hackmyagent 0.7.2 → 0.8.0

package/dist/arp/reporting/local-log.js

@@ -0,0 +1,116 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LocalLogger = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const EVENT_LOG = 'events.jsonl';
+const ENFORCEMENT_LOG = 'enforcement.jsonl';
+const MAX_LOG_SIZE = 50 * 1024 * 1024; // 50MB
+/**
+ * Local JSONL logger — append-only event and enforcement logs.
+ * Follows the aim-core audit.jsonl pattern.
+ */
+class LocalLogger {
+    constructor(dataDir) {
+        this.dataDir = dataDir;
+        fs.mkdirSync(dataDir, { recursive: true });
+    }
+    /** Log an ARP event */
+    logEvent(event) {
+        this.appendLog(EVENT_LOG, event);
+    }
+    /** Log an enforcement action */
+    logEnforcement(result) {
+        const entry = {
+            timestamp: new Date().toISOString(),
+            action: result.action,
+            targetPid: result.targetPid,
+            success: result.success,
+            reason: result.reason,
+            eventId: result.event.id,
+            eventSource: result.event.source,
+            eventSeverity: result.event.severity,
+        };
+        this.appendLog(ENFORCEMENT_LOG, entry);
+    }
+    /** Read recent events */
+    readEvents(limit) {
+        return this.readLog(EVENT_LOG, limit);
+    }
+    /** Read recent enforcement actions */
+    readEnforcements(limit) {
+        return this.readLog(ENFORCEMENT_LOG, limit);
+    }
+    /** Tail the event log (returns last N lines as JSON) */
+    tail(n = 20) {
+        return this.readLog(EVENT_LOG, n);
+    }
+    appendLog(filename, data) {
+        const filePath = path.join(this.dataDir, filename);
+        // Rotate if needed
+        try {
+            const stat = fs.statSync(filePath);
+            if (stat.size > MAX_LOG_SIZE) {
+                const rotatedPath = `${filePath}.${Date.now()}`;
+                fs.renameSync(filePath, rotatedPath);
+            }
+        }
+        catch {
+            // File doesn't exist yet
+        }
+        const line = JSON.stringify(data) + '\n';
+        fs.appendFileSync(filePath, line, 'utf-8');
+    }
+    readLog(filename, limit) {
+        const filePath = path.join(this.dataDir, filename);
+        if (!fs.existsSync(filePath))
+            return [];
+        try {
+            const content = fs.readFileSync(filePath, 'utf-8');
+            const lines = content.trim().split('\n').filter(Boolean);
+            const entries = lines.map((l) => JSON.parse(l));
+            if (limit && limit > 0) {
+                return entries.slice(-limit);
+            }
+            return entries;
+        }
+        catch {
+            return [];
+        }
+    }
+}
+exports.LocalLogger = LocalLogger;
+//# sourceMappingURL=local-log.js.map

package/dist/arp/reporting/local-log.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"local-log.js","sourceRoot":"","sources":["../../../src/arp/reporting/local-log.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAyB;AACzB,2CAA6B;AAG7B,MAAM,SAAS,GAAG,cAAc,CAAC;AACjC,MAAM,eAAe,GAAG,mBAAmB,CAAC;AAC5C,MAAM,YAAY,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO;AAE9C;;;GAGG;AACH,MAAa,WAAW;IAGtB,YAAY,OAAe;QACzB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,uBAAuB;IACvB,QAAQ,CAAC,KAAe;QACtB,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IACnC,CAAC;IAED,gCAAgC;IAChC,cAAc,CAAC,MAAyB;QACtC,MAAM,KAAK,GAAG;YACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE;YACxB,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM;YAChC,aAAa,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ;SACrC,CAAC;QACF,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC;IACzC,CAAC;IAED,yBAAyB;IACzB,UAAU,CAAC,KAAc;QACvB,OAAO,IAAI,CAAC,OAAO,CAAW,SAAS,EAAE,KAAK,CAAC,CAAC;IAClD,CAAC;IAED,sCAAsC;IACtC,gBAAgB,CAAC,KAAc;QAC7B,OAAO,IAAI,CAAC,OAAO,CAAoB,eAAe,EAAE,KAAK,CAAC,CAAC;IACjE,CAAC;IAED,wDAAwD;IACxD,IAAI,CAAC,IAAY,EAAE;QACjB,OAAO,IAAI,CAAC,OAAO,CAAW,SAAS,EAAE,CAAC,CAAC,CAAC;IAC9C,CAAC;IAEO,SAAS,CAAC,QAAgB,EAAE,IAAa;QAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAEnD,mBAAmB;QACnB,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,IAAI,CAAC,IAAI,GAAG,YAAY,EAAE,CAAC;gBAC7B,MAAM,WAAW,GAAG,GAAG,QAAQ,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;gBAChD,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,yBAAyB;QAC3B,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;QACzC,EAAE,CAAC,cAAc,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAEO,OAAO,CAAI,QAAgB,EAAE,KAAc;QACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,OAAO,EAAE,CAAC;QAExC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACzD,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAM,CAAC,CAAC;YAErD,IAAI,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;gBACvB,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC;YAC/B,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;CACF;AA9ED,kCA8EC"}

package/dist/arp/types.d.ts

@@ -0,0 +1,230 @@
+/** An event emitted by a monitor */
+export interface ARPEvent {
+    /** Unique event ID */
+    id: string;
+    /** ISO timestamp */
+    timestamp: string;
+    /** Monitor that generated the event */
+    source: MonitorType;
+    /** Event category */
+    category: EventCategory;
+    /** Severity determined by L0 rules */
+    severity: EventSeverity;
+    /** Human-readable description */
+    description: string;
+    /** Structured event data (monitor-specific) */
+    data: Record<string, unknown>;
+    /** Which intelligence layer classified this event */
+    classifiedBy: 'L0-rules' | 'L1-statistical' | 'L2-llm';
+    /** LLM assessment (only if classified by L2) */
+    llmAssessment?: LLMAssessment;
+}
+export type MonitorType = 'process' | 'network' | 'filesystem' | 'skill' | 'heartbeat' | 'prompt' | 'mcp-protocol' | 'a2a-protocol';
+export type EventCategory = 'normal' | 'anomaly' | 'violation' | 'threat';
+export type EventSeverity = 'info' | 'low' | 'medium' | 'high' | 'critical';
+/** Result from LLM analysis of a suspicious event */
+export interface LLMAssessment {
+    /** Is this event consistent with the agent's declared purpose? */
+    consistent: boolean;
+    /** Confidence score 0-1 */
+    confidence: number;
+    /** 1-2 sentence reasoning */
+    reasoning: string;
+    /** Recommended action */
+    recommendation: 'allow' | 'alert' | 'pause' | 'kill';
+    /** Tokens used for this assessment */
+    tokensUsed: number;
+    /** Estimated cost in USD */
+    estimatedCost: number;
+}
+export interface ARPConfig {
+    /** Agent name (for logging and LLM context) */
+    agentName: string;
+    /** Agent's declared purpose / description */
+    agentDescription?: string;
+    /** Agent's declared capabilities (for LLM context) */
+    declaredCapabilities?: string[];
+    /** Data directory for logs and state */
+    dataDir?: string;
+    /** Which monitors to enable (default: all) */
+    monitors?: MonitorConfig;
+    /** Alert and enforcement rules */
+    rules?: AlertRule[];
+    /** Intelligence layer configuration */
+    intelligence?: IntelligenceConfig;
+    /** Application-level interceptors (zero-latency, 100% accuracy) */
+    interceptors?: InterceptorConfig;
+    /** AI-layer protection (prompt, MCP, A2A scanning) */
+    aiLayer?: AILayerConfig;
+    /** HTTP reverse proxy configuration */
+    proxy?: ProxyConfig;
+}
+export interface MonitorConfig {
+    process?: {
+        enabled: boolean;
+        intervalMs?: number;
+    };
+    network?: {
+        enabled: boolean;
+        intervalMs?: number;
+        allowedHosts?: string[];
+    };
+    filesystem?: {
+        enabled: boolean;
+        watchPaths?: string[];
+        allowedPaths?: string[];
+    };
+    skill?: {
+        enabled: boolean;
+    };
+    heartbeat?: {
+        enabled: boolean;
+        expectedUrl?: string;
+        maxStaleMs?: number;
+    };
+}
+/** Interceptor configuration — application-level hooks for zero-latency detection */
+export interface InterceptorConfig {
+    /** Hook child_process module for process spawn interception */
+    process?: {
+        enabled: boolean;
+    };
+    /** Hook net.Socket for outbound connection interception */
+    network?: {
+        enabled: boolean;
+        allowedHosts?: string[];
+    };
+    /** Hook fs module for file operation interception */
+    filesystem?: {
+        enabled: boolean;
+        allowedPaths?: string[];
+    };
+}
+export interface AlertRule {
+    /** Rule name */
+    name: string;
+    /** Trigger condition */
+    condition: AlertCondition;
+    /** Action to take */
+    action: 'log' | 'alert' | 'pause' | 'kill';
+    /** Escalate to L2 LLM for confirmation before enforcement? */
+    requireLlmConfirmation?: boolean;
+}
+export interface AlertCondition {
+    /** Monitor source to match */
+    source?: MonitorType;
+    /** Category to match */
+    category?: EventCategory;
+    /** Minimum severity to trigger */
+    minSeverity?: EventSeverity;
+    /** Custom field match (e.g., { "data.host": "*.evil.com" }) */
+    fieldMatch?: Record<string, string>;
+    /** Threshold: trigger after N events in windowMs */
+    threshold?: {
+        count: number;
+        windowMs: number;
+    };
+}
+export interface IntelligenceConfig {
+    /** Enable LLM-assisted analysis (default: true) */
+    enabled?: boolean;
+    /** LLM adapter to use */
+    adapter?: LLMAdapterType;
+    /** Custom adapter config (API key, model, etc.) */
+    adapterConfig?: Record<string, unknown>;
+    /** Monthly budget in USD (default: 5.00) */
+    budgetUsd?: number;
+    /** Maximum tokens per single assessment (default: 300) */
+    maxTokensPerCall?: number;
+    /** Maximum L2 calls per hour (default: 20) */
+    maxCallsPerHour?: number;
+    /** Minimum L1 severity to escalate to L2 */
+    minSeverityForLlm?: EventSeverity;
+    /** Batch low-priority anomalies instead of individual calls */
+    enableBatching?: boolean;
+    /** Batch window in ms (default: 300000 = 5 min) */
+    batchWindowMs?: number;
+}
+export type LLMAdapterType = 'anthropic' | 'openai' | 'ollama' | 'agent-proxy' | 'custom';
+/** Interface that LLM adapters must implement */
+export interface LLMAdapter {
+    /** Adapter name */
+    readonly name: string;
+    /** Send a micro-prompt and get a structured response */
+    assess(prompt: string, maxTokens: number): Promise<LLMResponse>;
+    /** Estimate cost for a given prompt length */
+    estimateCost(inputTokens: number, outputTokens: number): number;
+    /** Check if the adapter is available and configured */
+    healthCheck(): Promise<boolean>;
+}
+export interface LLMResponse {
+    content: string;
+    inputTokens: number;
+    outputTokens: number;
+    model: string;
+}
+export interface BudgetState {
+    /** Total spent in current period (USD) */
+    totalSpentUsd: number;
+    /** Period start (ISO timestamp) */
+    periodStart: string;
+    /** Number of L2 calls made */
+    totalCalls: number;
+    /** Calls in current hour */
+    callsThisHour: number;
+    /** Hour start (ISO timestamp) */
+    hourStart: string;
+    /** Per-call cost history (last 100) */
+    recentCosts: Array<{
+        timestamp: string;
+        cost: number;
+        tokens: number;
+    }>;
+}
+export type EnforcementAction = 'log' | 'alert' | 'pause' | 'kill';
+export interface EnforcementResult {
+    action: EnforcementAction;
+    targetPid?: number;
+    success: boolean;
+    reason: string;
+    event: ARPEvent;
+}
+export interface AILayerConfig {
+    /** Prompt scanning (injection, jailbreak, data leak detection) */
+    prompt?: {
+        enabled: boolean;
+    };
+    /** MCP protocol scanning (parameter injection, path traversal, SSRF) */
+    mcp?: {
+        enabled: boolean;
+        allowedTools?: string[];
+    };
+    /** A2A protocol scanning (identity spoofing, delegation abuse) */
+    a2a?: {
+        enabled: boolean;
+        trustedAgents?: string[];
+    };
+}
+export interface ProxyConfig {
+    /** Port to listen on */
+    port: number;
+    /** Upstream targets */
+    upstreams: ProxyUpstream[];
+    /** Block requests on detection (default: false, alert only) */
+    blockOnDetection?: boolean;
+}
+export interface ProxyUpstream {
+    /** Path prefix to route (e.g., '/openai', '/mcp', '/a2a') */
+    pathPrefix: string;
+    /** Upstream target URL (e.g., 'http://localhost:3003') */
+    target: string;
+    /** Protocol hint for request/response parsing */
+    protocol: 'openai-api' | 'mcp-http' | 'a2a' | 'passthrough';
+}
+export interface Monitor {
+    readonly type: MonitorType;
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    isRunning(): boolean;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/arp/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/arp/types.ts"],"names":[],"mappings":"AAEA,oCAAoC;AACpC,MAAM,WAAW,QAAQ;IACvB,sBAAsB;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,oBAAoB;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,uCAAuC;IACvC,MAAM,EAAE,WAAW,CAAC;IACpB,qBAAqB;IACrB,QAAQ,EAAE,aAAa,CAAC;IACxB,sCAAsC;IACtC,QAAQ,EAAE,aAAa,CAAC;IACxB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,qDAAqD;IACrD,YAAY,EAAE,UAAU,GAAG,gBAAgB,GAAG,QAAQ,CAAC;IACvD,gDAAgD;IAChD,aAAa,CAAC,EAAE,aAAa,CAAC;CAC/B;AAED,MAAM,MAAM,WAAW,GAAG,SAAS,GAAG,SAAS,GAAG,YAAY,GAAG,OAAO,GAAG,WAAW,GAAG,QAAQ,GAAG,cAAc,GAAG,cAAc,CAAC;AACpI,MAAM,MAAM,aAAa,GAAG,QAAQ,GAAG,SAAS,GAAG,WAAW,GAAG,QAAQ,CAAC;AAC1E,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE5E,qDAAqD;AACrD,MAAM,WAAW,aAAa;IAC5B,kEAAkE;IAClE,UAAU,EAAE,OAAO,CAAC;IACpB,2BAA2B;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,6BAA6B;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,yBAAyB;IACzB,cAAc,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;IACrD,sCAAsC;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,4BAA4B;IAC5B,aAAa,EAAE,MAAM,CAAC;CACvB;AAID,MAAM,WAAW,SAAS;IACxB,+CAA+C;IAC/C,SAAS,EAAE,MAAM,CAAC;IAClB,6CAA6C;IAC7C,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,sDAAsD;IACtD,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,wCAAwC;IACxC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,8CAA8C;IAC9C,QAAQ,CAAC,EAAE,aAAa,CAAC;IACzB,kCAAkC;IAClC,KAAK,CAAC,EAAE,SAAS,EAAE,CAAC;IACpB,uCAAuC;IACvC,YAAY,CAAC,EAAE,kBAAkB,CAAC;IAClC,mEAAmE;IACnE,YAAY,CAAC,EAAE,iBAAiB,CAAC;IACjC,sDAAsD;IACtD,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,uCAAuC;IACvC,KAAK,CAAC,EAAE,WAAW,CAAC;CACrB;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACpD,OAAO,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,UAAU,CAAC,EAAE,MAAM,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IAC7E,UAAU,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IAClF,KAAK,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAC7B,SAAS,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAC7E;AAED,qFAAqF;AACrF,MAAM,WAAW,iBAAiB;IAChC,+DAA+D;IAC/D,OAAO,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAC/B,2DAA2D;IAC3D,OAAO,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IACxD,qDAAqD;IACrD,UAAU,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CAC5D;AAED,MAAM,WAAW,SAAS;IACxB,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,wBAAwB;IACxB,SAAS,EAAE,cAAc,CAAC;IAC1B,qBAAqB;IACrB,MAAM,EAAE,KAAK,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;IAC3C,8DAA8D;IAC9D,sBAAsB,CAAC,EAAE,OAAO,CAAC;CAClC;AAED,MAAM,WAAW,cAAc;IAC7B,8BAA8B;IAC9B,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,wBAAwB;IACxB,QAAQ,CAAC,EAAE,aAAa,CAAC;IACzB,kCAAkC;IAClC,WAAW,CAAC,EAAE,aAAa,CAAC;IAC5B,+DAA+D;IAC/D,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,oDAAoD;IACpD,SAAS,CAAC,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;CACjD;AAID,MAAM,WAAW,kBAAkB;IACjC,mDAAmD;IACnD,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,yBAAyB;IACzB,OAAO,CAAC,EAAE,cAAc,CAAC;IACzB,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,4CAA4C;IAC5C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,0DAA0D;IAC1D,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,8CAA8C;IAC9C,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,4CAA4C;IAC5C,iBAAiB,CAAC,EAAE,aAAa,CAAC;IAClC,+DAA+D;IAC/D,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,mDAAmD;IACnD,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,MAAM,cAAc,GACtB,WAAW,GACX,QAAQ,GACR,QAAQ,GACR,aAAa,GACb,QAAQ,CAAC;AAEb,iDAAiD;AACjD,MAAM,WAAW,UAAU;IACzB,mBAAmB;IACnB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,wDAAwD;IACxD,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;IAChE,8CAA8C;IAC9C,YAAY,CAAC,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,MAAM,CAAC;IAChE,uDAAuD;IACvD,WAAW,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;CACjC;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf;AAID,MAAM,WAAW,WAAW;IAC1B,0CAA0C;IAC1C,aAAa,EAAE,MAAM,CAAC;IACtB,mCAAmC;IACnC,WAAW,EAAE,MAAM,CAAC;IACpB,8BAA8B;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,4BAA4B;IAC5B,aAAa,EAAE,MAAM,CAAC;IACtB,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,uCAAuC;IACvC,WAAW,EAAE,KAAK,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACzE;AAID,MAAM,MAAM,iBAAiB,GAAG,KAAK,GAAG,OAAO,GAAG,OAAO,GAAG,MAAM,CAAC;AAEnE,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,iBAAiB,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,QAAQ,CAAC;CACjB;AAID,MAAM,WAAW,aAAa;IAC5B,kEAAkE;IAClE,MAAM,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAC9B,wEAAwE;IACxE,GAAG,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IACpD,kEAAkE;IAClE,GAAG,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;CACtD;AAID,MAAM,WAAW,WAAW;IAC1B,wBAAwB;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,SAAS,EAAE,aAAa,EAAE,CAAC;IAC3B,+DAA+D;IAC/D,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,6DAA6D;IAC7D,UAAU,EAAE,MAAM,CAAC;IACnB,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;IACf,iDAAiD;IACjD,QAAQ,EAAE,YAAY,GAAG,UAAU,GAAG,KAAK,GAAG,aAAa,CAAC;CAC7D;AAID,MAAM,WAAW,OAAO;IACtB,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC;IAC3B,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACtB,SAAS,IAAI,OAAO,CAAC;CACtB"}

package/dist/arp/types.js

@@ -0,0 +1,4 @@
+"use strict";
+// --- Core ARP Types ---
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/arp/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/arp/types.ts"],"names":[],"mappings":";AAAA,yBAAyB"}

package/dist/attack/custom-payloads.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Custom Payload Parser
+ * Parses and validates user-provided JSON payload files
+ */
+import { AttackPayload } from './types';
+/**
+ * Parse a JSON string containing custom attack payloads.
+ * Validates structure, compiles regex patterns, and applies defaults.
+ */
+export declare function parseCustomPayloads(jsonString: string): AttackPayload[];
+//# sourceMappingURL=custom-payloads.d.ts.map

package/dist/attack/custom-payloads.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"custom-payloads.d.ts","sourceRoot":"","sources":["../../src/attack/custom-payloads.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,aAAa,EAKd,MAAM,SAAS,CAAC;AAWjB;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,aAAa,EAAE,CAkFvE"}

package/dist/attack/custom-payloads.js

@@ -0,0 +1,108 @@
+"use strict";
+/**
+ * Custom Payload Parser
+ * Parses and validates user-provided JSON payload files
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseCustomPayloads = parseCustomPayloads;
+const VALID_CATEGORIES = [
+    'prompt-injection', 'jailbreak', 'data-exfiltration',
+    'capability-abuse', 'context-manipulation',
+];
+const VALID_INTENSITIES = ['passive', 'active', 'aggressive'];
+const VALID_SEVERITIES = ['critical', 'high', 'medium', 'low', 'info'];
+/**
+ * Parse a JSON string containing custom attack payloads.
+ * Validates structure, compiles regex patterns, and applies defaults.
+ */
+function parseCustomPayloads(jsonString) {
+    let parsed;
+    try {
+        parsed = JSON.parse(jsonString);
+    }
+    catch (e) {
+        throw new Error(`Invalid JSON in payload file: ${e instanceof Error ? e.message : 'parse error'}`);
+    }
+    if (!parsed || typeof parsed !== 'object' || !Array.isArray(parsed.payloads)) {
+        throw new Error('Payload file must contain a "payloads" array (e.g. { "payloads": [...] })');
+    }
+    const inputs = parsed.payloads;
+    if (inputs.length === 0) {
+        throw new Error('Payload file "payloads" array must not be empty');
+    }
+    const seenIds = new Set();
+    const results = [];
+    for (let i = 0; i < inputs.length; i++) {
+        const raw = inputs[i];
+        const label = `payloads[${i}]`;
+        if (!raw || typeof raw !== 'object') {
+            throw new Error(`${label}: must be an object`);
+        }
+        // Required fields
+        if (typeof raw.id !== 'string' || raw.id.trim() === '') {
+            throw new Error(`${label}: "id" is required and must be a non-empty string`);
+        }
+        if (typeof raw.payload !== 'string' || raw.payload.trim() === '') {
+            throw new Error(`${label} (${raw.id}): "payload" is required and must be a non-empty string`);
+        }
+        const id = raw.id;
+        // Duplicate check
+        if (seenIds.has(id)) {
+            throw new Error(`${label}: duplicate id "${id}"`);
+        }
+        seenIds.add(id);
+        // Validate enum fields
+        if (raw.category !== undefined) {
+            if (!VALID_CATEGORIES.includes(raw.category)) {
+                throw new Error(`${label} (${id}): invalid category "${raw.category}". Use: ${VALID_CATEGORIES.join(', ')}`);
+            }
+        }
+        if (raw.intensity !== undefined) {
+            if (!VALID_INTENSITIES.includes(raw.intensity)) {
+                throw new Error(`${label} (${id}): invalid intensity "${raw.intensity}". Use: ${VALID_INTENSITIES.join(', ')}`);
+            }
+        }
+        if (raw.severity !== undefined) {
+            if (!VALID_SEVERITIES.includes(raw.severity)) {
+                throw new Error(`${label} (${id}): invalid severity "${raw.severity}". Use: ${VALID_SEVERITIES.join(', ')}`);
+            }
+        }
+        // Compile regex patterns
+        const successIndicators = compilePatterns(raw.successIndicators, label, id, 'successIndicators');
+        const blockedIndicators = compilePatterns(raw.blockedIndicators, label, id, 'blockedIndicators');
+        results.push({
+            id,
+            payload: raw.payload,
+            name: raw.name || `Custom Payload ${id}`,
+            description: raw.description || 'Custom attack payload',
+            category: raw.category || 'prompt-injection',
+            intensity: raw.intensity || 'active',
+            severity: raw.severity || 'medium',
+            successIndicators,
+            blockedIndicators,
+            oasbControl: raw.oasbControl,
+            cwe: raw.cwe,
+            remediation: raw.remediation || 'Review agent response for unexpected behavior',
+        });
+    }
+    return results;
+}
+function compilePatterns(patterns, label, id, field) {
+    if (!patterns)
+        return [];
+    if (!Array.isArray(patterns)) {
+        throw new Error(`${label} (${id}): "${field}" must be an array of strings`);
+    }
+    return patterns.map((p, j) => {
+        if (typeof p !== 'string') {
+            throw new Error(`${label} (${id}): ${field}[${j}] must be a string`);
+        }
+        try {
+            return new RegExp(p, 'i');
+        }
+        catch (e) {
+            throw new Error(`${label} (${id}): ${field}[${j}] is not a valid regex: "${p}"`);
+        }
+    });
+}
+//# sourceMappingURL=custom-payloads.js.map

package/dist/attack/custom-payloads.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"custom-payloads.js","sourceRoot":"","sources":["../../src/attack/custom-payloads.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAuBH,kDAkFC;AA/FD,MAAM,gBAAgB,GAAqB;IACzC,kBAAkB,EAAE,WAAW,EAAE,mBAAmB;IACpD,kBAAkB,EAAE,sBAAsB;CAC3C,CAAC;AAEF,MAAM,iBAAiB,GAAsB,CAAC,SAAS,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;AAEjF,MAAM,gBAAgB,GAAqB,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;AAEzF;;;GAGG;AACH,SAAgB,mBAAmB,CAAC,UAAkB;IACpD,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAClC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC;IACrG,CAAC;IAED,IAAI,CAAC,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAE,MAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;QACtF,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;IAC/F,CAAC;IAED,MAAM,MAAM,GAAe,MAAc,CAAC,QAAQ,CAAC;IACnD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,MAAM,OAAO,GAAoB,EAAE,CAAC;IAEpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,GAAG,GAAG,MAAM,CAAC,CAAC,CAA4B,CAAC;QACjD,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC;QAE/B,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,qBAAqB,CAAC,CAAC;QACjD,CAAC;QAED,kBAAkB;QAClB,IAAI,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,IAAI,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACvD,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mDAAmD,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACjE,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,GAAG,CAAC,EAAE,yDAAyD,CAAC,CAAC;QAChG,CAAC;QAED,MAAM,EAAE,GAAG,GAAG,CAAC,EAAY,CAAC;QAE5B,kBAAkB;QAClB,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,mBAAmB,EAAE,GAAG,CAAC,CAAC;QACpD,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,uBAAuB;QACvB,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAA0B,CAAC,EAAE,CAAC;gBAC/D,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,wBAAwB,GAAG,CAAC,QAAQ,WAAW,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/G,CAAC;QACH,CAAC;QACD,IAAI,GAAG,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YAChC,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,SAA4B,CAAC,EAAE,CAAC;gBAClE,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,yBAAyB,GAAG,CAAC,SAAS,WAAW,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAClH,CAAC;QACH,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YAC/B,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,GAAG,CAAC,QAA0B,CAAC,EAAE,CAAC;gBAC/D,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,wBAAwB,GAAG,CAAC,QAAQ,WAAW,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/G,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,MAAM,iBAAiB,GAAG,eAAe,CAAC,GAAG,CAAC,iBAAyC,EAAE,KAAK,EAAE,EAAE,EAAE,mBAAmB,CAAC,CAAC;QACzH,MAAM,iBAAiB,GAAG,eAAe,CAAC,GAAG,CAAC,iBAAyC,EAAE,KAAK,EAAE,EAAE,EAAE,mBAAmB,CAAC,CAAC;QAEzH,OAAO,CAAC,IAAI,CAAC;YACX,EAAE;YACF,OAAO,EAAE,GAAG,CAAC,OAAiB;YAC9B,IAAI,EAAG,GAAG,CAAC,IAAe,IAAI,kBAAkB,EAAE,EAAE;YACpD,WAAW,EAAG,GAAG,CAAC,WAAsB,IAAI,uBAAuB;YACnE,QAAQ,EAAG,GAAG,CAAC,QAA2B,IAAI,kBAAkB;YAChE,SAAS,EAAG,GAAG,CAAC,SAA6B,IAAI,QAAQ;YACzD,QAAQ,EAAG,GAAG,CAAC,QAA2B,IAAI,QAAQ;YACtD,iBAAiB;YACjB,iBAAiB;YACjB,WAAW,EAAE,GAAG,CAAC,WAAiC;YAClD,GAAG,EAAE,GAAG,CAAC,GAAyB;YAClC,WAAW,EAAG,GAAG,CAAC,WAAsB,IAAI,+CAA+C;SAC5F,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,eAAe,CACtB,QAA8B,EAC9B,KAAa,EACb,EAAU,EACV,KAAa;IAEb,IAAI,CAAC,QAAQ;QAAE,OAAO,EAAE,CAAC;IACzB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,OAAO,KAAK,+BAA+B,CAAC,CAAC;IAC9E,CAAC;IACD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAC3B,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACvE,CAAC;QACD,IAAI,CAAC;YACH,OAAO,IAAI,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,GAAG,KAAK,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC,4BAA4B,CAAC,GAAG,CAAC,CAAC;QACnF,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/attack/fail-policy.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Fail Policy
+ * CI/CD gate logic for --fail-on-vulnerable
+ */
+import { AttackReport, AttackSeverity } from './types';
+/** Policy: undefined = legacy, true = any finding, severity string = threshold */
+export type FailPolicy = undefined | true | AttackSeverity;
+/**
+ * Determine if the process should exit with failure based on attack results.
+ *
+ * - undefined: legacy behavior — fail on critical/high riskRating
+ * - true / 'low': fail if any successful attack
+ * - severity: fail if any successful attack has severity >= threshold
+ */
+export declare function shouldFail(report: AttackReport, policy: FailPolicy): boolean;
+//# sourceMappingURL=fail-policy.d.ts.map

package/dist/attack/fail-policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fail-policy.d.ts","sourceRoot":"","sources":["../../src/attack/fail-policy.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,SAAS,CAAC;AAEvD,kFAAkF;AAClF,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,IAAI,GAAG,cAAc,CAAC;AAU3D;;;;;;GAMG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,UAAU,GAAG,OAAO,CAkB5E"}

package/dist/attack/fail-policy.js

@@ -0,0 +1,36 @@
+"use strict";
+/**
+ * Fail Policy
+ * CI/CD gate logic for --fail-on-vulnerable
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.shouldFail = shouldFail;
+const SEVERITY_ORDER = {
+    info: 0,
+    low: 1,
+    medium: 2,
+    high: 3,
+    critical: 4,
+};
+/**
+ * Determine if the process should exit with failure based on attack results.
+ *
+ * - undefined: legacy behavior — fail on critical/high riskRating
+ * - true / 'low': fail if any successful attack
+ * - severity: fail if any successful attack has severity >= threshold
+ */
+function shouldFail(report, policy) {
+    if (policy === undefined) {
+        // Legacy default
+        return report.riskRating === 'critical' || report.riskRating === 'high';
+    }
+    if (report.summary.successful === 0) {
+        return false;
+    }
+    if (policy === true || policy === 'low') {
+        return true;
+    }
+    const threshold = SEVERITY_ORDER[policy];
+    return report.results.some(r => r.success && SEVERITY_ORDER[r.payload.severity] >= threshold);
+}
+//# sourceMappingURL=fail-policy.js.map

package/dist/attack/fail-policy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fail-policy.js","sourceRoot":"","sources":["../../src/attack/fail-policy.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAsBH,gCAkBC;AAjCD,MAAM,cAAc,GAAmC;IACrD,IAAI,EAAE,CAAC;IACP,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF;;;;;;GAMG;AACH,SAAgB,UAAU,CAAC,MAAoB,EAAE,MAAkB;IACjE,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,iBAAiB;QACjB,OAAO,MAAM,CAAC,UAAU,KAAK,UAAU,IAAI,MAAM,CAAC,UAAU,KAAK,MAAM,CAAC;IAC1E,CAAC;IAED,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,KAAK,CAAC,EAAE,CAAC;QACpC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;QACxC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,SAAS,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IACzC,OAAO,MAAM,CAAC,OAAO,CAAC,IAAI,CACxB,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,SAAS,CAClE,CAAC;AACJ,CAAC"}

package/dist/attack/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Attack Module
+ * Adversarial security testing for AI agents
+ */
+export { AttackScanner } from './scanner';
+export { parseCustomPayloads } from './custom-payloads';
+export { shouldFail } from './fail-policy';
+export type { FailPolicy } from './fail-policy';
+export { AttackCategory, AttackIntensity, AttackSeverity, AttackPayload, AttackResult, AttackReport, AttackTarget, AttackOptions, ATTACK_CATEGORIES, } from './types';
+export type { CustomPayloadInput, CustomPayloadFile } from './types';
+export { ALL_PAYLOADS, PAYLOAD_STATS, getPayloads, getPayloadById, getPayloadsByCategory, getPayloadsByIntensity, PROMPT_INJECTION_PAYLOADS, JAILBREAK_PAYLOADS, DATA_EXFILTRATION_PAYLOADS, CAPABILITY_ABUSE_PAYLOADS, CONTEXT_MANIPULATION_PAYLOADS, MCP_EXPLOITATION_PAYLOADS, A2A_ATTACK_PAYLOADS, } from './payloads';
+//# sourceMappingURL=index.d.ts.map

package/dist/attack/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/attack/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,YAAY,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEhD,OAAO,EACL,cAAc,EACd,eAAe,EACf,cAAc,EACd,aAAa,EACb,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,aAAa,EACb,iBAAiB,GAClB,MAAM,SAAS,CAAC;AAEjB,YAAY,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAErE,OAAO,EACL,YAAY,EACZ,aAAa,EACb,WAAW,EACX,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EACtB,yBAAyB,EACzB,kBAAkB,EAClB,0BAA0B,EAC1B,yBAAyB,EACzB,6BAA6B,EAC7B,yBAAyB,EACzB,mBAAmB,GACpB,MAAM,YAAY,CAAC"}

package/dist/attack/index.js

@@ -0,0 +1,30 @@
+"use strict";
+/**
+ * Attack Module
+ * Adversarial security testing for AI agents
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.A2A_ATTACK_PAYLOADS = exports.MCP_EXPLOITATION_PAYLOADS = exports.CONTEXT_MANIPULATION_PAYLOADS = exports.CAPABILITY_ABUSE_PAYLOADS = exports.DATA_EXFILTRATION_PAYLOADS = exports.JAILBREAK_PAYLOADS = exports.PROMPT_INJECTION_PAYLOADS = exports.getPayloadsByIntensity = exports.getPayloadsByCategory = exports.getPayloadById = exports.getPayloads = exports.PAYLOAD_STATS = exports.ALL_PAYLOADS = exports.ATTACK_CATEGORIES = exports.shouldFail = exports.parseCustomPayloads = exports.AttackScanner = void 0;
+var scanner_1 = require("./scanner");
+Object.defineProperty(exports, "AttackScanner", { enumerable: true, get: function () { return scanner_1.AttackScanner; } });
+var custom_payloads_1 = require("./custom-payloads");
+Object.defineProperty(exports, "parseCustomPayloads", { enumerable: true, get: function () { return custom_payloads_1.parseCustomPayloads; } });
+var fail_policy_1 = require("./fail-policy");
+Object.defineProperty(exports, "shouldFail", { enumerable: true, get: function () { return fail_policy_1.shouldFail; } });
+var types_1 = require("./types");
+Object.defineProperty(exports, "ATTACK_CATEGORIES", { enumerable: true, get: function () { return types_1.ATTACK_CATEGORIES; } });
+var payloads_1 = require("./payloads");
+Object.defineProperty(exports, "ALL_PAYLOADS", { enumerable: true, get: function () { return payloads_1.ALL_PAYLOADS; } });
+Object.defineProperty(exports, "PAYLOAD_STATS", { enumerable: true, get: function () { return payloads_1.PAYLOAD_STATS; } });
+Object.defineProperty(exports, "getPayloads", { enumerable: true, get: function () { return payloads_1.getPayloads; } });
+Object.defineProperty(exports, "getPayloadById", { enumerable: true, get: function () { return payloads_1.getPayloadById; } });
+Object.defineProperty(exports, "getPayloadsByCategory", { enumerable: true, get: function () { return payloads_1.getPayloadsByCategory; } });
+Object.defineProperty(exports, "getPayloadsByIntensity", { enumerable: true, get: function () { return payloads_1.getPayloadsByIntensity; } });
+Object.defineProperty(exports, "PROMPT_INJECTION_PAYLOADS", { enumerable: true, get: function () { return payloads_1.PROMPT_INJECTION_PAYLOADS; } });
+Object.defineProperty(exports, "JAILBREAK_PAYLOADS", { enumerable: true, get: function () { return payloads_1.JAILBREAK_PAYLOADS; } });
+Object.defineProperty(exports, "DATA_EXFILTRATION_PAYLOADS", { enumerable: true, get: function () { return payloads_1.DATA_EXFILTRATION_PAYLOADS; } });
+Object.defineProperty(exports, "CAPABILITY_ABUSE_PAYLOADS", { enumerable: true, get: function () { return payloads_1.CAPABILITY_ABUSE_PAYLOADS; } });
+Object.defineProperty(exports, "CONTEXT_MANIPULATION_PAYLOADS", { enumerable: true, get: function () { return payloads_1.CONTEXT_MANIPULATION_PAYLOADS; } });
+Object.defineProperty(exports, "MCP_EXPLOITATION_PAYLOADS", { enumerable: true, get: function () { return payloads_1.MCP_EXPLOITATION_PAYLOADS; } });
+Object.defineProperty(exports, "A2A_ATTACK_PAYLOADS", { enumerable: true, get: function () { return payloads_1.A2A_ATTACK_PAYLOADS; } });
+//# sourceMappingURL=index.js.map

package/dist/attack/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/attack/index.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,qCAA0C;AAAjC,wGAAA,aAAa,OAAA;AACtB,qDAAwD;AAA/C,sHAAA,mBAAmB,OAAA;AAC5B,6CAA2C;AAAlC,yGAAA,UAAU,OAAA;AAGnB,iCAUiB;AADf,0GAAA,iBAAiB,OAAA;AAKnB,uCAcoB;AAblB,wGAAA,YAAY,OAAA;AACZ,yGAAA,aAAa,OAAA;AACb,uGAAA,WAAW,OAAA;AACX,0GAAA,cAAc,OAAA;AACd,iHAAA,qBAAqB,OAAA;AACrB,kHAAA,sBAAsB,OAAA;AACtB,qHAAA,yBAAyB,OAAA;AACzB,8GAAA,kBAAkB,OAAA;AAClB,sHAAA,0BAA0B,OAAA;AAC1B,qHAAA,yBAAyB,OAAA;AACzB,yHAAA,6BAA6B,OAAA;AAC7B,qHAAA,yBAAyB,OAAA;AACzB,+GAAA,mBAAmB,OAAA"}

package/dist/attack/payloads/a2a-attacks.d.ts

@@ -0,0 +1,12 @@
+/**
+ * A2A (Agent-to-Agent) Attack Payloads
+ * Tests for identity spoofing, delegation abuse, and embedded
+ * prompt injection via A2A message protocol.
+ *
+ * These payloads are sent as A2A messages: {from, to, content}.
+ * The `payload` field is the message content.
+ */
+import { AttackPayload } from '../types';
+export declare const A2A_ATTACK_PAYLOADS: AttackPayload[];
+export default A2A_ATTACK_PAYLOADS;
+//# sourceMappingURL=a2a-attacks.d.ts.map

package/dist/attack/payloads/a2a-attacks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"a2a-attacks.d.ts","sourceRoot":"","sources":["../../../src/attack/payloads/a2a-attacks.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,eAAO,MAAM,mBAAmB,EAAE,aAAa,EAmN9C,CAAC;AAEF,eAAe,mBAAmB,CAAC"}