hackmyagent 0.11.13 → 0.11.15

package/dist/nanomind-core/analyzers/code-analyzer.js

@@ -0,0 +1,350 @@
+"use strict";
+/**
+ * Code Analyzer -- AST-based AST-CODE-* checks
+ *
+ * Queries the SecurityAST for source code security issues including
+ * command injection, unsafe deserialization, and path traversal.
+ * Uses the structured AST to correlate code patterns with declared
+ * capabilities and risk surfaces instead of regex-matching raw text.
+ *
+ * Checks:
+ *   AST-CODE-001: Command injection (exec, spawn with user input)
+ *   AST-CODE-002: Unsafe deserialization (eval, Function constructor)
+ *   AST-CODE-003: Path traversal (unsanitized file paths)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.analyzeCode = analyzeCode;
+const defense_in_depth_js_1 = require("../security/defense-in-depth.js");
+// ============================================================================
+// Public API
+// ============================================================================
+/**
+ * Analyze a SecurityAST for source code security issues.
+ * Verifies AST integrity before processing.
+ */
+function analyzeCode(ast, verifier) {
+    (0, defense_in_depth_js_1.assertASTIntegrity)(ast, verifier);
+    const findings = [];
+    findings.push(...checkCommandInjection(ast));
+    findings.push(...checkUnsafeDeserialization(ast));
+    findings.push(...checkPathTraversal(ast));
+    return findings;
+}
+// ============================================================================
+// AST-CODE-001: Command injection
+// ============================================================================
+/**
+ * Detects command injection vulnerabilities where user-controlled input
+ * reaches shell execution functions (exec, spawn, execSync, etc.).
+ *
+ * Checks AST.inferredCapabilities for shell/exec capabilities and
+ * AST.inferredRiskSurface for command injection attack surfaces.
+ * Also checks AST.evidenceSpans for direct evidence of injection patterns.
+ */
+function checkCommandInjection(ast) {
+    const findings = [];
+    // Only relevant for source code and skill artifacts
+    if (!isCodeArtifact(ast)) {
+        return findings;
+    }
+    // Check inferred capabilities for shell execution
+    const execCapabilities = ast.inferredCapabilities.filter(c => isExecCapability(c));
+    // Check risk surfaces for command injection
+    const cmdInjectionSurfaces = ast.inferredRiskSurface.filter(r => r.attackClass === 'CMD-INJECT' ||
+        r.attackClass === 'COMMAND-INJECTION' ||
+        r.attackClass === 'RCE');
+    // Check evidence spans for exec-related patterns
+    const execEvidence = ast.evidenceSpans.filter(e => e.supports === 'command_injection' ||
+        e.supports === 'shell_execution' ||
+        e.supports === 'RCE');
+    // Combine signals: capabilities + risk surfaces + evidence
+    if (execCapabilities.length > 0 || cmdInjectionSurfaces.length > 0) {
+        // Determine if user input reaches the exec call
+        const hasUserInput = hasUserInputDataFlow(ast);
+        const hasExecRisk = cmdInjectionSurfaces.length > 0;
+        // Exec capability with no user input = lower risk (static commands)
+        // Exec capability with user input = command injection
+        if (hasExecRisk || hasUserInput) {
+            const bestEvidence = cmdInjectionSurfaces[0]?.evidence ??
+                execEvidence[0]?.text ??
+                execCapabilities.map(c => c.name).join(', ');
+            findings.push({
+                checkId: 'AST-CODE-001',
+                name: 'Command Injection',
+                description: 'User-controlled input can reach shell execution functions. ' +
+                    'Functions like exec(), spawn(), execSync(), or child_process are called ' +
+                    'with data that may originate from untrusted sources (user input, tool ' +
+                    'outputs, retrieved documents).',
+                category: 'Code Security',
+                severity: 'critical',
+                passed: false,
+                message: `Command injection: ${truncate(bestEvidence, 80)}`,
+                fixable: true,
+                file: ast.artifactPath,
+                fix: 'Replace shell execution with safer alternatives: ' +
+                    '1. Use execFile() or spawn() with an argument array instead of exec() with string interpolation. ' +
+                    '2. Validate and sanitize all inputs before passing to shell commands. ' +
+                    '3. Use allowlists for permitted commands rather than blocklists. ' +
+                    '4. Consider removing shell execution entirely and using native APIs.',
+                guidance: 'Command injection is consistently rated a top vulnerability. ' +
+                    'Never concatenate user input into shell command strings. ' +
+                    'Even "harmless" commands become dangerous with shell metacharacters (;, |, $()).',
+                attackClass: 'CMD-INJECT',
+                confidence: hasExecRisk ? 0.9 : 0.7,
+                evidence: bestEvidence,
+            });
+        }
+        else if (execCapabilities.length > 0) {
+            // Exec capability without detected user input -- still flag as medium
+            findings.push({
+                checkId: 'AST-CODE-001',
+                name: 'Shell Execution Capability',
+                description: 'The code exercises shell execution capabilities. While no direct user ' +
+                    'input flow was detected, shell execution in an agent context is risky ' +
+                    'because prompt injection can influence arguments indirectly.',
+                category: 'Code Security',
+                severity: 'medium',
+                passed: false,
+                message: `Shell execution: ${execCapabilities.map(c => c.name).join(', ')}`,
+                fixable: true,
+                file: ast.artifactPath,
+                fix: 'Audit all shell execution calls to ensure no user-controlled data reaches them. ' +
+                    'Use execFile() with argument arrays instead of exec() with string concatenation. ' +
+                    'Add input validation for any data that flows into shell commands.',
+                attackClass: 'CMD-INJECT',
+                confidence: 0.5,
+                evidence: execCapabilities[0]?.evidence,
+            });
+        }
+    }
+    return findings;
+}
+// ============================================================================
+// AST-CODE-002: Unsafe deserialization
+// ============================================================================
+/**
+ * Detects unsafe deserialization patterns including eval(), Function
+ * constructor, and dynamic code execution from untrusted sources.
+ *
+ * Checks AST.inferredCapabilities for code execution capabilities and
+ * AST.inferredRiskSurface for deserialization attack surfaces.
+ * Also checks evidence spans for eval/Function patterns.
+ */
+function checkUnsafeDeserialization(ast) {
+    const findings = [];
+    if (!isCodeArtifact(ast)) {
+        return findings;
+    }
+    // Check capabilities for dynamic code execution
+    const codeExecCapabilities = ast.inferredCapabilities.filter(c => isCodeExecCapability(c));
+    // Check risk surfaces for deserialization issues
+    const deserialSurfaces = ast.inferredRiskSurface.filter(r => r.attackClass === 'UNSAFE-DESER' ||
+        r.attackClass === 'DESERIALIZATION' ||
+        r.attackClass === 'CODE-EXEC' ||
+        r.attackClass === 'EVAL');
+    // Check evidence spans
+    const evalEvidence = ast.evidenceSpans.filter(e => e.supports === 'unsafe_deserialization' ||
+        e.supports === 'eval_usage' ||
+        e.supports === 'dynamic_code_execution');
+    if (codeExecCapabilities.length > 0 || deserialSurfaces.length > 0 || evalEvidence.length > 0) {
+        const bestEvidence = deserialSurfaces[0]?.evidence ??
+            evalEvidence[0]?.text ??
+            codeExecCapabilities.map(c => c.name).join(', ');
+        const hasRiskSurface = deserialSurfaces.length > 0;
+        const hasUserInput = hasUserInputDataFlow(ast);
+        findings.push({
+            checkId: 'AST-CODE-002',
+            name: 'Unsafe Deserialization',
+            description: 'Dynamic code execution detected (eval, Function constructor, or equivalent). ' +
+                'These patterns execute arbitrary code at runtime, which in an agent context ' +
+                'means prompt injection can achieve remote code execution.' +
+                (hasUserInput
+                    ? ' User-controlled data flows into the execution context.'
+                    : ''),
+            category: 'Code Security',
+            severity: hasRiskSurface || hasUserInput ? 'critical' : 'high',
+            passed: false,
+            message: `Unsafe deserialization: ${truncate(bestEvidence, 80)}`,
+            fixable: true,
+            file: ast.artifactPath,
+            fix: 'Remove eval(), new Function(), and similar dynamic code execution: ' +
+                '1. Replace eval(jsonString) with JSON.parse(jsonString). ' +
+                '2. Replace new Function(code) with a safe interpreter or allowlisted operations. ' +
+                '3. For template evaluation, use a sandboxed template engine. ' +
+                '4. Never deserialize untrusted data with eval or pickle/marshal equivalents.',
+            guidance: 'eval() is the most dangerous function in any language. In an agent context, ' +
+                'it turns any prompt injection into remote code execution. There is almost ' +
+                'always a safer alternative.',
+            attackClass: 'UNSAFE-DESER',
+            confidence: hasRiskSurface ? 0.9 : 0.7,
+            evidence: bestEvidence,
+        });
+    }
+    return findings;
+}
+// ============================================================================
+// AST-CODE-003: Path traversal
+// ============================================================================
+/**
+ * Detects path traversal vulnerabilities where user input controls file
+ * paths without sanitization. In an agent context, prompt injection can
+ * manipulate file paths to read/write outside the intended directory.
+ *
+ * Checks AST.inferredCapabilities for file access capabilities and
+ * AST.inferredRiskSurface for path traversal attack surfaces.
+ */
+function checkPathTraversal(ast) {
+    const findings = [];
+    if (!isCodeArtifact(ast)) {
+        return findings;
+    }
+    // Check capabilities for file operations
+    const fileCapabilities = ast.inferredCapabilities.filter(c => isFileCapability(c));
+    // Check risk surfaces for path traversal
+    const pathTraversalSurfaces = ast.inferredRiskSurface.filter(r => r.attackClass === 'PATH-TRAVERSAL' ||
+        r.attackClass === 'DIR-TRAVERSAL' ||
+        r.attackClass === 'FILE-ACCESS');
+    // Check evidence spans
+    const pathEvidence = ast.evidenceSpans.filter(e => e.supports === 'path_traversal' ||
+        e.supports === 'unsanitized_path' ||
+        e.supports === 'file_access');
+    // Direct path traversal risk surfaces
+    if (pathTraversalSurfaces.length > 0) {
+        for (const surface of pathTraversalSurfaces) {
+            findings.push({
+                checkId: 'AST-CODE-003',
+                name: 'Path Traversal',
+                description: `Path traversal detected: ${surface.surface}. ` +
+                    'User-controlled input can manipulate file paths to escape the intended ' +
+                    'directory, potentially reading sensitive files (/etc/passwd, .env) or ' +
+                    'writing to critical locations.',
+                category: 'Code Security',
+                severity: surface.confidence >= 0.7 ? 'critical' : 'high',
+                passed: false,
+                message: `Path traversal: ${truncate(surface.evidence, 80)}`,
+                fixable: true,
+                file: ast.artifactPath,
+                fix: surface.mitigation ??
+                    'Sanitize all file paths: ' +
+                        '1. Use path.resolve() and verify the result is within the allowed directory. ' +
+                        '2. Reject paths containing ".." segments. ' +
+                        '3. Use path.basename() to strip directory components from user input. ' +
+                        '4. Maintain an allowlist of accessible directories.',
+                attackClass: 'PATH-TRAVERSAL',
+                confidence: surface.confidence,
+                evidence: surface.evidence,
+            });
+        }
+    }
+    // File capabilities + user input but no explicit traversal surface
+    if (pathTraversalSurfaces.length === 0 && fileCapabilities.length > 0) {
+        const hasUserInput = hasUserInputDataFlow(ast);
+        const hasWriteCapability = fileCapabilities.some(c => c.name.includes('write') || c.name.includes('delete') || c.name.includes('create'));
+        if (hasUserInput || hasWriteCapability) {
+            const bestEvidence = pathEvidence[0]?.text ??
+                fileCapabilities.map(c => c.name).join(', ');
+            findings.push({
+                checkId: 'AST-CODE-003',
+                name: hasWriteCapability ? 'Unsanitized File Write' : 'Unsanitized File Access',
+                description: `File ${hasWriteCapability ? 'write' : 'access'} capabilities detected ` +
+                    `(${fileCapabilities.map(c => c.name).join(', ')}) ` +
+                    (hasUserInput
+                        ? 'with user-controlled input in the data flow. '
+                        : 'in an agent context where prompt injection can influence paths. ') +
+                    'Without path sanitization, this creates a traversal risk.',
+                category: 'Code Security',
+                severity: hasWriteCapability ? 'high' : 'medium',
+                passed: false,
+                message: `File ${hasWriteCapability ? 'write' : 'access'} without path sanitization`,
+                fixable: true,
+                file: ast.artifactPath,
+                fix: 'Add path sanitization: ' +
+                    '1. Resolve paths with path.resolve() and check they stay within the project root. ' +
+                    '2. Use a chroot or sandboxed filesystem for agent operations. ' +
+                    '3. Reject path inputs containing "..", "~", or absolute paths from user input.',
+                guidance: 'In an agent context, path traversal is especially dangerous because prompt ' +
+                    'injection can craft paths like "../../../../etc/passwd" indirectly through ' +
+                    'tool outputs or retrieved documents.',
+                attackClass: 'PATH-TRAVERSAL',
+                confidence: hasUserInput ? 0.7 : 0.5,
+                evidence: bestEvidence,
+            });
+        }
+    }
+    return findings;
+}
+// ============================================================================
+// Helpers
+// ============================================================================
+/**
+ * Determine if the artifact is a code artifact.
+ */
+function isCodeArtifact(ast) {
+    return (ast.artifactType === 'source_code' ||
+        ast.artifactType === 'skill' ||
+        ast.artifactType === 'agent_config');
+}
+/**
+ * Check if a capability represents shell execution.
+ */
+function isExecCapability(cap) {
+    const name = cap.name.toLowerCase();
+    return (name.includes('exec') ||
+        name.includes('spawn') ||
+        name.includes('shell') ||
+        name.includes('command') ||
+        name.includes('process') ||
+        name.includes('system'));
+}
+/**
+ * Check if a capability represents dynamic code execution (eval-like).
+ */
+function isCodeExecCapability(cap) {
+    const name = cap.name.toLowerCase();
+    const evidence = (cap.evidence ?? '').toLowerCase();
+    return (name.includes('eval') ||
+        name.includes('dynamic_code') ||
+        name.includes('code_exec') ||
+        name.includes('deserialize') ||
+        evidence.includes('eval(') ||
+        evidence.includes('new function(') ||
+        evidence.includes('function('));
+}
+/**
+ * Check if a capability represents file system access.
+ */
+function isFileCapability(cap) {
+    const name = cap.name.toLowerCase();
+    return (name.includes('file') ||
+        name.includes('fs.') ||
+        name.includes('read') ||
+        name.includes('write') ||
+        name.includes('path') ||
+        name.includes('directory'));
+}
+/**
+ * Check if the AST indicates user-controlled input in the data flow.
+ * This is a heuristic based on data access patterns and capabilities.
+ */
+function hasUserInputDataFlow(ast) {
+    // Check data access patterns for external data sources
+    const hasExternalRead = ast.declaredDataAccess.some(d => d.accessMode === 'read' && (d.dataType === 'general' || d.dataType === 'pii'));
+    // Check for capabilities that accept external input
+    const hasInputCapability = ast.inferredCapabilities.some(c => {
+        const name = c.name.toLowerCase();
+        return (name.includes('input') ||
+            name.includes('request') ||
+            name.includes('param') ||
+            name.includes('query') ||
+            name.includes('api'));
+    });
+    // Check risk surfaces that indicate user input flow
+    const hasInputRisk = ast.inferredRiskSurface.some(r => r.surface.toLowerCase().includes('user input') || r.surface.toLowerCase().includes('untrusted'));
+    return hasExternalRead || hasInputCapability || hasInputRisk;
+}
+function truncate(text, maxLen) {
+    if (text.length <= maxLen)
+        return text;
+    return text.slice(0, maxLen - 3) + '...';
+}
+//# sourceMappingURL=code-analyzer.js.map

package/dist/nanomind-core/analyzers/code-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-analyzer.js","sourceRoot":"","sources":["../../../src/nanomind-core/analyzers/code-analyzer.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;AAcH,kCAaC;AAvBD,yEAAqE;AAErE,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,WAAW,CACzB,GAAgB,EAChB,QAAuC;IAEvC,IAAA,wCAAkB,EAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAElC,MAAM,QAAQ,GAAiB,EAAE,CAAC;IAElC,QAAQ,CAAC,IAAI,CAAC,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7C,QAAQ,CAAC,IAAI,CAAC,GAAG,0BAA0B,CAAC,GAAG,CAAC,CAAC,CAAC;IAClD,QAAQ,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC;IAE1C,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAC/E,kCAAkC;AAClC,+EAA+E;AAE/E;;;;;;;GAOG;AACH,SAAS,qBAAqB,CAAC,GAAgB;IAC7C,MAAM,QAAQ,GAAiB,EAAE,CAAC;IAElC,oDAAoD;IACpD,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,kDAAkD;IAClD,MAAM,gBAAgB,GAAG,GAAG,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC3D,gBAAgB,CAAC,CAAC,CAAC,CACpB,CAAC;IAEF,4CAA4C;IAC5C,MAAM,oBAAoB,GAAG,GAAG,CAAC,mBAAmB,CAAC,MAAM,CACzD,CAAC,CAAC,EAAE,CACF,CAAC,CAAC,WAAW,KAAK,YAAY;QAC9B,CAAC,CAAC,WAAW,KAAK,mBAAmB;QACrC,CAAC,CAAC,WAAW,KAAK,KAAK,CAC1B,CAAC;IAEF,iDAAiD;IACjD,MAAM,YAAY,GAAG,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChD,CAAC,CAAC,QAAQ,KAAK,mBAAmB;QAClC,CAAC,CAAC,QAAQ,KAAK,iBAAiB;QAChC,CAAC,CAAC,QAAQ,KAAK,KAAK,CACrB,CAAC;IAEF,2DAA2D;IAC3D,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,IAAI,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnE,gDAAgD;QAChD,MAAM,YAAY,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,oBAAoB,CAAC,MAAM,GAAG,CAAC,CAAC;QAEpD,oEAAoE;QACpE,sDAAsD;QACtD,IAAI,WAAW,IAAI,YAAY,EAAE,CAAC;YAChC,MAAM,YAAY,GAChB,oBAAoB,CAAC,CAAC,CAAC,EAAE,QAAQ;gBACjC,YAAY,CAAC,CAAC,CAAC,EAAE,IAAI;gBACrB,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE/C,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,cAAc;gBACvB,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EACT,6DAA6D;oBAC7D,0EAA0E;oBAC1E,wEAAwE;oBACxE,gCAAgC;gBAClC,QAAQ,EAAE,eAAe;gBACzB,QAAQ,EAAE,UAAU;gBACpB,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,sBAAsB,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,EAAE;gBAC3D,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE,GAAG,CAAC,YAAY;gBACtB,GAAG,EACD,mDAAmD;oBACnD,mGAAmG;oBACnG,wEAAwE;oBACxE,mEAAmE;oBACnE,sEAAsE;gBACxE,QAAQ,EACN,+DAA+D;oBAC/D,2DAA2D;oBAC3D,kFAAkF;gBACpF,WAAW,EAAE,YAAY;gBACzB,UAAU,EAAE,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;gBACnC,QAAQ,EAAE,YAAY;aACvB,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvC,sEAAsE;YACtE,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,cAAc;gBACvB,IAAI,EAAE,4BAA4B;gBAClC,WAAW,EACT,wEAAwE;oBACxE,wEAAwE;oBACxE,8DAA8D;gBAChE,QAAQ,EAAE,eAAe;gBACzB,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,oBAAoB,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAC3E,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE,GAAG,CAAC,YAAY;gBACtB,GAAG,EACD,kFAAkF;oBAClF,mFAAmF;oBACnF,mEAAmE;gBACrE,WAAW,EAAE,YAAY;gBACzB,UAAU,EAAE,GAAG;gBACf,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,EAAE,QAAQ;aACxC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAC/E,uCAAuC;AACvC,+EAA+E;AAE/E;;;;;;;GAOG;AACH,SAAS,0BAA0B,CAAC,GAAgB;IAClD,MAAM,QAAQ,GAAiB,EAAE,CAAC;IAElC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,gDAAgD;IAChD,MAAM,oBAAoB,GAAG,GAAG,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC/D,oBAAoB,CAAC,CAAC,CAAC,CACxB,CAAC;IAEF,iDAAiD;IACjD,MAAM,gBAAgB,GAAG,GAAG,CAAC,mBAAmB,CAAC,MAAM,CACrD,CAAC,CAAC,EAAE,CACF,CAAC,CAAC,WAAW,KAAK,cAAc;QAChC,CAAC,CAAC,WAAW,KAAK,iBAAiB;QACnC,CAAC,CAAC,WAAW,KAAK,WAAW;QAC7B,CAAC,CAAC,WAAW,KAAK,MAAM,CAC3B,CAAC;IAEF,uBAAuB;IACvB,MAAM,YAAY,GAAG,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChD,CAAC,CAAC,QAAQ,KAAK,wBAAwB;QACvC,CAAC,CAAC,QAAQ,KAAK,YAAY;QAC3B,CAAC,CAAC,QAAQ,KAAK,wBAAwB,CACxC,CAAC;IAEF,IAAI,oBAAoB,CAAC,MAAM,GAAG,CAAC,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9F,MAAM,YAAY,GAChB,gBAAgB,CAAC,CAAC,CAAC,EAAE,QAAQ;YAC7B,YAAY,CAAC,CAAC,CAAC,EAAE,IAAI;YACrB,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEnD,MAAM,cAAc,GAAG,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC;QACnD,MAAM,YAAY,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAE/C,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,cAAc;YACvB,IAAI,EAAE,wBAAwB;YAC9B,WAAW,EACT,+EAA+E;gBAC/E,8EAA8E;gBAC9E,2DAA2D;gBAC3D,CAAC,YAAY;oBACX,CAAC,CAAC,yDAAyD;oBAC3D,CAAC,CAAC,EAAE,CAAC;YACT,QAAQ,EAAE,eAAe;YACzB,QAAQ,EAAE,cAAc,IAAI,YAAY,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;YAC9D,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,2BAA2B,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,EAAE;YAChE,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,GAAG,CAAC,YAAY;YACtB,GAAG,EACD,qEAAqE;gBACrE,2DAA2D;gBAC3D,mFAAmF;gBACnF,+DAA+D;gBAC/D,8EAA8E;YAChF,QAAQ,EACN,8EAA8E;gBAC9E,4EAA4E;gBAC5E,6BAA6B;YAC/B,WAAW,EAAE,cAAc;YAC3B,UAAU,EAAE,cAAc,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;YACtC,QAAQ,EAAE,YAAY;SACvB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E;;;;;;;GAOG;AACH,SAAS,kBAAkB,CAAC,GAAgB;IAC1C,MAAM,QAAQ,GAAiB,EAAE,CAAC;IAElC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;QACzB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,yCAAyC;IACzC,MAAM,gBAAgB,GAAG,GAAG,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC3D,gBAAgB,CAAC,CAAC,CAAC,CACpB,CAAC;IAEF,yCAAyC;IACzC,MAAM,qBAAqB,GAAG,GAAG,CAAC,mBAAmB,CAAC,MAAM,CAC1D,CAAC,CAAC,EAAE,CACF,CAAC,CAAC,WAAW,KAAK,gBAAgB;QAClC,CAAC,CAAC,WAAW,KAAK,eAAe;QACjC,CAAC,CAAC,WAAW,KAAK,aAAa,CAClC,CAAC;IAEF,uBAAuB;IACvB,MAAM,YAAY,GAAG,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChD,CAAC,CAAC,QAAQ,KAAK,gBAAgB;QAC/B,CAAC,CAAC,QAAQ,KAAK,kBAAkB;QACjC,CAAC,CAAC,QAAQ,KAAK,aAAa,CAC7B,CAAC;IAEF,sCAAsC;IACtC,IAAI,qBAAqB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,KAAK,MAAM,OAAO,IAAI,qBAAqB,EAAE,CAAC;YAC5C,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,cAAc;gBACvB,IAAI,EAAE,gBAAgB;gBACtB,WAAW,EACT,4BAA4B,OAAO,CAAC,OAAO,IAAI;oBAC/C,yEAAyE;oBACzE,wEAAwE;oBACxE,gCAAgC;gBAClC,QAAQ,EAAE,eAAe;gBACzB,QAAQ,EAAE,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;gBACzD,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,mBAAmB,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,EAAE;gBAC5D,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE,GAAG,CAAC,YAAY;gBACtB,GAAG,EACD,OAAO,CAAC,UAAU;oBAClB,2BAA2B;wBAC3B,+EAA+E;wBAC/E,4CAA4C;wBAC5C,wEAAwE;wBACxE,qDAAqD;gBACvD,WAAW,EAAE,gBAAgB;gBAC7B,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ;aAC3B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,mEAAmE;IACnE,IAAI,qBAAqB,CAAC,MAAM,KAAK,CAAC,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtE,MAAM,YAAY,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAC/C,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,IAAI,CAC9C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACxF,CAAC;QAEF,IAAI,YAAY,IAAI,kBAAkB,EAAE,CAAC;YACvC,MAAM,YAAY,GAChB,YAAY,CAAC,CAAC,CAAC,EAAE,IAAI;gBACrB,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE/C,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,cAAc;gBACvB,IAAI,EAAE,kBAAkB,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,yBAAyB;gBAC/E,WAAW,EACT,QAAQ,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,yBAAyB;oBACxE,IAAI,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;oBACpD,CAAC,YAAY;wBACX,CAAC,CAAC,+CAA+C;wBACjD,CAAC,CAAC,kEAAkE,CAAC;oBACvE,2DAA2D;gBAC7D,QAAQ,EAAE,eAAe;gBACzB,QAAQ,EAAE,kBAAkB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBAChD,MAAM,EAAE,KAAK;gBACb,OAAO,EAAE,QAAQ,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,4BAA4B;gBACpF,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE,GAAG,CAAC,YAAY;gBACtB,GAAG,EACD,yBAAyB;oBACzB,oFAAoF;oBACpF,gEAAgE;oBAChE,gFAAgF;gBAClF,QAAQ,EACN,6EAA6E;oBAC7E,6EAA6E;oBAC7E,sCAAsC;gBACxC,WAAW,EAAE,gBAAgB;gBAC7B,UAAU,EAAE,YAAY,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;gBACpC,QAAQ,EAAE,YAAY;aACvB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAC/E,UAAU;AACV,+EAA+E;AAE/E;;GAEG;AACH,SAAS,cAAc,CAAC,GAAgB;IACtC,OAAO,CACL,GAAG,CAAC,YAAY,KAAK,aAAa;QAClC,GAAG,CAAC,YAAY,KAAK,OAAO;QAC5B,GAAG,CAAC,YAAY,KAAK,cAAc,CACpC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAe;IACvC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;IACpC,OAAO,CACL,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QACxB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;QACxB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACxB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,GAAe;IAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;IACpC,MAAM,QAAQ,GAAG,CAAC,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,OAAO,CACL,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC;QAC7B,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC1B,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC1B,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC;QAClC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAC/B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAe;IACvC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;IACpC,OAAO,CACL,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QACpB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;QACtB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAC3B,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,oBAAoB,CAAC,GAAgB;IAC5C,uDAAuD;IACvD,MAAM,eAAe,GAAG,GAAG,CAAC,kBAAkB,CAAC,IAAI,CACjD,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CACnF,CAAC;IAEF,oDAAoD;IACpD,MAAM,kBAAkB,GAAG,GAAG,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;QAC3D,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAClC,OAAO,CACL,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YACtB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;YACxB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YACtB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YACtB,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CACrB,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,oDAAoD;IACpD,MAAM,YAAY,GAAG,GAAG,CAAC,mBAAmB,CAAC,IAAI,CAC/C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CACrG,CAAC;IAEF,OAAO,eAAe,IAAI,kBAAkB,IAAI,YAAY,CAAC;AAC/D,CAAC;AAED,SAAS,QAAQ,CAAC,IAAY,EAAE,MAAc;IAC5C,IAAI,IAAI,CAAC,MAAM,IAAI,MAAM;QAAE,OAAO,IAAI,CAAC;IACvC,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC;AAC3C,CAAC"}

package/dist/nanomind-core/analyzers/credential-analyzer.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Credential Analyzer -- AST-based AST-CRED-* checks
+ *
+ * Queries the SecurityAST for credential exposure patterns instead of
+ * regex-matching raw text. Understands data flow through AST.declaredDataAccess
+ * and distinguishes real credentials from test fixtures and documentation.
+ *
+ * Checks:
+ *   AST-CRED-001: Credentials in non-environment contexts
+ *   AST-CRED-002: Credential forwarding to external destinations
+ *   AST-CRED-003: Hardcoded secrets in artifact content
+ */
+import type { SecurityAST } from '../types.js';
+import type { ASTFinding } from './capability-analyzer.js';
+/**
+ * Analyze a SecurityAST for credential-related security issues.
+ * Verifies AST integrity before processing.
+ */
+export declare function analyzeCredentials(ast: SecurityAST, verifier: (ast: SecurityAST) => boolean): ASTFinding[];
+//# sourceMappingURL=credential-analyzer.d.ts.map

package/dist/nanomind-core/analyzers/credential-analyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-analyzer.d.ts","sourceRoot":"","sources":["../../../src/nanomind-core/analyzers/credential-analyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAmC,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AAO3D;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,WAAW,EAChB,QAAQ,EAAE,CAAC,GAAG,EAAE,WAAW,KAAK,OAAO,GACtC,UAAU,EAAE,CAUd"}