npm - hackmyagent - Versions diffs - 0.7.2 → 0.8.1 - Mend

hackmyagent 0.7.2 → 0.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (393) hide show

package/LICENSE +191 -0
package/README.md +172 -261
package/dist/abgr/controls.d.ts +35 -0
package/dist/abgr/controls.d.ts.map +1 -0
package/dist/abgr/controls.js +1058 -0
package/dist/abgr/controls.js.map +1 -0
package/dist/abgr/detector.d.ts +45 -0
package/dist/abgr/detector.d.ts.map +1 -0
package/dist/abgr/detector.js +175 -0
package/dist/abgr/detector.js.map +1 -0
package/dist/abgr/index.d.ts +24 -0
package/dist/abgr/index.d.ts.map +1 -0
package/dist/abgr/index.js +50 -0
package/dist/abgr/index.js.map +1 -0
package/dist/abgr/scorer.d.ts +36 -0
package/dist/abgr/scorer.d.ts.map +1 -0
package/dist/abgr/scorer.js +205 -0
package/dist/abgr/scorer.js.map +1 -0
package/dist/abgr/templates.d.ts +35 -0
package/dist/abgr/templates.d.ts.map +1 -0
package/dist/abgr/templates.js +668 -0
package/dist/abgr/templates.js.map +1 -0
package/dist/abgr/tier.d.ts +27 -0
package/dist/abgr/tier.d.ts.map +1 -0
package/dist/abgr/tier.js +115 -0
package/dist/abgr/tier.js.map +1 -0
package/dist/abgr/types.d.ts +59 -0
package/dist/abgr/types.d.ts.map +1 -0
package/dist/abgr/types.js +10 -0
package/dist/abgr/types.js.map +1 -0
package/dist/agent-scan/checks.d.ts +6 -0
package/dist/agent-scan/checks.d.ts.map +1 -0
package/dist/agent-scan/checks.js +93 -0
package/dist/agent-scan/checks.js.map +1 -0
package/dist/agent-scan/index.d.ts +10 -0
package/dist/agent-scan/index.d.ts.map +1 -0
package/dist/agent-scan/index.js +16 -0
package/dist/agent-scan/index.js.map +1 -0
package/dist/agent-scan/scanner.d.ts +31 -0
package/dist/agent-scan/scanner.d.ts.map +1 -0
package/dist/agent-scan/scanner.js +484 -0
package/dist/agent-scan/scanner.js.map +1 -0
package/dist/agent-scan/types.d.ts +63 -0
package/dist/agent-scan/types.d.ts.map +1 -0
package/dist/agent-scan/types.js +10 -0
package/dist/agent-scan/types.js.map +1 -0
package/dist/arp/cli/index.d.ts +3 -0
package/dist/arp/cli/index.d.ts.map +1 -0
package/dist/arp/cli/index.js +225 -0
package/dist/arp/cli/index.js.map +1 -0
package/dist/arp/config/loader.d.ts +8 -0
package/dist/arp/config/loader.d.ts.map +1 -0
package/dist/arp/config/loader.js +102 -0
package/dist/arp/config/loader.js.map +1 -0
package/dist/arp/enforcement/kill-switch.d.ts +22 -0
package/dist/arp/enforcement/kill-switch.d.ts.map +1 -0
package/dist/arp/enforcement/kill-switch.js +122 -0
package/dist/arp/enforcement/kill-switch.js.map +1 -0
package/dist/arp/engine/event-engine.d.ts +29 -0
package/dist/arp/engine/event-engine.d.ts.map +1 -0
package/dist/arp/engine/event-engine.js +233 -0
package/dist/arp/engine/event-engine.js.map +1 -0
package/dist/arp/index.d.ts +81 -0
package/dist/arp/index.d.ts.map +1 -0
package/dist/arp/index.js +239 -0
package/dist/arp/index.js.map +1 -0
package/dist/arp/intelligence/adapters.d.ts +45 -0
package/dist/arp/intelligence/adapters.d.ts.map +1 -0
package/dist/arp/intelligence/adapters.js +222 -0
package/dist/arp/intelligence/adapters.js.map +1 -0
package/dist/arp/intelligence/anomaly.d.ts +32 -0
package/dist/arp/intelligence/anomaly.d.ts.map +1 -0
package/dist/arp/intelligence/anomaly.js +80 -0
package/dist/arp/intelligence/anomaly.js.map +1 -0
package/dist/arp/intelligence/budget.d.ts +33 -0
package/dist/arp/intelligence/budget.d.ts.map +1 -0
package/dist/arp/intelligence/budget.js +150 -0
package/dist/arp/intelligence/budget.js.map +1 -0
package/dist/arp/intelligence/coordinator.d.ts +43 -0
package/dist/arp/intelligence/coordinator.d.ts.map +1 -0
package/dist/arp/intelligence/coordinator.js +301 -0
package/dist/arp/intelligence/coordinator.js.map +1 -0
package/dist/arp/interceptors/a2a-protocol.d.ts +29 -0
package/dist/arp/interceptors/a2a-protocol.d.ts.map +1 -0
package/dist/arp/interceptors/a2a-protocol.js +111 -0
package/dist/arp/interceptors/a2a-protocol.js.map +1 -0
package/dist/arp/interceptors/filesystem.d.ts +33 -0
package/dist/arp/interceptors/filesystem.d.ts.map +1 -0
package/dist/arp/interceptors/filesystem.js +199 -0
package/dist/arp/interceptors/filesystem.js.map +1 -0
package/dist/arp/interceptors/mcp-protocol.d.ts +25 -0
package/dist/arp/interceptors/mcp-protocol.d.ts.map +1 -0
package/dist/arp/interceptors/mcp-protocol.js +126 -0
package/dist/arp/interceptors/mcp-protocol.js.map +1 -0
package/dist/arp/interceptors/network.d.ts +26 -0
package/dist/arp/interceptors/network.d.ts.map +1 -0
package/dist/arp/interceptors/network.js +146 -0
package/dist/arp/interceptors/network.js.map +1 -0
package/dist/arp/interceptors/process.d.ts +26 -0
package/dist/arp/interceptors/process.d.ts.map +1 -0
package/dist/arp/interceptors/process.js +157 -0
package/dist/arp/interceptors/process.js.map +1 -0
package/dist/arp/interceptors/prompt.d.ts +29 -0
package/dist/arp/interceptors/prompt.d.ts.map +1 -0
package/dist/arp/interceptors/prompt.js +82 -0
package/dist/arp/interceptors/prompt.js.map +1 -0
package/dist/arp/license/index.d.ts +59 -0
package/dist/arp/license/index.d.ts.map +1 -0
package/dist/arp/license/index.js +78 -0
package/dist/arp/license/index.js.map +1 -0
package/dist/arp/monitors/filesystem.d.ts +21 -0
package/dist/arp/monitors/filesystem.d.ts.map +1 -0
package/dist/arp/monitors/filesystem.js +141 -0
package/dist/arp/monitors/filesystem.js.map +1 -0
package/dist/arp/monitors/network.d.ts +32 -0
package/dist/arp/monitors/network.d.ts.map +1 -0
package/dist/arp/monitors/network.js +301 -0
package/dist/arp/monitors/network.js.map +1 -0
package/dist/arp/monitors/process.d.ts +24 -0
package/dist/arp/monitors/process.d.ts.map +1 -0
package/dist/arp/monitors/process.js +205 -0
package/dist/arp/monitors/process.js.map +1 -0
package/dist/arp/patterns/ai-threats.d.ts +48 -0
package/dist/arp/patterns/ai-threats.d.ts.map +1 -0
package/dist/arp/patterns/ai-threats.js +215 -0
package/dist/arp/patterns/ai-threats.js.map +1 -0
package/dist/arp/proxy/forward.d.ts +23 -0
package/dist/arp/proxy/forward.d.ts.map +1 -0
package/dist/arp/proxy/forward.js +152 -0
package/dist/arp/proxy/forward.js.map +1 -0
package/dist/arp/proxy/server.d.ts +45 -0
package/dist/arp/proxy/server.d.ts.map +1 -0
package/dist/arp/proxy/server.js +331 -0
package/dist/arp/proxy/server.js.map +1 -0
package/dist/arp/reporting/local-log.d.ts +22 -0
package/dist/arp/reporting/local-log.d.ts.map +1 -0
package/dist/arp/reporting/local-log.js +116 -0
package/dist/arp/reporting/local-log.js.map +1 -0
package/dist/arp/types.d.ts +230 -0
package/dist/arp/types.d.ts.map +1 -0
package/dist/arp/types.js +4 -0
package/dist/arp/types.js.map +1 -0
package/dist/attack/custom-payloads.d.ts +11 -0
package/dist/attack/custom-payloads.d.ts.map +1 -0
package/dist/attack/custom-payloads.js +108 -0
package/dist/attack/custom-payloads.js.map +1 -0
package/dist/attack/fail-policy.d.ts +16 -0
package/dist/attack/fail-policy.d.ts.map +1 -0
package/dist/attack/fail-policy.js +36 -0
package/dist/attack/fail-policy.js.map +1 -0
package/dist/attack/index.d.ts +12 -0
package/dist/attack/index.d.ts.map +1 -0
package/dist/attack/index.js +30 -0
package/dist/attack/index.js.map +1 -0
package/dist/attack/payloads/a2a-attacks.d.ts +12 -0
package/dist/attack/payloads/a2a-attacks.d.ts.map +1 -0
package/dist/attack/payloads/a2a-attacks.js +221 -0
package/dist/attack/payloads/a2a-attacks.js.map +1 -0
package/dist/attack/payloads/capability-abuse.d.ts +8 -0
package/dist/attack/payloads/capability-abuse.d.ts.map +1 -0
package/dist/attack/payloads/capability-abuse.js +222 -0
package/dist/attack/payloads/capability-abuse.js.map +1 -0
package/dist/attack/payloads/context-manipulation.d.ts +8 -0
package/dist/attack/payloads/context-manipulation.d.ts.map +1 -0
package/dist/attack/payloads/context-manipulation.js +217 -0
package/dist/attack/payloads/context-manipulation.js.map +1 -0
package/dist/attack/payloads/data-exfiltration.d.ts +8 -0
package/dist/attack/payloads/data-exfiltration.d.ts.map +1 -0
package/dist/attack/payloads/data-exfiltration.js +249 -0
package/dist/attack/payloads/data-exfiltration.js.map +1 -0
package/dist/attack/payloads/index.d.ts +29 -0
package/dist/attack/payloads/index.d.ts.map +1 -0
package/dist/attack/payloads/index.js +76 -0
package/dist/attack/payloads/index.js.map +1 -0
package/dist/attack/payloads/jailbreak.d.ts +8 -0
package/dist/attack/payloads/jailbreak.d.ts.map +1 -0
package/dist/attack/payloads/jailbreak.js +265 -0
package/dist/attack/payloads/jailbreak.js.map +1 -0
package/dist/attack/payloads/mcp-exploitation.d.ts +12 -0
package/dist/attack/payloads/mcp-exploitation.d.ts.map +1 -0
package/dist/attack/payloads/mcp-exploitation.js +221 -0
package/dist/attack/payloads/mcp-exploitation.js.map +1 -0
package/dist/attack/payloads/prompt-injection.d.ts +8 -0
package/dist/attack/payloads/prompt-injection.d.ts.map +1 -0
package/dist/attack/payloads/prompt-injection.js +262 -0
package/dist/attack/payloads/prompt-injection.js.map +1 -0
package/dist/attack/scanner.d.ts +84 -0
package/dist/attack/scanner.d.ts.map +1 -0
package/dist/attack/scanner.js +509 -0
package/dist/attack/scanner.js.map +1 -0
package/dist/attack/types.d.ts +153 -0
package/dist/attack/types.d.ts.map +1 -0
package/dist/attack/types.js +46 -0
package/dist/attack/types.js.map +1 -0
package/dist/benchmarks/index.d.ts +16 -0
package/dist/benchmarks/index.d.ts.map +1 -0
package/dist/benchmarks/index.js +27 -0
package/dist/benchmarks/index.js.map +1 -0
package/dist/benchmarks/oasb-1.d.ts +112 -0
package/dist/benchmarks/oasb-1.d.ts.map +1 -0
package/dist/benchmarks/oasb-1.js +1124 -0
package/dist/benchmarks/oasb-1.js.map +1 -0
package/dist/checker/check-skill.d.ts +48 -0
package/dist/checker/check-skill.d.ts.map +1 -0
package/dist/checker/check-skill.js +105 -0
package/dist/checker/check-skill.js.map +1 -0
package/dist/checker/index.d.ts +12 -0
package/dist/checker/index.d.ts.map +1 -0
package/dist/checker/index.js +16 -0
package/dist/checker/index.js.map +1 -0
package/dist/checker/permission-analyzer.d.ts +12 -0
package/dist/checker/permission-analyzer.d.ts.map +1 -0
package/dist/checker/permission-analyzer.js +84 -0
package/dist/checker/permission-analyzer.js.map +1 -0
package/dist/checker/publisher-verifier.d.ts +34 -0
package/dist/checker/publisher-verifier.d.ts.map +1 -0
package/dist/checker/publisher-verifier.js +121 -0
package/dist/checker/publisher-verifier.js.map +1 -0
package/dist/checker/skill-identifier.d.ts +14 -0
package/dist/checker/skill-identifier.d.ts.map +1 -0
package/dist/checker/skill-identifier.js +55 -0
package/dist/checker/skill-identifier.js.map +1 -0
package/dist/cli.d.ts +7 -0
package/dist/cli.d.ts.map +1 -0
package/dist/cli.js +3534 -0
package/dist/cli.js.map +1 -0
package/dist/hardening/index.d.ts +7 -0
package/dist/hardening/index.d.ts.map +1 -0
package/dist/hardening/index.js +9 -0
package/dist/hardening/index.js.map +1 -0
package/dist/hardening/llm-checks.d.ts +18 -0
package/dist/hardening/llm-checks.d.ts.map +1 -0
package/dist/hardening/llm-checks.js +434 -0
package/dist/hardening/llm-checks.js.map +1 -0
package/dist/hardening/mcp-tool-enum.d.ts +45 -0
package/dist/hardening/mcp-tool-enum.d.ts.map +1 -0
package/dist/hardening/mcp-tool-enum.js +315 -0
package/dist/hardening/mcp-tool-enum.js.map +1 -0
package/dist/hardening/scanner.d.ts +147 -0
package/dist/hardening/scanner.d.ts.map +1 -0
package/dist/hardening/scanner.js +5445 -0
package/dist/hardening/scanner.js.map +1 -0
package/dist/hardening/security-check.d.ts +85 -0
package/dist/hardening/security-check.d.ts.map +1 -0
package/dist/hardening/security-check.js +6 -0
package/dist/hardening/security-check.js.map +1 -0
package/dist/hardening/shell-checks.d.ts +21 -0
package/dist/hardening/shell-checks.d.ts.map +1 -0
package/dist/hardening/shell-checks.js +236 -0
package/dist/hardening/shell-checks.js.map +1 -0
package/dist/index.d.ts +38 -4
package/dist/index.d.ts.map +1 -1
package/dist/index.js +91 -3525
package/dist/index.js.map +1 -1
package/dist/mcp-server.js +10 -10
package/dist/mcp-server.js.map +1 -1
package/dist/oasb/config/dvaa-targets.d.ts +13 -0
package/dist/oasb/config/dvaa-targets.d.ts.map +1 -0
package/dist/oasb/config/dvaa-targets.js +89 -0
package/dist/oasb/config/dvaa-targets.js.map +1 -0
package/dist/oasb/harness/arp-wrapper.d.ts +29 -0
package/dist/oasb/harness/arp-wrapper.d.ts.map +1 -0
package/dist/oasb/harness/arp-wrapper.js +134 -0
package/dist/oasb/harness/arp-wrapper.js.map +1 -0
package/dist/oasb/harness/dvaa-client.d.ts +46 -0
package/dist/oasb/harness/dvaa-client.d.ts.map +1 -0
package/dist/oasb/harness/dvaa-client.js +98 -0
package/dist/oasb/harness/dvaa-client.js.map +1 -0
package/dist/oasb/harness/dvaa-manager.d.ts +17 -0
package/dist/oasb/harness/dvaa-manager.d.ts.map +1 -0
package/dist/oasb/harness/dvaa-manager.js +132 -0
package/dist/oasb/harness/dvaa-manager.js.map +1 -0
package/dist/oasb/harness/event-collector.d.ts +33 -0
package/dist/oasb/harness/event-collector.d.ts.map +1 -0
package/dist/oasb/harness/event-collector.js +86 -0
package/dist/oasb/harness/event-collector.js.map +1 -0
package/dist/oasb/harness/metrics.d.ts +14 -0
package/dist/oasb/harness/metrics.d.ts.map +1 -0
package/dist/oasb/harness/metrics.js +56 -0
package/dist/oasb/harness/metrics.js.map +1 -0
package/dist/oasb/harness/mock-llm-adapter.d.ts +34 -0
package/dist/oasb/harness/mock-llm-adapter.d.ts.map +1 -0
package/dist/oasb/harness/mock-llm-adapter.js +69 -0
package/dist/oasb/harness/mock-llm-adapter.js.map +1 -0
package/dist/oasb/harness/types.d.ts +74 -0
package/dist/oasb/harness/types.d.ts.map +1 -0
package/dist/oasb/harness/types.js +3 -0
package/dist/oasb/harness/types.js.map +1 -0
package/dist/plugins/core.d.ts +109 -0
package/dist/plugins/core.d.ts.map +1 -0
package/dist/plugins/core.js +30 -0
package/dist/plugins/core.js.map +1 -0
package/dist/plugins/credvault.d.ts +22 -0
package/dist/plugins/credvault.d.ts.map +1 -0
package/dist/plugins/credvault.js +374 -0
package/dist/plugins/credvault.js.map +1 -0
package/dist/plugins/signcrypt.d.ts +27 -0
package/dist/plugins/signcrypt.d.ts.map +1 -0
package/dist/plugins/signcrypt.js +317 -0
package/dist/plugins/signcrypt.js.map +1 -0
package/dist/plugins/skillguard.d.ts +25 -0
package/dist/plugins/skillguard.d.ts.map +1 -0
package/dist/plugins/skillguard.js +346 -0
package/dist/plugins/skillguard.js.map +1 -0
package/dist/registry/client.d.ts +125 -0
package/dist/registry/client.d.ts.map +1 -0
package/dist/registry/client.js +308 -0
package/dist/registry/client.js.map +1 -0
package/dist/registry/contribution.d.ts +178 -0
package/dist/registry/contribution.d.ts.map +1 -0
package/dist/registry/contribution.js +272 -0
package/dist/registry/contribution.js.map +1 -0
package/dist/registry/index.d.ts +3 -0
package/dist/registry/index.d.ts.map +1 -0
package/dist/registry/index.js +10 -0
package/dist/registry/index.js.map +1 -0
package/dist/scanner/external-scanner.d.ts +13 -0
package/dist/scanner/external-scanner.d.ts.map +1 -0
package/dist/scanner/external-scanner.js +299 -0
package/dist/scanner/external-scanner.js.map +1 -0
package/dist/scanner/index.d.ts +6 -0
package/dist/scanner/index.d.ts.map +1 -0
package/dist/scanner/index.js +9 -0
package/dist/scanner/index.js.map +1 -0
package/dist/scanner/types.d.ts +32 -0
package/dist/scanner/types.d.ts.map +1 -0
package/dist/scanner/types.js +6 -0
package/dist/scanner/types.js.map +1 -0
package/dist/semantic/deep-scan.d.ts +13 -0
package/dist/semantic/deep-scan.d.ts.map +1 -0
package/dist/semantic/deep-scan.js +63 -0
package/dist/semantic/deep-scan.js.map +1 -0
package/dist/semantic/index.d.ts +17 -0
package/dist/semantic/index.d.ts.map +1 -0
package/dist/semantic/index.js +39 -0
package/dist/semantic/index.js.map +1 -0
package/dist/semantic/integration/cost-estimator.d.ts +17 -0
package/dist/semantic/integration/cost-estimator.d.ts.map +1 -0
package/dist/semantic/integration/cost-estimator.js +54 -0
package/dist/semantic/integration/cost-estimator.js.map +1 -0
package/dist/semantic/integration/finding-adapter.d.ts +34 -0
package/dist/semantic/integration/finding-adapter.d.ts.map +1 -0
package/dist/semantic/integration/finding-adapter.js +41 -0
package/dist/semantic/integration/finding-adapter.js.map +1 -0
package/dist/semantic/integration/oasb-upgrader.d.ts +20 -0
package/dist/semantic/integration/oasb-upgrader.d.ts.map +1 -0
package/dist/semantic/integration/oasb-upgrader.js +47 -0
package/dist/semantic/integration/oasb-upgrader.js.map +1 -0
package/dist/semantic/llm/budget.d.ts +50 -0
package/dist/semantic/llm/budget.d.ts.map +1 -0
package/dist/semantic/llm/budget.js +139 -0
package/dist/semantic/llm/budget.js.map +1 -0
package/dist/semantic/llm/cache.d.ts +36 -0
package/dist/semantic/llm/cache.d.ts.map +1 -0
package/dist/semantic/llm/cache.js +103 -0
package/dist/semantic/llm/cache.js.map +1 -0
package/dist/semantic/llm/client.d.ts +49 -0
package/dist/semantic/llm/client.d.ts.map +1 -0
package/dist/semantic/llm/client.js +64 -0
package/dist/semantic/llm/client.js.map +1 -0
package/dist/semantic/llm/index.d.ts +33 -0
package/dist/semantic/llm/index.d.ts.map +1 -0
package/dist/semantic/llm/index.js +129 -0
package/dist/semantic/llm/index.js.map +1 -0
package/dist/semantic/llm/prompts.d.ts +30 -0
package/dist/semantic/llm/prompts.d.ts.map +1 -0
package/dist/semantic/llm/prompts.js +120 -0
package/dist/semantic/llm/prompts.js.map +1 -0
package/dist/semantic/structural/credential-context.d.ts +14 -0
package/dist/semantic/structural/credential-context.d.ts.map +1 -0
package/dist/semantic/structural/credential-context.js +295 -0
package/dist/semantic/structural/credential-context.js.map +1 -0
package/dist/semantic/structural/index.d.ts +28 -0
package/dist/semantic/structural/index.d.ts.map +1 -0
package/dist/semantic/structural/index.js +138 -0
package/dist/semantic/structural/index.js.map +1 -0
package/dist/semantic/structural/instruction.d.ts +19 -0
package/dist/semantic/structural/instruction.d.ts.map +1 -0
package/dist/semantic/structural/instruction.js +167 -0
package/dist/semantic/structural/instruction.js.map +1 -0
package/dist/semantic/structural/mcp-config.d.ts +22 -0
package/dist/semantic/structural/mcp-config.d.ts.map +1 -0
package/dist/semantic/structural/mcp-config.js +294 -0
package/dist/semantic/structural/mcp-config.js.map +1 -0
package/dist/semantic/structural/permission-model.d.ts +16 -0
package/dist/semantic/structural/permission-model.d.ts.map +1 -0
package/dist/semantic/structural/permission-model.js +121 -0
package/dist/semantic/structural/permission-model.js.map +1 -0
package/dist/semantic/types.d.ts +122 -0
package/dist/semantic/types.d.ts.map +1 -0
package/dist/semantic/types.js +10 -0
package/dist/semantic/types.js.map +1 -0
package/package.json +25 -14

package/dist/arp/patterns/ai-threats.js ADDED Viewed

@@ -0,0 +1,215 @@
+"use strict";
+// AI-layer threat detection patterns
+// L0 regex-based detection for known attack payloads
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PATTERN_SETS = exports.ALL_PATTERNS = void 0;
+exports.scanText = scanText;
+// --- Prompt Injection Patterns ---
+const promptInjection = [
+    {
+        id: 'PI-001',
+        category: 'prompt-injection',
+        description: 'Instruction override attempt — direct override of system instructions',
+        pattern: /(?:ignore|disregard|forget|override|bypass)\s+(?:all\s+)?(?:your\s+|the\s+|my\s+)?(?:previous|prior|above|earlier|system|original)\s+(?:instructions?|prompts?|rules?|directives?|guidelines?|constraints?)/i,
+        severity: 'critical',
+    },
+    {
+        id: 'PI-002',
+        category: 'prompt-injection',
+        description: 'Delimiter escape — attempts to break out of user message context',
+        pattern: /(?:<\/?(?:system|assistant|tool|function|instruction|context|internal)>|={3,}|---\s*(?:system|end|begin)|```\s*(?:system|instruction)|\[(?:SYSTEM|INST|INSTRUCTION)\]|<\|(?:im_start|im_end|system|endoftext)\|>)/i,
+        severity: 'high',
+    },
+    {
+        id: 'PI-003',
+        category: 'prompt-injection',
+        description: 'Tag injection — embedding fake system/assistant turns',
+        pattern: /(?:^|\n)\s*(?:system\s*:|assistant\s*:|AI\s*:|<\|(?:system|assistant)\|>)\s*.{10,}/im,
+        severity: 'high',
+    },
+];
+// --- Jailbreak Patterns ---
+const jailbreak = [
+    {
+        id: 'JB-001',
+        category: 'jailbreak',
+        description: 'DAN mode — "Do Anything Now" jailbreak attempt',
+        pattern: /\b(?:DAN|D\.A\.N|do\s+anything\s+now)\b.*(?:mode|persona|act|pretend|enable|activate|jailbr[eo]ak)/i,
+        severity: 'critical',
+    },
+    {
+        id: 'JB-002',
+        category: 'jailbreak',
+        description: 'Roleplay bypass — using fictional framing to bypass safety',
+        pattern: /(?:(?:pretend|imagine|act|roleplay|play|behave)\s+(?:you\s+are|as\s+(?:if\s+)?(?:you\s+(?:are|were)\s+)?|like|that\s+you(?:'re|\s+are))\s*(?:a\s+)?(?:an?\s+)?(?:evil|malicious|unfiltered|uncensored|unrestricted|unaligned|hacker|criminal|without\s+(?:restrictions|rules|limits|safety|guidelines|filters)))/i,
+        severity: 'high',
+    },
+    {
+        id: 'JB-003',
+        category: 'jailbreak',
+        description: 'Hypothetical bypass — using hypothetical framing to extract harmful content',
+        pattern: /(?:hypothetically|theoretically|in\s+theory|for\s+(?:educational|research|academic|fictional)\s+purposes?|just\s+for\s+fun|in\s+a\s+(?:fictional|hypothetical)\s+(?:world|scenario|universe)).*(?:how\s+(?:would|could|to)|explain|describe|show|give\s+me|write)\s+.*(?:hack|exploit|attack|inject|bypass|break|steal|exfiltrate)/i,
+        severity: 'medium',
+    },
+];
+// --- Data Exfiltration Patterns (in user input) ---
+const dataExfiltration = [
+    {
+        id: 'DE-001',
+        category: 'data-exfiltration',
+        description: 'System prompt extraction — attempting to extract system instructions',
+        pattern: /(?:(?:repeat|show|reveal|display|print|output|tell|what\s+(?:is|are)|give|list|dump|echo|copy)\s+(?:me\s+)?(?:your\s+|the\s+)?(?:full\s+|complete\s+|entire\s+|exact\s+|original\s+|initial\s+)?(?:system\s+)?(?:prompt|instructions?|rules?|guidelines?|initial\s+(?:prompt|message)|hidden\s+(?:prompt|instructions?)|(?:pre|pre-)?prompt))/i,
+        severity: 'high',
+    },
+    {
+        id: 'DE-002',
+        category: 'data-exfiltration',
+        description: 'Credential extraction — attempting to extract secrets or API keys',
+        pattern: /(?:(?:what|show|reveal|give|tell|display|print|dump|list)\s+(?:me\s+)?(?:are\s+)?(?:your\s+|the\s+)?(?:api\s+keys?|secrets?|credentials?|passwords?|tokens?|auth(?:entication)?|(?:private|secret)\s+keys?|(?:access|bearer)\s+tokens?|environment\s+variables?|env\s+vars?|\.env))/i,
+        severity: 'critical',
+    },
+    {
+        id: 'DE-003',
+        category: 'data-exfiltration',
+        description: 'PII extraction — attempting to extract personal data',
+        pattern: /(?:(?:list|show|give|reveal|dump|extract|tell)\s+(?:me\s+)?(?:all\s+)?(?:the\s+)?(?:users?|customers?|employees?|people|names?|emails?|addresses?|phone\s+numbers?|ssn|social\s+security|credit\s+cards?|payment|personal\s+(?:data|information|details)))/i,
+        severity: 'high',
+    },
+];
+// --- Output Leak Patterns (in LLM responses) ---
+const outputLeak = [
+    {
+        id: 'OL-001',
+        category: 'output-leak',
+        description: 'API key in output — LLM response contains API key pattern',
+        pattern: /(?:sk-[a-zA-Z0-9\-_]{20,}|(?:AKIA|ASIA)[A-Z0-9]{16}|ghp_[a-zA-Z0-9]{36}|glpat-[a-zA-Z0-9\-_]{20,}|xox[bpas]-[a-zA-Z0-9\-]{10,}|(?:eyJ[a-zA-Z0-9_-]{20,}\.){2}[a-zA-Z0-9_-]{20,})/,
+        severity: 'critical',
+    },
+    {
+        id: 'OL-002',
+        category: 'output-leak',
+        description: 'PII in output — LLM response contains PII patterns',
+        pattern: /(?:\b\d{3}-\d{2}-\d{4}\b|\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b|\b[A-Z]{2}\d{6,9}\b)/,
+        severity: 'high',
+    },
+    {
+        id: 'OL-003',
+        category: 'output-leak',
+        description: 'System prompt leak — LLM response appears to contain system instructions',
+        pattern: /(?:(?:my|the)\s+system\s+(?:prompt|instructions?)\s+(?:is|are|says?)|(?:here\s+(?:is|are)\s+)?(?:my|the)\s+(?:original|initial|full|hidden|secret)\s+(?:instructions?|prompt|guidelines?))/i,
+        severity: 'high',
+    },
+];
+// --- Context Manipulation Patterns ---
+const contextManipulation = [
+    {
+        id: 'CM-001',
+        category: 'context-manipulation',
+        description: 'False memory injection — injecting false context or history',
+        pattern: /(?:(?:remember|recall)\s+(?:that\s+)?(?:you|we)\s+(?:agreed|decided|confirmed|said|mentioned|established)|you\s+(?:said|told|mentioned|agreed|promised|confirmed)\s+(?:me\s+)?(?:that\s+)?(?:you|we|I)\s+(?:would|should|can|could|will|must|have|are|am))/i,
+        severity: 'medium',
+    },
+    {
+        id: 'CM-002',
+        category: 'context-manipulation',
+        description: 'Context reset — attempting to reset or clear conversation context',
+        pattern: /(?:(?:start|begin)\s+(?:a\s+)?(?:new|fresh)\s+(?:conversation|session|context|chat)|(?:clear|reset|wipe|flush|forget)\s+(?:your\s+)?(?:context|memory|history|conversation|session|chat)|new\s+session\s*(?::|started|begins?))/i,
+        severity: 'medium',
+    },
+];
+// --- MCP Exploitation Patterns ---
+const mcpExploitation = [
+    {
+        id: 'MCP-001',
+        category: 'mcp-exploitation',
+        description: 'Path traversal in MCP tool parameter',
+        pattern: /(?:\.\.\/|\.\.\\|%2e%2e(?:%2f|%5c)|\.\.%252f)/i,
+        severity: 'critical',
+    },
+    {
+        id: 'MCP-002',
+        category: 'mcp-exploitation',
+        description: 'Command injection in MCP tool parameter',
+        pattern: /(?:[;&|`$]\s*(?:cat|ls|rm|mv|cp|curl|wget|nc|bash|sh|python|perl|ruby|chmod|chown|kill|pkill|dd)\b|`[^`]+`|\$\([^)]+\)|\|\s*(?:sh|bash|zsh|python|perl|ruby|nc|curl|wget)\b)/,
+        severity: 'critical',
+    },
+    {
+        id: 'MCP-003',
+        category: 'mcp-exploitation',
+        description: 'SSRF in MCP tool parameter',
+        pattern: /(?:(?:https?|ftp|gopher|dict|ldap):\/\/(?:localhost|127\.0\.0\.1|0\.0\.0\.0|10\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.(?:1[6-9]|2\d|3[01])\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|::1|\[::1\]|0x7f|2130706433|metadata\.google|169\.254\.169\.254))/i,
+        severity: 'critical',
+    },
+];
+// --- A2A Attack Patterns ---
+const a2aAttack = [
+    {
+        id: 'A2A-001',
+        category: 'a2a-attack',
+        description: 'Identity spoofing — agent claiming to be another agent',
+        pattern: /(?:(?:i\s+am|this\s+is|acting\s+as|speaking\s+(?:as|for)|on\s+behalf\s+of|representing)\s+(?:the\s+)?(?:admin|administrator|orchestrator|supervisor|master|root|system|trusted|authorized|primary)\s+agent)/i,
+        severity: 'critical',
+    },
+    {
+        id: 'A2A-002',
+        category: 'a2a-attack',
+        description: 'Delegation abuse — unauthorized privilege escalation via task delegation',
+        pattern: /(?:(?:execute|run|perform|do)\s+(?:this\s+)?(?:\w+\s+)?(?:with|using)\s+(?:elevated|admin|root|system|full|unlimited|unrestricted)\s+(?:privileges?|permissions?|access|authority|rights)|(?:grant|give|elevate|escalate)\s+(?:my\s+)?(?:privileges?|permissions?|access|authority|rights|role))/i,
+        severity: 'high',
+    },
+];
+// --- All patterns combined ---
+exports.ALL_PATTERNS = [
+    ...promptInjection,
+    ...jailbreak,
+    ...dataExfiltration,
+    ...outputLeak,
+    ...contextManipulation,
+    ...mcpExploitation,
+    ...a2aAttack,
+];
+/** Pattern sets by category for targeted scanning */
+exports.PATTERN_SETS = {
+    promptInjection,
+    jailbreak,
+    dataExfiltration,
+    outputLeak,
+    contextManipulation,
+    mcpExploitation,
+    a2aAttack,
+    /** Input scanning: patterns relevant to user/agent input */
+    inputPatterns: [...promptInjection, ...jailbreak, ...dataExfiltration, ...contextManipulation],
+    /** Output scanning: patterns relevant to LLM responses */
+    outputPatterns: [...outputLeak],
+    /** MCP scanning: patterns relevant to tool call parameters */
+    mcpPatterns: [...mcpExploitation],
+    /** A2A scanning: patterns relevant to inter-agent messages */
+    a2aPatterns: [...a2aAttack],
+};
+/** Maximum text length to scan (64 KB) — prevents ReDoS on large payloads */
+const MAX_SCAN_LENGTH = 64 * 1024;
+/**
+ * Scan text against a set of threat patterns.
+ * Returns all matches (not just first) for comprehensive reporting.
+ * Input is truncated to MAX_SCAN_LENGTH to prevent ReDoS.
+ */
+function scanText(text, patterns) {
+    const truncated = text.length > MAX_SCAN_LENGTH;
+    const scannable = truncated ? text.slice(0, MAX_SCAN_LENGTH) : text;
+    const matches = [];
+    for (const pattern of patterns) {
+        const match = pattern.pattern.exec(scannable);
+        if (match) {
+            matches.push({
+                pattern,
+                matchedText: match[0].slice(0, 200),
+            });
+        }
+    }
+    return {
+        detected: matches.length > 0,
+        matches,
+        truncated,
+    };
+}
+//# sourceMappingURL=ai-threats.js.map

package/dist/arp/patterns/ai-threats.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"ai-threats.js","sourceRoot":"","sources":["../../../src/arp/patterns/ai-threats.ts"],"names":[],"mappings":";AAAA,qCAAqC;AACrC,qDAAqD;;;AAyOrD,4BAoBC;AA9OD,oCAAoC;AAEpC,MAAM,eAAe,GAAoB;IACvC;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,kBAAkB;QAC5B,WAAW,EAAE,uEAAuE;QACpF,OAAO,EAAE,8MAA8M;QACvN,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,kBAAkB;QAC5B,WAAW,EAAE,kEAAkE;QAC/E,OAAO,EAAE,oNAAoN;QAC7N,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,kBAAkB;QAC5B,WAAW,EAAE,uDAAuD;QACpE,OAAO,EAAE,sFAAsF;QAC/F,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC;AAEF,6BAA6B;AAE7B,MAAM,SAAS,GAAoB;IACjC;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,WAAW;QACrB,WAAW,EAAE,gDAAgD;QAC7D,OAAO,EAAE,qGAAqG;QAC9G,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,WAAW;QACrB,WAAW,EAAE,4DAA4D;QACzE,OAAO,EAAE,mTAAmT;QAC5T,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,WAAW;QACrB,WAAW,EAAE,6EAA6E;QAC1F,OAAO,EAAE,qUAAqU;QAC9U,QAAQ,EAAE,QAAQ;KACnB;CACF,CAAC;AAEF,qDAAqD;AAErD,MAAM,gBAAgB,GAAoB;IACxC;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,mBAAmB;QAC7B,WAAW,EAAE,sEAAsE;QACnF,OAAO,EAAE,gVAAgV;QACzV,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,mBAAmB;QAC7B,WAAW,EAAE,mEAAmE;QAChF,OAAO,EAAE,sRAAsR;QAC/R,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,mBAAmB;QAC7B,WAAW,EAAE,sDAAsD;QACnE,OAAO,EAAE,6PAA6P;QACtQ,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC;AAEF,kDAAkD;AAElD,MAAM,UAAU,GAAoB;IAClC;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,2DAA2D;QACxE,OAAO,EAAE,kLAAkL;QAC3L,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,oDAAoD;QACjE,OAAO,EAAE,0FAA0F;QACnG,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,0EAA0E;QACvF,OAAO,EAAE,6LAA6L;QACtM,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC;AAEF,wCAAwC;AAExC,MAAM,mBAAmB,GAAoB;IAC3C;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,6DAA6D;QAC1E,OAAO,EAAE,6PAA6P;QACtQ,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,mEAAmE;QAChF,OAAO,EAAE,kOAAkO;QAC3O,QAAQ,EAAE,QAAQ;KACnB;CACF,CAAC;AAEF,oCAAoC;AAEpC,MAAM,eAAe,GAAoB;IACvC;QACE,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,kBAAkB;QAC5B,WAAW,EAAE,sCAAsC;QACnD,OAAO,EAAE,gDAAgD;QACzD,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,kBAAkB;QAC5B,WAAW,EAAE,yCAAyC;QACtD,OAAO,EAAE,8KAA8K;QACvL,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,kBAAkB;QAC5B,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,gRAAgR;QACzR,QAAQ,EAAE,UAAU;KACrB;CACF,CAAC;AAEF,8BAA8B;AAE9B,MAAM,SAAS,GAAoB;IACjC;QACE,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,WAAW,EAAE,wDAAwD;QACrE,OAAO,EAAE,8MAA8M;QACvN,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,WAAW,EAAE,0EAA0E;QACvF,OAAO,EAAE,mSAAmS;QAC5S,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC;AAEF,gCAAgC;AAEnB,QAAA,YAAY,GAAoB;IAC3C,GAAG,eAAe;IAClB,GAAG,SAAS;IACZ,GAAG,gBAAgB;IACnB,GAAG,UAAU;IACb,GAAG,mBAAmB;IACtB,GAAG,eAAe;IAClB,GAAG,SAAS;CACb,CAAC;AAEF,qDAAqD;AACxC,QAAA,YAAY,GAAG;IAC1B,eAAe;IACf,SAAS;IACT,gBAAgB;IAChB,UAAU;IACV,mBAAmB;IACnB,eAAe;IACf,SAAS;IACT,4DAA4D;IAC5D,aAAa,EAAE,CAAC,GAAG,eAAe,EAAE,GAAG,SAAS,EAAE,GAAG,gBAAgB,EAAE,GAAG,mBAAmB,CAAC;IAC9F,0DAA0D;IAC1D,cAAc,EAAE,CAAC,GAAG,UAAU,CAAC;IAC/B,8DAA8D;IAC9D,WAAW,EAAE,CAAC,GAAG,eAAe,CAAC;IACjC,8DAA8D;IAC9D,WAAW,EAAE,CAAC,GAAG,SAAS,CAAC;CACnB,CAAC;AAEX,6EAA6E;AAC7E,MAAM,eAAe,GAAG,EAAE,GAAG,IAAI,CAAC;AAalC;;;;GAIG;AACH,SAAgB,QAAQ,CAAC,IAAY,EAAE,QAAkC;IACvE,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,GAAG,eAAe,CAAC;IAChD,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACpE,MAAM,OAAO,GAA0B,EAAE,CAAC;IAE1C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC9C,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO;gBACP,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;aACpC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;QAC5B,OAAO;QACP,SAAS;KACV,CAAC;AACJ,CAAC"}

package/dist/arp/proxy/forward.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+import * as http from 'http';
+/**
+ * Buffer the full request body from an IncomingMessage.
+ * Rejects with 413 if body exceeds MAX_BODY_BYTES.
+ */
+export declare function bufferBody(req: http.IncomingMessage): Promise<Buffer>;
+/**
+ * Forward an HTTP request to an upstream target and pipe the response back.
+ * Returns the upstream response and its body buffer (for inspection).
+ */
+export declare function forwardRequest(upstream: string, req: http.IncomingMessage, body: Buffer, originalPath: string): Promise<{
+    response: http.IncomingMessage;
+    body: Buffer;
+}>;
+/**
+ * Write headers and body to the client response.
+ */
+export declare function sendResponse(res: http.ServerResponse, statusCode: number, headers: http.IncomingHttpHeaders, body: Buffer): void;
+/**
+ * Send an error response as JSON.
+ */
+export declare function sendError(res: http.ServerResponse, statusCode: number, message: string): void;
+//# sourceMappingURL=forward.d.ts.map

package/dist/arp/proxy/forward.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"forward.d.ts","sourceRoot":"","sources":["../../../src/arp/proxy/forward.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAO7B;;;GAGG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAgBrE;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,IAAI,CAAC,eAAe,EACzB,IAAI,EAAE,MAAM,EACZ,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC;IAAE,QAAQ,EAAE,IAAI,CAAC,eAAe,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,CAAC,CA+C3D;AAsBD;;GAEG;AACH,wBAAgB,YAAY,CAC1B,GAAG,EAAE,IAAI,CAAC,cAAc,EACxB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,IAAI,CAAC,mBAAmB,EACjC,IAAI,EAAE,MAAM,GACX,IAAI,CAQN;AAED;;GAEG;AACH,wBAAgB,SAAS,CACvB,GAAG,EAAE,IAAI,CAAC,cAAc,EACxB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,GACd,IAAI,CAON"}

package/dist/arp/proxy/forward.js ADDED Viewed

@@ -0,0 +1,152 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.bufferBody = bufferBody;
+exports.forwardRequest = forwardRequest;
+exports.sendResponse = sendResponse;
+exports.sendError = sendError;
+const http = __importStar(require("http"));
+const https = __importStar(require("https"));
+const url_1 = require("url");
+/** Maximum request/response body size (10 MB) */
+const MAX_BODY_BYTES = 10 * 1024 * 1024;
+/**
+ * Buffer the full request body from an IncomingMessage.
+ * Rejects with 413 if body exceeds MAX_BODY_BYTES.
+ */
+function bufferBody(req) {
+    return new Promise((resolve, reject) => {
+        const chunks = [];
+        let totalBytes = 0;
+        req.on('data', (chunk) => {
+            totalBytes += chunk.length;
+            if (totalBytes > MAX_BODY_BYTES) {
+                req.destroy();
+                reject(new Error('Request body too large'));
+                return;
+            }
+            chunks.push(chunk);
+        });
+        req.on('end', () => resolve(Buffer.concat(chunks)));
+        req.on('error', reject);
+    });
+}
+/**
+ * Forward an HTTP request to an upstream target and pipe the response back.
+ * Returns the upstream response and its body buffer (for inspection).
+ */
+function forwardRequest(upstream, req, body, originalPath) {
+    return new Promise((resolve, reject) => {
+        const target = new url_1.URL(originalPath, upstream);
+        const isHttps = target.protocol === 'https:';
+        const mod = isHttps ? https : http;
+        const options = {
+            hostname: target.hostname,
+            port: target.port || (isHttps ? 443 : 80),
+            path: target.pathname + target.search,
+            method: req.method,
+            headers: copyHeaders(req.headers, target.hostname),
+            timeout: 30000,
+        };
+        const proxyReq = mod.request(options, (proxyRes) => {
+            const chunks = [];
+            let totalBytes = 0;
+            proxyRes.on('data', (chunk) => {
+                totalBytes += chunk.length;
+                if (totalBytes > MAX_BODY_BYTES) {
+                    proxyRes.destroy();
+                    reject(new Error('Upstream response too large'));
+                    return;
+                }
+                chunks.push(chunk);
+            });
+            proxyRes.on('end', () => {
+                resolve({
+                    response: proxyRes,
+                    body: Buffer.concat(chunks),
+                });
+            });
+            proxyRes.on('error', reject);
+        });
+        proxyReq.on('error', reject);
+        proxyReq.on('timeout', () => {
+            proxyReq.destroy();
+            reject(new Error('Upstream request timed out'));
+        });
+        if (body.length > 0) {
+            proxyReq.write(body);
+        }
+        proxyReq.end();
+    });
+}
+/**
+ * Copy headers from source to a plain object, updating Host header.
+ */
+function copyHeaders(source, targetHost) {
+    const headers = {};
+    for (const [key, value] of Object.entries(source)) {
+        if (key.toLowerCase() === 'host') {
+            headers[key] = targetHost;
+        }
+        else if (key.toLowerCase() !== 'connection') {
+            headers[key] = value;
+        }
+    }
+    return headers;
+}
+/**
+ * Write headers and body to the client response.
+ */
+function sendResponse(res, statusCode, headers, body) {
+    for (const [key, value] of Object.entries(headers)) {
+        if (value !== undefined && key.toLowerCase() !== 'transfer-encoding') {
+            res.setHeader(key, value);
+        }
+    }
+    res.writeHead(statusCode);
+    res.end(body);
+}
+/**
+ * Send an error response as JSON.
+ */
+function sendError(res, statusCode, message) {
+    const body = JSON.stringify({ error: message });
+    res.writeHead(statusCode, {
+        'content-type': 'application/json',
+        'content-length': Buffer.byteLength(body),
+    });
+    res.end(body);
+}
+//# sourceMappingURL=forward.js.map

package/dist/arp/proxy/forward.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"forward.js","sourceRoot":"","sources":["../../../src/arp/proxy/forward.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAWA,gCAgBC;AAMD,wCAoDC;AAyBD,oCAaC;AAKD,8BAWC;AA3ID,2CAA6B;AAC7B,6CAA+B;AAC/B,6BAA0B;AAE1B,iDAAiD;AACjD,MAAM,cAAc,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;AAExC;;;GAGG;AACH,SAAgB,UAAU,CAAC,GAAyB;IAClD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YAC/B,UAAU,IAAI,KAAK,CAAC,MAAM,CAAC;YAC3B,IAAI,UAAU,GAAG,cAAc,EAAE,CAAC;gBAChC,GAAG,CAAC,OAAO,EAAE,CAAC;gBACd,MAAM,CAAC,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC,CAAC;gBAC5C,OAAO;YACT,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACpD,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAgB,cAAc,CAC5B,QAAgB,EAChB,GAAyB,EACzB,IAAY,EACZ,YAAoB;IAEpB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAI,SAAG,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;QAC7C,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAEnC,MAAM,OAAO,GAAwB;YACnC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACzC,IAAI,EAAE,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,MAAM;YACrC,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC;YAClD,OAAO,EAAE,KAAK;SACf,CAAC;QAEF,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,EAAE;YACjD,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,IAAI,UAAU,GAAG,CAAC,CAAC;YACnB,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;gBACpC,UAAU,IAAI,KAAK,CAAC,MAAM,CAAC;gBAC3B,IAAI,UAAU,GAAG,cAAc,EAAE,CAAC;oBAChC,QAAQ,CAAC,OAAO,EAAE,CAAC;oBACnB,MAAM,CAAC,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC,CAAC;oBACjD,OAAO;gBACT,CAAC;gBACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC,CAAC,CAAC;YACH,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBACtB,OAAO,CAAC;oBACN,QAAQ,EAAE,QAAQ;oBAClB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;iBAC5B,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YACH,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC7B,QAAQ,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;YAC1B,QAAQ,CAAC,OAAO,EAAE,CAAC;YACnB,MAAM,CAAC,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpB,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;QACD,QAAQ,CAAC,GAAG,EAAE,CAAC;IACjB,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAClB,MAAgC,EAChC,UAAkB;IAElB,MAAM,OAAO,GAA6B,EAAE,CAAC;IAE7C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;QAC5B,CAAC;aAAM,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,YAAY,EAAE,CAAC;YAC9C,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACvB,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY,CAC1B,GAAwB,EACxB,UAAkB,EAClB,OAAiC,EACjC,IAAY;IAEZ,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACnD,IAAI,KAAK,KAAK,SAAS,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,mBAAmB,EAAE,CAAC;YACrE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IACD,GAAG,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IAC1B,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CACvB,GAAwB,EACxB,UAAkB,EAClB,OAAe;IAEf,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC;IAChD,GAAG,CAAC,SAAS,CAAC,UAAU,EAAE;QACxB,cAAc,EAAE,kBAAkB;QAClC,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC;KAC1C,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC"}

package/dist/arp/proxy/server.d.ts ADDED Viewed

@@ -0,0 +1,45 @@
+import type { ProxyConfig } from '../types';
+import type { EventEngine } from '../engine/event-engine';
+import type { PromptInterceptor } from '../interceptors/prompt';
+import type { MCPProtocolInterceptor } from '../interceptors/mcp-protocol';
+import type { A2AProtocolInterceptor } from '../interceptors/a2a-protocol';
+export interface ARPProxyDeps {
+    engine: EventEngine;
+    promptInterceptor?: PromptInterceptor;
+    mcpInterceptor?: MCPProtocolInterceptor;
+    a2aInterceptor?: A2AProtocolInterceptor;
+}
+/**
+ * ARP HTTP Reverse Proxy — sits between clients and upstream AI services,
+ * inspecting requests and responses for AI-layer threats.
+ *
+ * Zero external dependencies (uses Node.js built-in http module).
+ * Alert-only by default; optional blockOnDetection mode.
+ */
+export declare class ARPProxy {
+    private readonly config;
+    private readonly deps;
+    private server;
+    constructor(config: ProxyConfig, deps: ARPProxyDeps);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+    getPort(): number;
+    private handleRequest;
+    private findUpstream;
+    /**
+     * Inspect inbound request based on upstream protocol type.
+     * Returns true if a threat was detected.
+     */
+    private inspectRequest;
+    /**
+     * Inspect outbound response based on upstream protocol type.
+     */
+    private inspectResponse;
+    private inspectOpenAIRequest;
+    private inspectOpenAIResponse;
+    private inspectMCPRequest;
+    private inspectMCPResponse;
+    private inspectA2AResponse;
+    private inspectA2ARequest;
+}
+//# sourceMappingURL=server.d.ts.map

package/dist/arp/proxy/server.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../../src/arp/proxy/server.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAA2B,MAAM,UAAU,CAAC;AACrE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AAC3E,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AAI3E,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,WAAW,CAAC;IACpB,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,cAAc,CAAC,EAAE,sBAAsB,CAAC;IACxC,cAAc,CAAC,EAAE,sBAAsB,CAAC;CACzC;AAED;;;;;;GAMG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAc;IACrC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAe;IACpC,OAAO,CAAC,MAAM,CAA4B;gBAE9B,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY;IAK7C,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAmBtB,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAU3B,OAAO,IAAI,MAAM;YAIH,aAAa;IAsD3B,OAAO,CAAC,YAAY;IAQpB;;;OAGG;YACW,cAAc;IA8B5B;;OAEG;YACW,eAAe;IA+B7B,OAAO,CAAC,oBAAoB;IAqB5B,OAAO,CAAC,qBAAqB;IAsB7B,OAAO,CAAC,iBAAiB;IAsBzB,OAAO,CAAC,kBAAkB;IA8B1B,OAAO,CAAC,kBAAkB;IAmB1B,OAAO,CAAC,iBAAiB;CAoC1B"}