAM,CAAC,UAAU,mCAAmC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;YACvG,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,MAAM,EAAE,YAAY;YACpB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC,CAAC;QACH,KAAK,EAAE,CAAC;IACV,CAAC;SAAM,IAAI,MAAM,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;QAC1C,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxC,UAAU,CAAC;gBACT,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;gBACrC,KAAK,EAAE,WAAW;gBAClB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,QAAQ,EAAE,KAAK,CAAC,gBAAgB;gBAChC,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,MAAM,EAAE,YAAY;gBACpB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC;YACH,KAAK,EAAE,CAAC;QACV,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAgB,oBAAoB,CAAC,OAA4B;IAC/D,oBAAoB,EAAE,CAAC;IACvB,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,KAAK,MAAM,MAAM,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACrC,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;YACjC,UAAU,CAAC;gBACT,KAAK,EAAE,MAAM,CAAC,gBAAgB;gBAC9B,KAAK,EAAE,WAAW;gBAClB,WAAW,EAAE,MAAM,CAAC,QAAQ;gBAC5B,QAAQ,EAAE,qBAAqB,MAAM,CAAC,SAAS,EAAE;gBACjD,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,MAAM,EAAE,gBAAgB;gBACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC;YACH,KAAK,EAAE,CAAC;QACV,CAAC;aAAM,IAAI,MAAM,CAAC,OAAO,KAAK,MAAM,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;YAChE,UAAU,CAAC;gBACT,KAAK,EAAE,MAAM,CAAC,gBAAgB;gBAC9B,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,MAAM,CAAC,QAAQ;gBAC5B,QAAQ,EAAE,iBAAiB,MAAM,CAAC,gBAAgB,EAAE;gBACpD,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,MAAM,EAAE,gBAAgB;gBACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC,CAAC,CAAC;YACH,KAAK,EAAE,CAAC;QACV,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAgB,kBAAkB,CAChC,eAAuB,EACvB,KAA6B,EAC7B,WAAmB,EACnB,UAAkB;IAElB,oBAAoB,EAAE,CAAC;IAEvB,UAAU,CAAC;QACT,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC;QACrC,KAAK;QACL,WAAW;QACX,QAAQ,EAAE,kCAAkC;QAC5C,UAAU;QACV,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,IAAkB;IACpC,IAAA,wBAAc,EAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB;IAK9B,MAAM,MAAM,GAAG,IAAA,oBAAU,EAAC,WAAW,CAAC,CAAC;IACvC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IACnE,CAAC;IAED,8CAA8C;IAC9C,MAAM,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAC5C,MAAM,OAAO,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAE7E,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC;AAC7E,CAAC"}

package/dist/attack-engine/types.d.ts

@@ -0,0 +1,133 @@
+/**
+ * HMA Adaptive Attack Engine Types
+ *
+ * NanoMind-powered red team agent that generates target-specific
+ * attack payloads, observes responses, adapts, and iterates.
+ */
+export interface SemanticTargetProfile {
+    /** Artifact type being targeted */
+    artifactType: 'skill' | 'soul' | 'mcp_tool' | 'mcp_server' | 'system_prompt' | 'a2a_card';
+    /** What the target claims to do */
+    declaredPurpose: string;
+    /** Tools and resources the target can access */
+    capabilities: string[];
+    /** How the target phrases its limitations */
+    constraints: string[];
+    /** How governance is enforced */
+    governanceMechanism: string;
+    /** Data types the target regularly touches */
+    dataAccessPatterns: string[];
+    /** Specific vulnerability surface identified by NanoMind */
+    vulnerabilitySurface: VulnerabilitySurfaceEntry[];
+}
+export interface VulnerabilitySurfaceEntry {
+    /** Which aspect of the target is vulnerable */
+    surface: string;
+    /** How the vulnerability could be exploited */
+    exploitApproach: string;
+    /** Which attack category this maps to */
+    attackCategory: AttackCategory;
+    /** Estimated likelihood of success (0-1) */
+    estimatedSuccess: number;
+}
+export type AttackCategory = 'prompt_injection' | 'data_exfiltration' | 'privilege_escalation' | 'social_engineering' | 'instruction_override' | 'memory_poisoning' | 'soul_bypass' | 'indirect_injection' | 'capability_abuse' | 'persistence' | 'semantic_mismatch';
+export interface AdaptivePayload {
+    id: string;
+    category: AttackCategory;
+    /** The actual attack input to inject */
+    input: string;
+    /** Why this payload was generated for this specific target */
+    rationale: string;
+    /** Which vulnerability surface entry this targets */
+    targetsSurface: string;
+    /** Iteration number (1 = first attempt) */
+    iteration: number;
+    /** If iteration > 1, what defense was detected and how this variant adapts */
+    adaptsTo?: string;
+}
+export type AttackOutcome = 'SUCCESS' | 'PARTIAL' | 'FAIL';
+export interface AttackResult {
+    payloadId: string;
+    category: AttackCategory;
+    outcome: AttackOutcome;
+    /** What the target actually did in response */
+    observedBehavior: string;
+    /** Defense mechanism detected (if FAIL) */
+    defenseMechanism?: string;
+    /** How strong the defense is (0-1) */
+    defenseStrength?: number;
+    /** Tool calls observed during the attack */
+    toolCalls: Array<{
+        tool: string;
+        args: Record<string, unknown>;
+    }>;
+    /** Confidence in the outcome classification */
+    confidence: number;
+}
+export interface DefenseMap {
+    /** All defenses discovered during the attack session */
+    defenses: DefenseEntry[];
+    /** Overall resilience score (0-1, 1 = all attacks blocked) */
+    resilienceScore: number;
+    /** Categories where defenses held */
+    strongCategories: AttackCategory[];
+    /** Categories where defenses failed */
+    weakCategories: AttackCategory[];
+}
+export interface DefenseEntry {
+    mechanism: string;
+    category: AttackCategory;
+    strength: number;
+    bypassAttempts: number;
+    bypassSuccesses: number;
+    /** What the target did to enforce this defense */
+    enforcement: string;
+}
+export interface AttackSessionResult {
+    /** Target profile that was attacked */
+    target: SemanticTargetProfile;
+    /** All attack results across all iterations */
+    results: AttackResult[];
+    /** Total payloads generated */
+    totalPayloads: number;
+    /** Total successful attacks */
+    successCount: number;
+    /** Total partial successes */
+    partialCount: number;
+    /** Defense map discovered */
+    defenseMap: DefenseMap;
+    /** Duration of the full attack session */
+    durationMs: number;
+    /** Vulnerabilities found with specific remediation */
+    vulnerabilities: VulnerabilityFinding[];
+}
+export interface VulnerabilityFinding {
+    category: AttackCategory;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+    title: string;
+    description: string;
+    /** The exact attack input that triggered it */
+    triggerInput: string;
+    /** What defense was bypassed */
+    defenseBypass: string;
+    /** Specific fix (not generic) */
+    remediation: string;
+    /** Confidence based on reproduction count */
+    confidence: number;
+    /** How many attack iterations confirmed this */
+    reproductions: number;
+}
+export interface AttackEngineConfig {
+    /** Max iterations per attack category (default: 5) */
+    maxIterations: number;
+    /** Max total payloads per session (default: 50) */
+    maxPayloads: number;
+    /** Timeout per individual attack in ms (default: 5000) */
+    attackTimeoutMs: number;
+    /** Which attack categories to run (default: all 11) */
+    categories: AttackCategory[];
+    /** LLM provider for payload generation */
+    llmProvider: 'nanomind-daemon' | 'anthropic' | 'ollama';
+}
+export declare const DEFAULT_ATTACK_CONFIG: AttackEngineConfig;
+//# sourceMappingURL=types.d.ts.map

package/dist/attack-engine/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/attack-engine/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,WAAW,qBAAqB;IACpC,mCAAmC;IACnC,YAAY,EAAE,OAAO,GAAG,MAAM,GAAG,UAAU,GAAG,YAAY,GAAG,eAAe,GAAG,UAAU,CAAC;IAC1F,mCAAmC;IACnC,eAAe,EAAE,MAAM,CAAC;IACxB,gDAAgD;IAChD,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,6CAA6C;IAC7C,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,iCAAiC;IACjC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,8CAA8C;IAC9C,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,4DAA4D;IAC5D,oBAAoB,EAAE,yBAAyB,EAAE,CAAC;CACnD;AAED,MAAM,WAAW,yBAAyB;IACxC,+CAA+C;IAC/C,OAAO,EAAE,MAAM,CAAC;IAChB,+CAA+C;IAC/C,eAAe,EAAE,MAAM,CAAC;IACxB,yCAAyC;IACzC,cAAc,EAAE,cAAc,CAAC;IAC/B,4CAA4C;IAC5C,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAMD,MAAM,MAAM,cAAc,GACtB,kBAAkB,GAClB,mBAAmB,GACnB,sBAAsB,GACtB,oBAAoB,GACpB,sBAAsB,GACtB,kBAAkB,GAClB,aAAa,GACb,oBAAoB,GACpB,kBAAkB,GAClB,aAAa,GACb,mBAAmB,CAAC;AAMxB,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,cAAc,CAAC;IACzB,wCAAwC;IACxC,KAAK,EAAE,MAAM,CAAC;IACd,8DAA8D;IAC9D,SAAS,EAAE,MAAM,CAAC;IAClB,qDAAqD;IACrD,cAAc,EAAE,MAAM,CAAC;IACvB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,8EAA8E;IAC9E,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAMD,MAAM,MAAM,aAAa,GAAG,SAAS,GAAG,SAAS,GAAG,MAAM,CAAC;AAE3D,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,aAAa,CAAC;IACvB,+CAA+C;IAC/C,gBAAgB,EAAE,MAAM,CAAC;IACzB,2CAA2C;IAC3C,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,sCAAsC;IACtC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,4CAA4C;IAC5C,SAAS,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC,CAAC;IAClE,+CAA+C;IAC/C,UAAU,EAAE,MAAM,CAAC;CACpB;AAMD,MAAM,WAAW,UAAU;IACzB,wDAAwD;IACxD,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzB,8DAA8D;IAC9D,eAAe,EAAE,MAAM,CAAC;IACxB,qCAAqC;IACrC,gBAAgB,EAAE,cAAc,EAAE,CAAC;IACnC,uCAAuC;IACvC,cAAc,EAAE,cAAc,EAAE,CAAC;CAClC;AAED,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,kDAAkD;IAClD,WAAW,EAAE,MAAM,CAAC;CACrB;AAMD,MAAM,WAAW,mBAAmB;IAClC,uCAAuC;IACvC,MAAM,EAAE,qBAAqB,CAAC;IAC9B,+CAA+C;IAC/C,OAAO,EAAE,YAAY,EAAE,CAAC;IACxB,+BAA+B;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,8BAA8B;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,6BAA6B;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,eAAe,EAAE,oBAAoB,EAAE,CAAC;CACzC;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,YAAY,EAAE,MAAM,CAAC;IACrB,gCAAgC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,6CAA6C;IAC7C,UAAU,EAAE,MAAM,CAAC;IACnB,gDAAgD;IAChD,aAAa,EAAE,MAAM,CAAC;CACvB;AAMD,MAAM,WAAW,kBAAkB;IACjC,sDAAsD;IACtD,aAAa,EAAE,MAAM,CAAC;IACtB,mDAAmD;IACnD,WAAW,EAAE,MAAM,CAAC;IACpB,0DAA0D;IAC1D,eAAe,EAAE,MAAM,CAAC;IACxB,uDAAuD;IACvD,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,0CAA0C;IAC1C,WAAW,EAAE,iBAAiB,GAAG,WAAW,GAAG,QAAQ,CAAC;CACzD;AAED,eAAO,MAAM,qBAAqB,EAAE,kBAWnC,CAAC"}

package/dist/attack-engine/types.js

@@ -0,0 +1,22 @@
+"use strict";
+/**
+ * HMA Adaptive Attack Engine Types
+ *
+ * NanoMind-powered red team agent that generates target-specific
+ * attack payloads, observes responses, adapts, and iterates.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_ATTACK_CONFIG = void 0;
+exports.DEFAULT_ATTACK_CONFIG = {
+    maxIterations: 5,
+    maxPayloads: 50,
+    attackTimeoutMs: 5000,
+    categories: [
+        'prompt_injection', 'data_exfiltration', 'privilege_escalation',
+        'social_engineering', 'instruction_override', 'memory_poisoning',
+        'soul_bypass', 'indirect_injection', 'capability_abuse',
+        'persistence', 'semantic_mismatch',
+    ],
+    llmProvider: 'nanomind-daemon',
+};
+//# sourceMappingURL=types.js.map

package/dist/attack-engine/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/attack-engine/types.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AA8KU,QAAA,qBAAqB,GAAuB;IACvD,aAAa,EAAE,CAAC;IAChB,WAAW,EAAE,EAAE;IACf,eAAe,EAAE,IAAI;IACrB,UAAU,EAAE;QACV,kBAAkB,EAAE,mBAAmB,EAAE,sBAAsB;QAC/D,oBAAoB,EAAE,sBAAsB,EAAE,kBAAkB;QAChE,aAAa,EAAE,oBAAoB,EAAE,kBAAkB;QACvD,aAAa,EAAE,mBAAmB;KACnC;IACD,WAAW,EAAE,iBAAiB;CAC/B,CAAC"}