npm - hackmyagent - Versions diffs - 0.11.13 → 0.11.15 - Mend

hackmyagent 0.11.13 → 0.11.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (127) hide show

package/README.md +26 -3
package/dist/attack-engine/feedback-loop.d.ts +36 -0
package/dist/attack-engine/feedback-loop.d.ts.map +1 -0
package/dist/attack-engine/feedback-loop.js +261 -0
package/dist/attack-engine/feedback-loop.js.map +1 -0
package/dist/attack-engine/index.d.ts +13 -0
package/dist/attack-engine/index.d.ts.map +1 -0
package/dist/attack-engine/index.js +21 -0
package/dist/attack-engine/index.js.map +1 -0
package/dist/attack-engine/payload-generator.d.ts +21 -0
package/dist/attack-engine/payload-generator.d.ts.map +1 -0
package/dist/attack-engine/payload-generator.js +210 -0
package/dist/attack-engine/payload-generator.js.map +1 -0
package/dist/attack-engine/target-reader.d.ts +15 -0
package/dist/attack-engine/target-reader.d.ts.map +1 -0
package/dist/attack-engine/target-reader.js +152 -0
package/dist/attack-engine/target-reader.js.map +1 -0
package/dist/attack-engine/training-pipeline.d.ts +57 -0
package/dist/attack-engine/training-pipeline.d.ts.map +1 -0
package/dist/attack-engine/training-pipeline.js +146 -0
package/dist/attack-engine/training-pipeline.js.map +1 -0
package/dist/attack-engine/types.d.ts +133 -0
package/dist/attack-engine/types.d.ts.map +1 -0
package/dist/attack-engine/types.js +22 -0
package/dist/attack-engine/types.js.map +1 -0
package/dist/cli.js +248 -15
package/dist/cli.js.map +1 -1
package/dist/index.d.ts +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +9 -1
package/dist/index.js.map +1 -1
package/dist/nanomind-core/analyzers/capability-analyzer.d.ts +40 -0
package/dist/nanomind-core/analyzers/capability-analyzer.d.ts.map +1 -0
package/dist/nanomind-core/analyzers/capability-analyzer.js +310 -0
package/dist/nanomind-core/analyzers/capability-analyzer.js.map +1 -0
package/dist/nanomind-core/analyzers/code-analyzer.d.ts +21 -0
package/dist/nanomind-core/analyzers/code-analyzer.d.ts.map +1 -0
package/dist/nanomind-core/analyzers/code-analyzer.js +350 -0
package/dist/nanomind-core/analyzers/code-analyzer.js.map +1 -0
package/dist/nanomind-core/analyzers/credential-analyzer.d.ts +20 -0
package/dist/nanomind-core/analyzers/credential-analyzer.d.ts.map +1 -0
package/dist/nanomind-core/analyzers/credential-analyzer.js +317 -0
package/dist/nanomind-core/analyzers/credential-analyzer.js.map +1 -0
package/dist/nanomind-core/analyzers/governance-analyzer.d.ts +22 -0
package/dist/nanomind-core/analyzers/governance-analyzer.d.ts.map +1 -0
package/dist/nanomind-core/analyzers/governance-analyzer.js +393 -0
package/dist/nanomind-core/analyzers/governance-analyzer.js.map +1 -0
package/dist/nanomind-core/analyzers/prompt-analyzer.d.ts +22 -0
package/dist/nanomind-core/analyzers/prompt-analyzer.d.ts.map +1 -0
package/dist/nanomind-core/analyzers/prompt-analyzer.js +486 -0
package/dist/nanomind-core/analyzers/prompt-analyzer.js.map +1 -0
package/dist/nanomind-core/analyzers/scope-analyzer.d.ts +20 -0
package/dist/nanomind-core/analyzers/scope-analyzer.d.ts.map +1 -0
package/dist/nanomind-core/analyzers/scope-analyzer.js +326 -0
package/dist/nanomind-core/analyzers/scope-analyzer.js.map +1 -0
package/dist/nanomind-core/compiler/semantic-compiler.d.ts +41 -0
package/dist/nanomind-core/compiler/semantic-compiler.d.ts.map +1 -0
package/dist/nanomind-core/compiler/semantic-compiler.js +490 -0
package/dist/nanomind-core/compiler/semantic-compiler.js.map +1 -0
package/dist/nanomind-core/index.d.ts +30 -0
package/dist/nanomind-core/index.d.ts.map +1 -0
package/dist/nanomind-core/index.js +45 -0
package/dist/nanomind-core/index.js.map +1 -0
package/dist/nanomind-core/ingestion/artifact-parser.d.ts +48 -0
package/dist/nanomind-core/ingestion/artifact-parser.d.ts.map +1 -0
package/dist/nanomind-core/ingestion/artifact-parser.js +203 -0
package/dist/nanomind-core/ingestion/artifact-parser.js.map +1 -0
package/dist/nanomind-core/ingestion/input-sanitizer.d.ts +49 -0
package/dist/nanomind-core/ingestion/input-sanitizer.d.ts.map +1 -0
package/dist/nanomind-core/ingestion/input-sanitizer.js +80 -0
package/dist/nanomind-core/ingestion/input-sanitizer.js.map +1 -0
package/dist/nanomind-core/scanner-bridge.d.ts +49 -0
package/dist/nanomind-core/scanner-bridge.d.ts.map +1 -0
package/dist/nanomind-core/scanner-bridge.js +317 -0
package/dist/nanomind-core/scanner-bridge.js.map +1 -0
package/dist/nanomind-core/security/defense-in-depth.d.ts +99 -0
package/dist/nanomind-core/security/defense-in-depth.d.ts.map +1 -0
package/dist/nanomind-core/security/defense-in-depth.js +206 -0
package/dist/nanomind-core/security/defense-in-depth.js.map +1 -0
package/dist/nanomind-core/security/integrity-verifier.d.ts +132 -0
package/dist/nanomind-core/security/integrity-verifier.d.ts.map +1 -0
package/dist/nanomind-core/security/integrity-verifier.js +437 -0
package/dist/nanomind-core/security/integrity-verifier.js.map +1 -0
package/dist/nanomind-core/types.d.ts +125 -0
package/dist/nanomind-core/types.d.ts.map +1 -0
package/dist/nanomind-core/types.js +22 -0
package/dist/nanomind-core/types.js.map +1 -0
package/dist/output/asff.d.ts.map +1 -1
package/dist/output/asff.js +2 -1
package/dist/output/asff.js.map +1 -1
package/dist/semantic/index.d.ts +4 -0
package/dist/semantic/index.d.ts.map +1 -1
package/dist/semantic/index.js +13 -1
package/dist/semantic/index.js.map +1 -1
package/dist/semantic/nanomind-analyzer.d.ts +77 -0
package/dist/semantic/nanomind-analyzer.d.ts.map +1 -0
package/dist/semantic/nanomind-analyzer.js +165 -0
package/dist/semantic/nanomind-analyzer.js.map +1 -0
package/dist/semantic/nanomind-enhancer.d.ts +50 -0
package/dist/semantic/nanomind-enhancer.d.ts.map +1 -0
package/dist/semantic/nanomind-enhancer.js +203 -0
package/dist/semantic/nanomind-enhancer.js.map +1 -0
package/dist/simulation/engine.d.ts +69 -0
package/dist/simulation/engine.d.ts.map +1 -0
package/dist/simulation/engine.js +297 -0
package/dist/simulation/engine.js.map +1 -0
package/dist/simulation/index.d.ts +15 -0
package/dist/simulation/index.d.ts.map +1 -0
package/dist/simulation/index.js +31 -0
package/dist/simulation/index.js.map +1 -0
package/dist/simulation/llm-executor.d.ts +58 -0
package/dist/simulation/llm-executor.d.ts.map +1 -0
package/dist/simulation/llm-executor.js +297 -0
package/dist/simulation/llm-executor.js.map +1 -0
package/dist/simulation/mock-tools.d.ts +35 -0
package/dist/simulation/mock-tools.d.ts.map +1 -0
package/dist/simulation/mock-tools.js +181 -0
package/dist/simulation/mock-tools.js.map +1 -0
package/dist/simulation/probes.d.ts +17 -0
package/dist/simulation/probes.d.ts.map +1 -0
package/dist/simulation/probes.js +295 -0
package/dist/simulation/probes.js.map +1 -0
package/dist/simulation/types.d.ts +79 -0
package/dist/simulation/types.d.ts.map +1 -0
package/dist/simulation/types.js +25 -0
package/dist/simulation/types.js.map +1 -0
package/package.json +1 -1

package/dist/attack-engine/types.d.ts ADDED Viewed

@@ -0,0 +1,133 @@
+/**
+ * HMA Adaptive Attack Engine Types
+ *
+ * NanoMind-powered red team agent that generates target-specific
+ * attack payloads, observes responses, adapts, and iterates.
+ */
+export interface SemanticTargetProfile {
+    /** Artifact type being targeted */
+    artifactType: 'skill' | 'soul' | 'mcp_tool' | 'mcp_server' | 'system_prompt' | 'a2a_card';
+    /** What the target claims to do */
+    declaredPurpose: string;
+    /** Tools and resources the target can access */
+    capabilities: string[];
+    /** How the target phrases its limitations */
+    constraints: string[];
+    /** How governance is enforced */
+    governanceMechanism: string;
+    /** Data types the target regularly touches */
+    dataAccessPatterns: string[];
+    /** Specific vulnerability surface identified by NanoMind */
+    vulnerabilitySurface: VulnerabilitySurfaceEntry[];
+}
+export interface VulnerabilitySurfaceEntry {
+    /** Which aspect of the target is vulnerable */
+    surface: string;
+    /** How the vulnerability could be exploited */
+    exploitApproach: string;
+    /** Which attack category this maps to */
+    attackCategory: AttackCategory;
+    /** Estimated likelihood of success (0-1) */
+    estimatedSuccess: number;
+}
+export type AttackCategory = 'prompt_injection' | 'data_exfiltration' | 'privilege_escalation' | 'social_engineering' | 'instruction_override' | 'memory_poisoning' | 'soul_bypass' | 'indirect_injection' | 'capability_abuse' | 'persistence' | 'semantic_mismatch';
+export interface AdaptivePayload {
+    id: string;
+    category: AttackCategory;
+    /** The actual attack input to inject */
+    input: string;
+    /** Why this payload was generated for this specific target */
+    rationale: string;
+    /** Which vulnerability surface entry this targets */
+    targetsSurface: string;
+    /** Iteration number (1 = first attempt) */
+    iteration: number;
+    /** If iteration > 1, what defense was detected and how this variant adapts */
+    adaptsTo?: string;
+}
+export type AttackOutcome = 'SUCCESS' | 'PARTIAL' | 'FAIL';
+export interface AttackResult {
+    payloadId: string;
+    category: AttackCategory;
+    outcome: AttackOutcome;
+    /** What the target actually did in response */
+    observedBehavior: string;
+    /** Defense mechanism detected (if FAIL) */
+    defenseMechanism?: string;
+    /** How strong the defense is (0-1) */
+    defenseStrength?: number;
+    /** Tool calls observed during the attack */
+    toolCalls: Array<{
+        tool: string;
+        args: Record<string, unknown>;
+    }>;
+    /** Confidence in the outcome classification */
+    confidence: number;
+}
+export interface DefenseMap {
+    /** All defenses discovered during the attack session */
+    defenses: DefenseEntry[];
+    /** Overall resilience score (0-1, 1 = all attacks blocked) */
+    resilienceScore: number;
+    /** Categories where defenses held */
+    strongCategories: AttackCategory[];
+    /** Categories where defenses failed */
+    weakCategories: AttackCategory[];
+}
+export interface DefenseEntry {
+    mechanism: string;
+    category: AttackCategory;
+    strength: number;
+    bypassAttempts: number;
+    bypassSuccesses: number;
+    /** What the target did to enforce this defense */
+    enforcement: string;
+}
+export interface AttackSessionResult {
+    /** Target profile that was attacked */
+    target: SemanticTargetProfile;
+    /** All attack results across all iterations */
+    results: AttackResult[];
+    /** Total payloads generated */
+    totalPayloads: number;
+    /** Total successful attacks */
+    successCount: number;
+    /** Total partial successes */
+    partialCount: number;
+    /** Defense map discovered */
+    defenseMap: DefenseMap;
+    /** Duration of the full attack session */
+    durationMs: number;
+    /** Vulnerabilities found with specific remediation */
+    vulnerabilities: VulnerabilityFinding[];
+}
+export interface VulnerabilityFinding {
+    category: AttackCategory;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+    title: string;
+    description: string;
+    /** The exact attack input that triggered it */
+    triggerInput: string;
+    /** What defense was bypassed */
+    defenseBypass: string;
+    /** Specific fix (not generic) */
+    remediation: string;
+    /** Confidence based on reproduction count */
+    confidence: number;
+    /** How many attack iterations confirmed this */
+    reproductions: number;
+}
+export interface AttackEngineConfig {
+    /** Max iterations per attack category (default: 5) */
+    maxIterations: number;
+    /** Max total payloads per session (default: 50) */
+    maxPayloads: number;
+    /** Timeout per individual attack in ms (default: 5000) */
+    attackTimeoutMs: number;
+    /** Which attack categories to run (default: all 11) */
+    categories: AttackCategory[];
+    /** LLM provider for payload generation */
+    llmProvider: 'nanomind-daemon' | 'anthropic' | 'ollama';
+}
+export declare const DEFAULT_ATTACK_CONFIG: AttackEngineConfig;
+//# sourceMappingURL=types.d.ts.map

package/dist/attack-engine/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/attack-engine/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,WAAW,qBAAqB;IACpC,mCAAmC;IACnC,YAAY,EAAE,OAAO,GAAG,MAAM,GAAG,UAAU,GAAG,YAAY,GAAG,eAAe,GAAG,UAAU,CAAC;IAC1F,mCAAmC;IACnC,eAAe,EAAE,MAAM,CAAC;IACxB,gDAAgD;IAChD,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,6CAA6C;IAC7C,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,iCAAiC;IACjC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,8CAA8C;IAC9C,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,4DAA4D;IAC5D,oBAAoB,EAAE,yBAAyB,EAAE,CAAC;CACnD;AAED,MAAM,WAAW,yBAAyB;IACxC,+CAA+C;IAC/C,OAAO,EAAE,MAAM,CAAC;IAChB,+CAA+C;IAC/C,eAAe,EAAE,MAAM,CAAC;IACxB,yCAAyC;IACzC,cAAc,EAAE,cAAc,CAAC;IAC/B,4CAA4C;IAC5C,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAMD,MAAM,MAAM,cAAc,GACtB,kBAAkB,GAClB,mBAAmB,GACnB,sBAAsB,GACtB,oBAAoB,GACpB,sBAAsB,GACtB,kBAAkB,GAClB,aAAa,GACb,oBAAoB,GACpB,kBAAkB,GAClB,aAAa,GACb,mBAAmB,CAAC;AAMxB,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,cAAc,CAAC;IACzB,wCAAwC;IACxC,KAAK,EAAE,MAAM,CAAC;IACd,8DAA8D;IAC9D,SAAS,EAAE,MAAM,CAAC;IAClB,qDAAqD;IACrD,cAAc,EAAE,MAAM,CAAC;IACvB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,8EAA8E;IAC9E,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAMD,MAAM,MAAM,aAAa,GAAG,SAAS,GAAG,SAAS,GAAG,MAAM,CAAC;AAE3D,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,cAAc,CAAC;IACzB,OAAO,EAAE,aAAa,CAAC;IACvB,+CAA+C;IAC/C,gBAAgB,EAAE,MAAM,CAAC;IACzB,2CAA2C;IAC3C,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,sCAAsC;IACtC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,4CAA4C;IAC5C,SAAS,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC,CAAC;IAClE,+CAA+C;IAC/C,UAAU,EAAE,MAAM,CAAC;CACpB;AAMD,MAAM,WAAW,UAAU;IACzB,wDAAwD;IACxD,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzB,8DAA8D;IAC9D,eAAe,EAAE,MAAM,CAAC;IACxB,qCAAqC;IACrC,gBAAgB,EAAE,cAAc,EAAE,CAAC;IACnC,uCAAuC;IACvC,cAAc,EAAE,cAAc,EAAE,CAAC;CAClC;AAED,MAAM,WAAW,YAAY;IAC3B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,kDAAkD;IAClD,WAAW,EAAE,MAAM,CAAC;CACrB;AAMD,MAAM,WAAW,mBAAmB;IAClC,uCAAuC;IACvC,MAAM,EAAE,qBAAqB,CAAC;IAC9B,+CAA+C;IAC/C,OAAO,EAAE,YAAY,EAAE,CAAC;IACxB,+BAA+B;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,8BAA8B;IAC9B,YAAY,EAAE,MAAM,CAAC;IACrB,6BAA6B;IAC7B,UAAU,EAAE,UAAU,CAAC;IACvB,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,sDAAsD;IACtD,eAAe,EAAE,oBAAoB,EAAE,CAAC;CACzC;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,YAAY,EAAE,MAAM,CAAC;IACrB,gCAAgC;IAChC,aAAa,EAAE,MAAM,CAAC;IACtB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,6CAA6C;IAC7C,UAAU,EAAE,MAAM,CAAC;IACnB,gDAAgD;IAChD,aAAa,EAAE,MAAM,CAAC;CACvB;AAMD,MAAM,WAAW,kBAAkB;IACjC,sDAAsD;IACtD,aAAa,EAAE,MAAM,CAAC;IACtB,mDAAmD;IACnD,WAAW,EAAE,MAAM,CAAC;IACpB,0DAA0D;IAC1D,eAAe,EAAE,MAAM,CAAC;IACxB,uDAAuD;IACvD,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,0CAA0C;IAC1C,WAAW,EAAE,iBAAiB,GAAG,WAAW,GAAG,QAAQ,CAAC;CACzD;AAED,eAAO,MAAM,qBAAqB,EAAE,kBAWnC,CAAC"}

package/dist/attack-engine/types.js ADDED Viewed

@@ -0,0 +1,22 @@
+"use strict";
+/**
+ * HMA Adaptive Attack Engine Types
+ *
+ * NanoMind-powered red team agent that generates target-specific
+ * attack payloads, observes responses, adapts, and iterates.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_ATTACK_CONFIG = void 0;
+exports.DEFAULT_ATTACK_CONFIG = {
+    maxIterations: 5,
+    maxPayloads: 50,
+    attackTimeoutMs: 5000,
+    categories: [
+        'prompt_injection', 'data_exfiltration', 'privilege_escalation',
+        'social_engineering', 'instruction_override', 'memory_poisoning',
+        'soul_bypass', 'indirect_injection', 'capability_abuse',
+        'persistence', 'semantic_mismatch',
+    ],
+    llmProvider: 'nanomind-daemon',
+};
+//# sourceMappingURL=types.js.map

package/dist/attack-engine/types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/attack-engine/types.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AA8KU,QAAA,qBAAqB,GAAuB;IACvD,aAAa,EAAE,CAAC;IAChB,WAAW,EAAE,EAAE;IACf,eAAe,EAAE,IAAI;IACrB,UAAU,EAAE;QACV,kBAAkB,EAAE,mBAAmB,EAAE,sBAAsB;QAC/D,oBAAoB,EAAE,sBAAsB,EAAE,kBAAkB;QAChE,aAAa,EAAE,oBAAoB,EAAE,kBAAkB;QACvD,aAAa,EAAE,mBAAmB;KACnC;IACD,WAAW,EAAE,iBAAiB;CAC/B,CAAC"}

package/dist/cli.js CHANGED Viewed

@@ -1743,8 +1743,9 @@ Examples:
     .option('-b, --benchmark <name>', 'Run benchmark compliance check (e.g., oasb-1)')
     .option('-l, --level <level>', 'Benchmark level: L1 (Essential), L2 (Standard), L3 (Hardened)', 'L1')
     .option('-c, --category <name>', 'Filter to specific benchmark category')
-    .option('--deep', 'Enable LLM-powered semantic analysis (requires ANTHROPIC_API_KEY)')
-    .option('--scan-depth <depth>', 'CAAT scan depth: quick (config+creds only), standard (default), deep (+ LLM analysis)', 'standard')
+    .option('--deep', 'Maximum analysis: static + NanoMind + behavioral simulation + adaptive attacks (~30s per artifact)')
+    .option('--static-only', 'Disable NanoMind and simulation (static checks only, fast, deterministic)')
+    .option('--scan-depth <depth>', 'CAAT scan depth: quick (config+creds only), standard (default), deep (+ simulation)', 'standard')
     .option('--ci-publish', 'Submit scan results to registry CI endpoint (requires CI_SCAN_HMAC_SECRET env)')
     .option('--publish', 'Push scan results to the OpenA2A Registry')
     .option('--registry-report', 'Post results to OpenA2A Registry')
@@ -1817,17 +1818,41 @@ Examples:
             console.error(`Error: Invalid scan depth '${options.scanDepth}'. Use: ${validDepths.join(', ')}`);
             process.exit(1);
         }
-        // Deep mode: --deep flag OR --scan-depth deep
+        // Analysis mode: smart defaults, minimal flags
+        // Default: static + NanoMind (if daemon available)
+        // --deep: everything (static + NanoMind + simulation + adaptive attacks)
+        // --static-only: just static checks (CI/deterministic)
+        // --ci: implies --static-only
+        const isStaticOnly = options.staticOnly ?? false;
         const isDeep = options.deep ?? (scanDepth === 'deep');
-        const onProgress = isDeep && format === 'text'
+        // Auto-detect NanoMind daemon
+        let nanomindAvailable = false;
+        if (!isStaticOnly && !options.ci) {
+            try {
+                const { isDaemonAvailable } = await Promise.resolve().then(() => __importStar(require('./semantic/nanomind-analyzer.js')));
+                nanomindAvailable = await isDaemonAvailable();
+            }
+            catch { /* daemon not installed */ }
+        }
+        const onProgress = format === 'text'
             ? (msg) => process.stdout.write(msg)
             : undefined;
-        if (isDeep && format === 'text') {
-            if (!process.env.ANTHROPIC_API_KEY) {
-                console.log(`Layer 3: Semantic analysis — skipped (no ANTHROPIC_API_KEY)`);
-                console.log(`  Tip: Add HackMyAgent as an MCP server for free LLM analysis:`);
-                console.log(`  npx ${CLI_PREFIX} init-mcp\n`);
+        // Show analysis mode to user
+        if (format === 'text') {
+            if (isStaticOnly || options.ci) {
+                // Static only -- no extra output
             }
+            else if (nanomindAvailable && isDeep) {
+                console.log(`Analysis: static + NanoMind + behavioral simulation + adaptive attacks\n`);
+            }
+            else if (nanomindAvailable) {
+                console.log(`Analysis: static + NanoMind (enhanced accuracy)\n`);
+            }
+            else if (isDeep) {
+                console.log(`Analysis: static + behavioral simulation\n`);
+                console.log(`  Tip: Install NanoMind for even better results: nanomind-daemon start\n`);
+            }
+            // Default static-only: no message needed, it's the baseline
         }
         if (scanDepth === 'quick' && format === 'text') {
             console.log(`Scan depth: quick (config checks + credential detection only)\n`);
@@ -1845,6 +1870,81 @@ Examples:
             onProgress,
         });
         const scanDurationMs = Date.now() - scanStartMs;
+        // NanoMind Semantic Compiler: AST-based analysis runs alongside static checks
+        // Defense-in-depth: static findings can NEVER be suppressed, only upgraded
+        if (!isStaticOnly && !options.ci) {
+            try {
+                const { runNanoMindScan } = await Promise.resolve().then(() => __importStar(require('./nanomind-core/scanner-bridge.js')));
+                const existingFindings = result.allFindings || result.findings || [];
+                const nmResult = await runNanoMindScan(targetDir, existingFindings);
+                if (format === 'text' && nmResult.astFindings.length > 0) {
+                    const newFindings = nmResult.astFindings.filter(f => !f.passed);
+                    if (newFindings.length > 0) {
+                        process.stdout.write(`\nNanoMind: ${nmResult.compiledArtifacts} artifact(s) compiled, ${newFindings.length} semantic finding(s) added\n`);
+                    }
+                    if (nmResult.integrityStatus !== 'CLEAN') {
+                        process.stdout.write(`  Integrity: ${nmResult.integrityStatus}\n`);
+                    }
+                }
+                // Merge: AST findings ADD to static (never remove)
+                if (result.allFindings) {
+                    result.allFindings = nmResult.mergedFindings;
+                }
+                if (result.findings) {
+                    result.findings = nmResult.mergedFindings.filter((f) => !f.passed);
+                }
+            }
+            catch {
+                // NanoMind unavailable -- static results are still valid
+            }
+        }
+        // Behavioral simulation: auto-runs on --deep, or when NanoMind detects ambiguity
+        if (isDeep && format === 'text') {
+            try {
+                const { SimulationEngine, parseSkillProfile } = await Promise.resolve().then(() => __importStar(require('./simulation/index.js')));
+                const { readFileSync, readdirSync, statSync } = await Promise.resolve().then(() => __importStar(require('node:fs')));
+                const { join } = await Promise.resolve().then(() => __importStar(require('node:path')));
+                // Find skill files in target directory
+                const skillFiles = [];
+                const findSkills = (dir) => {
+                    try {
+                        for (const entry of readdirSync(dir)) {
+                            const fullPath = join(dir, entry);
+                            const stat = statSync(fullPath);
+                            if (stat.isDirectory() && !entry.startsWith('.') && entry !== 'node_modules') {
+                                findSkills(fullPath);
+                            }
+                            else if (entry.endsWith('.md') || entry.endsWith('.yaml') || entry.endsWith('.yml')) {
+                                skillFiles.push(fullPath);
+                            }
+                        }
+                    }
+                    catch { /* skip inaccessible dirs */ }
+                };
+                findSkills(targetDir);
+                if (skillFiles.length === 0) {
+                    process.stdout.write(`\n[Simulation] No skill/SOUL/MCP artifacts found. Simulation skipped.\n\n`);
+                }
+                else {
+                    process.stdout.write(`\n[Simulation] Running behavioral simulation on ${skillFiles.length} artifact(s)...\n`);
+                    const sim = new SimulationEngine({ useLLM: nanomindAvailable });
+                    for (const file of skillFiles.slice(0, 10)) { // Cap at 10 files
+                        const content = readFileSync(file, 'utf-8');
+                        const profile = parseSkillProfile(content, file.split('/').pop() ?? 'unknown');
+                        const simResult = await sim.runLayer3(profile);
+                        const icon = simResult.verdict === 'CLEAN' ? 'PASS' : simResult.verdict === 'SUSPICIOUS' ? 'WARN' : 'FAIL';
+                        process.stdout.write(`  [${icon}] ${file.split('/').pop()} — ${simResult.verdict} (${(simResult.confidence * 100).toFixed(0)}% confidence, ${simResult.failedProbes.length}/${simResult.probeCount} probes failed)\n`);
+                        // Auto-export training data
+                        const { exportSimulationTraining } = await Promise.resolve().then(() => __importStar(require('./attack-engine/training-pipeline.js')));
+                        exportSimulationTraining(content, simResult);
+                    }
+                    process.stdout.write(`[Simulation] Complete.\n\n`);
+                } // end skillFiles.length > 0
+            }
+            catch (err) {
+                process.stdout.write(`[Simulation] Skipped: ${err instanceof Error ? err.message : 'unknown error'}\n\n`);
+            }
+        }
         // OASB-2 composite mode: infrastructure (50%) + governance (50%)
         if (isOasb2) {
             const infraResult = generateBenchmarkReport(result.allFindings || result.findings, level, options.category);
@@ -4412,7 +4512,8 @@ Examples:
     .option('--tier <tier>', 'Override agent tier detection (BASIC, TOOL-USING, AGENTIC, MULTI-AGENT)')
     .option('--profile <profile>', 'Override agent profile (conversational, code-assistant, tool-agent, autonomous, orchestrator, custom)')
     .option('--fail-below <score>', 'Exit 1 if score below threshold (0-100)')
-    .option('--deep', 'Enable LLM semantic analysis for ambiguous controls (requires claude CLI or ANTHROPIC_API_KEY)')
+    .option('--deep', 'Maximum analysis: NanoMind + SOUL governance simulation (~15s)')
+    .option('--static-only', 'Disable NanoMind (static governance checks only)')
     .option('--publish', 'Push scan results to the OpenA2A Registry')
     .option('--registry-url <url>', 'Registry URL (default: REGISTRY_URL env)', validateRegistryUrl(process.env.REGISTRY_URL || 'https://api.oa2a.org'))
     .option('--contribute', 'Share anonymized scan findings with OpenA2A Registry (overrides config)')
@@ -5047,9 +5148,141 @@ program
     writeJsonStdout({ totalChecks: Object.keys(metadata).length, checks: metadata });
 });
 // Show help and exit 0 when no arguments provided
-if (process.argv.length <= 2) {
-    program.outputHelp();
-    process.exit(0);
-}
-program.parse();
+// explain command: NanoMind-powered finding explanation
+program
+    .command('explain')
+    .argument('<findingId>', 'Finding ID to explain (e.g., SKILL-SEMANTIC-007 or CRED-001)')
+    .description('Explain a security finding in plain English using NanoMind')
+    .action(async (findingId) => {
+    console.log(`Explaining finding: ${findingId}\n`);
+    // Try NanoMind daemon first for dynamic explanation
+    const { isDaemonAvailable, explainFinding } = await Promise.resolve().then(() => __importStar(require('./semantic/nanomind-analyzer.js')));
+    const available = await isDaemonAvailable();
+    if (available) {
+        const explanation = await explainFinding(JSON.stringify({ findingId }));
+        if (explanation) {
+            console.log(explanation);
+            return;
+        }
+    }
+    // Fallback: static explanation from check metadata
+    const checkId = findingId.toUpperCase();
+    const staticExplanations = {
+        'CRED-001': 'Hardcoded credential detected. API keys, tokens, or passwords are embedded directly in source code. Replace with environment variable references ($VAR_NAME) and rotate the exposed credential immediately.',
+        'CRED-002': 'OpenAI API key pattern detected (sk-...). Move to environment variable OPENAI_API_KEY.',
+        'CRED-003': 'Anthropic API key pattern detected (sk-ant-...). Move to environment variable ANTHROPIC_API_KEY.',
+        'CRED-004': 'AWS credential pattern detected. Use AWS SDK credential chain or environment variables.',
+        'MCP-001': 'MCP server running without TLS. Agent-to-server communication is unencrypted.',
+        'SKILL-005': 'External endpoint in skill capability declaration. Verify the endpoint is trusted.',
+    };
+    const explanation = staticExplanations[checkId];
+    if (explanation) {
+        console.log(`${checkId}: ${explanation}`);
+    }
+    else {
+        console.log(`No explanation available for ${findingId}.`);
+        if (!available) {
+            console.log(`\nFor dynamic explanations, install NanoMind: npm install -g @nanomind/cli && nanomind-daemon start`);
+        }
+    }
+});
+// red-team command: NanoMind-powered adaptive attack engine
+program
+    .command('red-team')
+    .argument('<target>', 'Path to artifact to red-team (skill, SOUL.md, MCP config, system prompt)')
+    .description('Run adaptive attack session against an artifact. NanoMind generates target-specific attacks, observes responses, adapts, and maps defenses.')
+    .option('--iterations <n>', 'Max attack iterations per category', '5')
+    .option('--json', 'Output results as JSON')
+    .action(async (target, options) => {
+    const { readFileSync } = await Promise.resolve().then(() => __importStar(require('node:fs')));
+    const { runAttackSession, exportTrainingData } = await Promise.resolve().then(() => __importStar(require('./attack-engine/feedback-loop.js')));
+    const { exportAttackTraining } = await Promise.resolve().then(() => __importStar(require('./attack-engine/training-pipeline.js')));
+    let content;
+    try {
+        content = readFileSync(target, 'utf-8');
+    }
+    catch {
+        console.error(`Cannot read file: ${target}`);
+        process.exit(1);
+    }
+    const artifactType = target.toLowerCase().includes('soul') ? 'soul'
+        : target.toLowerCase().includes('mcp') ? 'mcp_tool'
+            : 'skill';
+    const name = target.split('/').pop() ?? 'unknown';
+    if (!options.json) {
+        console.log(`\nAdaptive Attack Engine`);
+        console.log(`Target: ${name} (${artifactType})`);
+        console.log(`Max iterations: ${options.iterations ?? 5} per category\n`);
+    }
+    const result = await runAttackSession(content, artifactType, name, {
+        maxIterations: parseInt(options.iterations ?? '5', 10),
+    });
+    if (options.json) {
+        console.log(JSON.stringify(result, null, 2));
+    }
+    else {
+        console.log(`Results:`);
+        console.log(`  Payloads generated: ${result.totalPayloads}`);
+        console.log(`  Successful attacks: ${result.successCount}`);
+        console.log(`  Partial successes:  ${result.partialCount}`);
+        console.log(`  Resilience score:   ${(result.defenseMap.resilienceScore * 100).toFixed(0)}%`);
+        console.log(`  Duration:           ${result.durationMs}ms\n`);
+        if (result.vulnerabilities.length > 0) {
+            console.log(`Vulnerabilities Found:`);
+            for (const vuln of result.vulnerabilities) {
+                console.log(`  [${vuln.severity.toUpperCase()}] ${vuln.title}`);
+                console.log(`    ${vuln.description}`);
+                console.log(`    Fix: ${vuln.remediation}\n`);
+            }
+        }
+        else {
+            console.log(`No vulnerabilities found. All defenses held.\n`);
+        }
+        if (result.defenseMap.strongCategories.length > 0) {
+            console.log(`Strong defenses: ${result.defenseMap.strongCategories.join(', ')}`);
+        }
+        if (result.defenseMap.weakCategories.length > 0) {
+            console.log(`Weak defenses:   ${result.defenseMap.weakCategories.join(', ')}`);
+        }
+    }
+    // Auto-export training data
+    const trainingCount = exportAttackTraining(result);
+    if (!options.json && trainingCount > 0) {
+        console.log(`\n${trainingCount} training samples exported to NanoMind corpus.`);
+    }
+});
+// Self-securing: verify own integrity before running any command
+// A security tool that doesn't verify itself is worse than no security tool
+(async () => {
+    try {
+        const { verifyAll } = await Promise.resolve().then(() => __importStar(require('./nanomind-core/security/integrity-verifier.js')));
+        const integrity = await verifyAll();
+        if (integrity.status === 'QUARANTINE') {
+            // Binary tampered -- refuse to run
+            process.stderr.write('\nINTEGRITY CHECK FAILED: HackMyAgent binary may have been tampered with.\n' +
+                'This could indicate a supply chain attack.\n\n' +
+                'Actions:\n' +
+                '  1. Reinstall: npm install -g hackmyagent\n' +
+                '  2. Verify: npm audit signatures\n' +
+                '  3. Report: https://github.com/opena2a-org/hackmyagent/security\n\n');
+            for (const check of integrity.checks.filter(c => !c.passed)) {
+                process.stderr.write(`  Failed: ${check.name} -- ${check.reason}\n`);
+            }
+            process.exit(3); // Exit code 3 = integrity failure
+        }
+        if (integrity.status === 'DEGRADE') {
+            // Model or rules tampered -- warn but continue with fallback
+            process.stderr.write('\nIntegrity warning: some components could not be verified.\n' +
+                'Continuing with baseline analysis (reduced accuracy).\n\n');
+        }
+    }
+    catch {
+        // Integrity check itself failed -- continue (don't block on missing manifest in dev)
+    }
+    if (process.argv.length <= 2) {
+        program.outputHelp();
+        process.exit(0);
+    }
+    program.parse();
+})();
 //# sourceMappingURL=cli.js.map