llm-trust-guard 4.0.0

package/dist/guards/multimodal-guard.d.ts

@@ -0,0 +1,93 @@
+/**
+ * MultiModalGuard (L8)
+ *
+ * Detects hidden instructions and malicious content in multi-modal inputs
+ * (images, audio, documents, base64 payloads).
+ *
+ * Threat Model:
+ * - ASI01: Agent Goal Hijack via manipulated media
+ * - Multi-Modal Injection: Hidden text in images, audio with embedded instructions
+ *
+ * Detection Capabilities:
+ * - Image metadata (EXIF) injection
+ * - Steganographic patterns
+ * - Hidden text detection (white-on-white, etc.)
+ * - Base64 embedded payloads
+ * - Document macro/script detection
+ * - Audio transcript injection markers
+ */
+export interface MultiModalGuardConfig {
+    /** Enable EXIF/metadata scanning */
+    scanMetadata?: boolean;
+    /** Enable base64 payload detection */
+    detectBase64Payloads?: boolean;
+    /** Enable steganography detection heuristics */
+    detectSteganography?: boolean;
+    /** Maximum allowed metadata size in bytes */
+    maxMetadataSize?: number;
+    /** Suspicious patterns to detect in extracted text */
+    customPatterns?: RegExp[];
+    /** Allowed MIME types */
+    allowedMimeTypes?: string[];
+    /** Block all multi-modal content (strict mode) */
+    strictMode?: boolean;
+}
+export interface MultiModalContent {
+    /** Content type: image, audio, document, base64 */
+    type: "image" | "audio" | "document" | "base64" | "url";
+    /** Raw content or base64 string */
+    content?: string;
+    /** MIME type if known */
+    mimeType?: string;
+    /** URL if remote content */
+    url?: string;
+    /** Filename if provided */
+    filename?: string;
+    /** Extracted metadata */
+    metadata?: Record<string, any>;
+    /** Any extracted text (OCR, transcripts, etc.) */
+    extractedText?: string;
+}
+export interface MultiModalGuardResult {
+    allowed: boolean;
+    reason: string;
+    violations: string[];
+    request_id: string;
+    content_analysis: {
+        type: string;
+        threats_detected: string[];
+        metadata_suspicious: boolean;
+        hidden_content_detected: boolean;
+        injection_patterns_found: string[];
+        risk_score: number;
+    };
+    recommendations: string[];
+}
+export declare class MultiModalGuard {
+    private config;
+    private readonly INJECTION_PATTERNS;
+    private readonly SUSPICIOUS_METADATA_FIELDS;
+    private readonly DANGEROUS_MIME_TYPES;
+    private readonly STEGO_MARKERS;
+    constructor(config?: MultiModalGuardConfig);
+    /**
+     * Analyze multi-modal content for hidden instructions or malicious payloads
+     */
+    check(content: MultiModalContent, requestId?: string): MultiModalGuardResult;
+    /**
+     * Batch check multiple content items
+     */
+    checkBatch(contents: MultiModalContent[], requestId?: string): MultiModalGuardResult;
+    /**
+     * Extract and analyze image metadata (EXIF simulation)
+     * In production, use a proper EXIF parser
+     */
+    parseImageMetadata(base64Image: string): Record<string, any>;
+    private scanMetadata;
+    private scanText;
+    private detectBase64Payloads;
+    private detectSteganography;
+    private checkUrl;
+    private generateRecommendations;
+}
+//# sourceMappingURL=multimodal-guard.d.ts.map

package/dist/guards/multimodal-guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"multimodal-guard.d.ts","sourceRoot":"","sources":["../../src/guards/multimodal-guard.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,MAAM,WAAW,qBAAqB;IACpC,oCAAoC;IACpC,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,sCAAsC;IACtC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,gDAAgD;IAChD,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,6CAA6C;IAC7C,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,sDAAsD;IACtD,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,yBAAyB;IACzB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,kDAAkD;IAClD,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,iBAAiB;IAChC,mDAAmD;IACnD,IAAI,EAAE,OAAO,GAAG,OAAO,GAAG,UAAU,GAAG,QAAQ,GAAG,KAAK,CAAC;IACxD,mCAAmC;IACnC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,4BAA4B;IAC5B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC/B,kDAAkD;IAClD,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,EAAE;QAChB,IAAI,EAAE,MAAM,CAAC;QACb,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,uBAAuB,EAAE,OAAO,CAAC;QACjC,wBAAwB,EAAE,MAAM,EAAE,CAAC;QACnC,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,qBAAa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAkC;IAGhD,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAUjC;IAGF,OAAO,CAAC,QAAQ,CAAC,0BAA0B,CAazC;IAGF,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CASnC;IAGF,OAAO,CAAC,QAAQ,CAAC,aAAa,CAK5B;gBAEU,MAAM,GAAE,qBAA0B;IAsB9C;;OAEG;IACH,KAAK,CACH,OAAO,EAAE,iBAAiB,EAC1B,SAAS,CAAC,EAAE,MAAM,GACjB,qBAAqB;IA8KxB;;OAEG;IACH,UAAU,CACR,QAAQ,EAAE,iBAAiB,EAAE,EAC7B,SAAS,CAAC,EAAE,MAAM,GACjB,qBAAqB;IAwCxB;;;OAGG;IACH,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IAgC5D,OAAO,CAAC,YAAY;IAoDpB,OAAO,CAAC,QAAQ;IA0ChB,OAAO,CAAC,oBAAoB;IA6B5B,OAAO,CAAC,mBAAmB;IA6B3B,OAAO,CAAC,QAAQ;IAsDhB,OAAO,CAAC,uBAAuB;CAyBhC"}

package/dist/guards/multimodal-guard.js

@@ -0,0 +1,507 @@
+"use strict";
+/**
+ * MultiModalGuard (L8)
+ *
+ * Detects hidden instructions and malicious content in multi-modal inputs
+ * (images, audio, documents, base64 payloads).
+ *
+ * Threat Model:
+ * - ASI01: Agent Goal Hijack via manipulated media
+ * - Multi-Modal Injection: Hidden text in images, audio with embedded instructions
+ *
+ * Detection Capabilities:
+ * - Image metadata (EXIF) injection
+ * - Steganographic patterns
+ * - Hidden text detection (white-on-white, etc.)
+ * - Base64 embedded payloads
+ * - Document macro/script detection
+ * - Audio transcript injection markers
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MultiModalGuard = void 0;
+class MultiModalGuard {
+    constructor(config = {}) {
+        // Suspicious patterns in metadata or extracted text
+        this.INJECTION_PATTERNS = [
+            { name: "ignore_instructions", pattern: /ignore\s+(all\s+)?(previous|prior|above)\s+(instructions|rules|guidelines)/i },
+            { name: "system_override", pattern: /\[SYSTEM\]|\[ADMIN\]|\[OVERRIDE\]|<\s*system\s*>|<\s*admin\s*>/i },
+            { name: "role_switch", pattern: /you\s+are\s+(now|actually)\s+(a|an|the)|switch\s+to\s+(\w+)\s+mode/i },
+            { name: "hidden_prompt", pattern: /HIDDEN_PROMPT|SECRET_INSTRUCTION|INVISIBLE_COMMAND/i },
+            { name: "jailbreak_markers", pattern: /DAN\s*mode|developer\s*mode|unrestricted\s*mode|bypass\s*safety/i },
+            { name: "base64_instruction", pattern: /execute\s*:\s*[A-Za-z0-9+/=]{20,}/i },
+            { name: "command_injection", pattern: /;\s*(rm|del|wget|curl|eval|exec)\s/i },
+            { name: "exfiltration_markers", pattern: /send\s+(to|this|data)\s+(to\s+)?https?:\/\//i },
+            { name: "invisible_unicode", pattern: /[\u200B-\u200D\uFEFF\u2060-\u206F]/g },
+        ];
+        // Suspicious EXIF fields that could contain injection
+        this.SUSPICIOUS_METADATA_FIELDS = [
+            "ImageDescription",
+            "UserComment",
+            "XPComment",
+            "XPKeywords",
+            "XPSubject",
+            "XPTitle",
+            "Artist",
+            "Copyright",
+            "Software",
+            "HostComputer",
+            "DocumentName",
+            "PageName",
+        ];
+        // Known dangerous MIME types
+        this.DANGEROUS_MIME_TYPES = [
+            "application/x-msdownload",
+            "application/x-msdos-program",
+            "application/x-sh",
+            "application/x-shellscript",
+            "application/javascript",
+            "text/javascript",
+            "application/x-python",
+            "application/vnd.ms-office",
+        ];
+        // Steganography detection patterns (simplified heuristics)
+        this.STEGO_MARKERS = [
+            /^[\x00-\x08\x0B\x0C\x0E-\x1F]{4,}/, // Unusual control characters
+            /PK\x03\x04/, // ZIP header (could be embedded)
+            /%PDF-/, // Embedded PDF
+            /\x89PNG.*IEND.*[A-Za-z]{10,}/, // Data after PNG end
+        ];
+        this.config = {
+            scanMetadata: config.scanMetadata ?? true,
+            detectBase64Payloads: config.detectBase64Payloads ?? true,
+            detectSteganography: config.detectSteganography ?? true,
+            maxMetadataSize: config.maxMetadataSize ?? 10000, // 10KB
+            customPatterns: config.customPatterns ?? [],
+            allowedMimeTypes: config.allowedMimeTypes ?? [
+                "image/jpeg",
+                "image/png",
+                "image/gif",
+                "image/webp",
+                "audio/mpeg",
+                "audio/wav",
+                "audio/ogg",
+                "application/pdf",
+                "text/plain",
+            ],
+            strictMode: config.strictMode ?? false,
+        };
+    }
+    /**
+     * Analyze multi-modal content for hidden instructions or malicious payloads
+     */
+    check(content, requestId) {
+        const reqId = requestId || `mm-${Date.now()}`;
+        const violations = [];
+        const threatsDetected = [];
+        const injectionPatternsFound = [];
+        let riskScore = 0;
+        let metadataSuspicious = false;
+        let hiddenContentDetected = false;
+        // Strict mode blocks all multi-modal content
+        if (this.config.strictMode) {
+            return {
+                allowed: false,
+                reason: "Multi-modal content blocked in strict mode",
+                violations: ["strict_mode_block"],
+                request_id: reqId,
+                content_analysis: {
+                    type: content.type,
+                    threats_detected: ["strict_mode"],
+                    metadata_suspicious: false,
+                    hidden_content_detected: false,
+                    injection_patterns_found: [],
+                    risk_score: 100,
+                },
+                recommendations: ["Disable strict mode to allow multi-modal content"],
+            };
+        }
+        // Check MIME type
+        if (content.mimeType) {
+            if (this.DANGEROUS_MIME_TYPES.includes(content.mimeType)) {
+                violations.push("dangerous_mime_type");
+                threatsDetected.push(`Dangerous MIME type: ${content.mimeType}`);
+                riskScore += 50;
+            }
+            if (!this.config.allowedMimeTypes.includes(content.mimeType)) {
+                violations.push("disallowed_mime_type");
+                threatsDetected.push(`Disallowed MIME type: ${content.mimeType}`);
+                riskScore += 30;
+            }
+        }
+        // Check for suspicious filename
+        if (content.filename) {
+            const dangerousExtensions = [".exe", ".sh", ".bat", ".cmd", ".ps1", ".vbs", ".js"];
+            const ext = content.filename.toLowerCase().slice(content.filename.lastIndexOf("."));
+            if (dangerousExtensions.includes(ext)) {
+                violations.push("dangerous_file_extension");
+                threatsDetected.push(`Dangerous file extension: ${ext}`);
+                riskScore += 40;
+            }
+            // Double extension attack
+            if (/\.(jpg|png|gif|pdf)\.(exe|sh|bat|js)$/i.test(content.filename)) {
+                violations.push("double_extension_attack");
+                threatsDetected.push("Double extension attack detected");
+                riskScore += 60;
+            }
+        }
+        // Scan metadata for injections
+        if (this.config.scanMetadata && content.metadata) {
+            const metadataResult = this.scanMetadata(content.metadata);
+            if (metadataResult.suspicious) {
+                metadataSuspicious = true;
+                violations.push(...metadataResult.violations);
+                injectionPatternsFound.push(...metadataResult.patterns);
+                riskScore += metadataResult.riskContribution;
+            }
+            // Check metadata size
+            const metadataSize = JSON.stringify(content.metadata).length;
+            if (metadataSize > this.config.maxMetadataSize) {
+                violations.push("oversized_metadata");
+                threatsDetected.push(`Metadata size ${metadataSize} exceeds limit ${this.config.maxMetadataSize}`);
+                riskScore += 20;
+            }
+        }
+        // Scan extracted text (OCR, transcripts) for injections
+        if (content.extractedText) {
+            const textResult = this.scanText(content.extractedText);
+            if (textResult.injectionFound) {
+                hiddenContentDetected = true;
+                violations.push(...textResult.violations);
+                injectionPatternsFound.push(...textResult.patterns);
+                riskScore += textResult.riskContribution;
+            }
+        }
+        // Detect base64 payloads in content
+        if (this.config.detectBase64Payloads && content.content) {
+            const base64Result = this.detectBase64Payloads(content.content);
+            if (base64Result.found) {
+                violations.push("embedded_base64_payload");
+                threatsDetected.push("Embedded base64 payload detected");
+                riskScore += 30;
+                // Decode and scan the payload
+                for (const payload of base64Result.payloads) {
+                    try {
+                        const decoded = Buffer.from(payload, "base64").toString("utf-8");
+                        const decodedScan = this.scanText(decoded);
+                        if (decodedScan.injectionFound) {
+                            hiddenContentDetected = true;
+                            violations.push("base64_injection_payload");
+                            injectionPatternsFound.push(...decodedScan.patterns);
+                            riskScore += 40;
+                        }
+                    }
+                    catch {
+                        // Invalid base64, skip
+                    }
+                }
+            }
+        }
+        // Steganography detection heuristics
+        if (this.config.detectSteganography && content.content) {
+            const stegoResult = this.detectSteganography(content.content);
+            if (stegoResult.detected) {
+                violations.push("potential_steganography");
+                threatsDetected.push("Potential steganography detected");
+                hiddenContentDetected = true;
+                riskScore += 25;
+            }
+        }
+        // URL safety check
+        if (content.type === "url" && content.url) {
+            const urlResult = this.checkUrl(content.url);
+            if (!urlResult.safe) {
+                violations.push(...urlResult.violations);
+                threatsDetected.push(...urlResult.threats);
+                riskScore += urlResult.riskContribution;
+            }
+        }
+        // Apply custom patterns
+        const allText = [
+            content.extractedText || "",
+            JSON.stringify(content.metadata || {}),
+        ].join(" ");
+        for (const pattern of this.config.customPatterns) {
+            if (pattern.test(allText)) {
+                violations.push("custom_pattern_match");
+                injectionPatternsFound.push(`Custom: ${pattern.source.substring(0, 30)}`);
+                riskScore += 20;
+            }
+        }
+        // Calculate final decision
+        const blocked = riskScore >= 50 || violations.length > 0;
+        return {
+            allowed: !blocked,
+            reason: blocked
+                ? `Multi-modal content blocked: ${violations.slice(0, 3).join(", ")}`
+                : "Multi-modal content passed security checks",
+            violations,
+            request_id: reqId,
+            content_analysis: {
+                type: content.type,
+                threats_detected: threatsDetected,
+                metadata_suspicious: metadataSuspicious,
+                hidden_content_detected: hiddenContentDetected,
+                injection_patterns_found: injectionPatternsFound,
+                risk_score: Math.min(100, riskScore),
+            },
+            recommendations: this.generateRecommendations(violations),
+        };
+    }
+    /**
+     * Batch check multiple content items
+     */
+    checkBatch(contents, requestId) {
+        const reqId = requestId || `mm-batch-${Date.now()}`;
+        const allViolations = [];
+        const allThreats = [];
+        const allPatterns = [];
+        let totalRiskScore = 0;
+        let anyMetadataSuspicious = false;
+        let anyHiddenContent = false;
+        for (const content of contents) {
+            const result = this.check(content, reqId);
+            allViolations.push(...result.violations);
+            allThreats.push(...result.content_analysis.threats_detected);
+            allPatterns.push(...result.content_analysis.injection_patterns_found);
+            totalRiskScore = Math.max(totalRiskScore, result.content_analysis.risk_score);
+            anyMetadataSuspicious = anyMetadataSuspicious || result.content_analysis.metadata_suspicious;
+            anyHiddenContent = anyHiddenContent || result.content_analysis.hidden_content_detected;
+        }
+        const blocked = totalRiskScore >= 50 || allViolations.length > 0;
+        return {
+            allowed: !blocked,
+            reason: blocked
+                ? `Batch blocked: ${[...new Set(allViolations)].slice(0, 3).join(", ")}`
+                : "All multi-modal content passed security checks",
+            violations: [...new Set(allViolations)],
+            request_id: reqId,
+            content_analysis: {
+                type: `batch(${contents.length})`,
+                threats_detected: [...new Set(allThreats)],
+                metadata_suspicious: anyMetadataSuspicious,
+                hidden_content_detected: anyHiddenContent,
+                injection_patterns_found: [...new Set(allPatterns)],
+                risk_score: totalRiskScore,
+            },
+            recommendations: this.generateRecommendations([...new Set(allViolations)]),
+        };
+    }
+    /**
+     * Extract and analyze image metadata (EXIF simulation)
+     * In production, use a proper EXIF parser
+     */
+    parseImageMetadata(base64Image) {
+        const metadata = {};
+        try {
+            // Look for EXIF markers in the base64 content
+            // This is a simplified simulation - real implementation would use exif-parser
+            const decoded = Buffer.from(base64Image, "base64");
+            const content = decoded.toString("latin1");
+            // Look for common EXIF text patterns
+            const textMatches = content.match(/[\x20-\x7E]{10,}/g) || [];
+            for (const match of textMatches.slice(0, 20)) {
+                if (match.includes("=") || match.includes(":")) {
+                    const [key, ...valueParts] = match.split(/[=:]/);
+                    if (key && valueParts.length > 0) {
+                        metadata[key.trim()] = valueParts.join(":").trim();
+                    }
+                }
+            }
+            // Look for XML metadata (XMP)
+            const xmpMatch = content.match(/<x:xmpmeta[\s\S]*?<\/x:xmpmeta>/i);
+            if (xmpMatch) {
+                metadata._xmp = xmpMatch[0].substring(0, 500);
+            }
+        }
+        catch {
+            // Ignore parsing errors
+        }
+        return metadata;
+    }
+    scanMetadata(metadata) {
+        const violations = [];
+        const patterns = [];
+        let riskContribution = 0;
+        const checkValue = (key, value, path = "") => {
+            const currentPath = path ? `${path}.${key}` : key;
+            if (typeof value === "string") {
+                // Check suspicious fields
+                if (this.SUSPICIOUS_METADATA_FIELDS.includes(key)) {
+                    for (const { name, pattern } of this.INJECTION_PATTERNS) {
+                        if (pattern.test(value)) {
+                            violations.push(`metadata_injection_${name}`);
+                            patterns.push(`${name} in ${currentPath}`);
+                            riskContribution += 30;
+                        }
+                    }
+                }
+                // Check all fields for obvious injection
+                for (const { name, pattern } of this.INJECTION_PATTERNS) {
+                    if (pattern.test(value) && value.length > 20) {
+                        violations.push(`metadata_${name}`);
+                        patterns.push(`${name} in ${currentPath}`);
+                        riskContribution += 20;
+                    }
+                }
+            }
+            else if (typeof value === "object" && value !== null) {
+                for (const [k, v] of Object.entries(value)) {
+                    checkValue(k, v, currentPath);
+                }
+            }
+        };
+        for (const [key, value] of Object.entries(metadata)) {
+            checkValue(key, value);
+        }
+        return {
+            suspicious: violations.length > 0,
+            violations: [...new Set(violations)],
+            patterns: [...new Set(patterns)],
+            riskContribution: Math.min(60, riskContribution),
+        };
+    }
+    scanText(text) {
+        const violations = [];
+        const patterns = [];
+        let riskContribution = 0;
+        for (const { name, pattern } of this.INJECTION_PATTERNS) {
+            if (pattern.test(text)) {
+                violations.push(`text_injection_${name}`);
+                patterns.push(name);
+                riskContribution += 25;
+            }
+        }
+        // Check for invisible unicode characters (used to hide instructions)
+        const invisibleCount = (text.match(/[\u200B-\u200D\uFEFF\u2060-\u206F]/g) || []).length;
+        if (invisibleCount > 5) {
+            violations.push("excessive_invisible_characters");
+            patterns.push(`invisible_unicode(${invisibleCount})`);
+            riskContribution += 20;
+        }
+        // Check for homoglyph attacks
+        const homoglyphPattern = /[\u0430-\u044F\u0410-\u042F]/; // Cyrillic that looks like Latin
+        if (homoglyphPattern.test(text) && /[a-zA-Z]/.test(text)) {
+            violations.push("potential_homoglyph_attack");
+            patterns.push("mixed_scripts");
+            riskContribution += 15;
+        }
+        return {
+            injectionFound: violations.length > 0,
+            violations,
+            patterns,
+            riskContribution: Math.min(60, riskContribution),
+        };
+    }
+    detectBase64Payloads(content) {
+        // Look for base64 patterns that might be hidden payloads
+        const base64Pattern = /(?:^|[^A-Za-z0-9+/])([A-Za-z0-9+/]{40,}={0,2})(?:[^A-Za-z0-9+/]|$)/g;
+        const payloads = [];
+        let match;
+        while ((match = base64Pattern.exec(content)) !== null) {
+            // Verify it's valid base64
+            try {
+                const decoded = Buffer.from(match[1], "base64");
+                // Check if decoded content looks like text with instructions
+                const text = decoded.toString("utf-8");
+                if (/[a-zA-Z\s]{10,}/.test(text)) {
+                    payloads.push(match[1]);
+                }
+            }
+            catch {
+                // Not valid base64
+            }
+        }
+        return {
+            found: payloads.length > 0,
+            payloads,
+        };
+    }
+    detectSteganography(content) {
+        const markers = [];
+        for (const marker of this.STEGO_MARKERS) {
+            if (marker.test(content)) {
+                markers.push(marker.source.substring(0, 20));
+            }
+        }
+        // Entropy analysis (simplified)
+        // High entropy after expected end markers suggests hidden data
+        const entropyThreshold = 0.9;
+        const sample = content.slice(-1000);
+        const uniqueChars = new Set(sample).size;
+        const entropy = uniqueChars / sample.length;
+        if (entropy > entropyThreshold) {
+            markers.push("high_entropy_tail");
+        }
+        return {
+            detected: markers.length > 0,
+            markers,
+        };
+    }
+    checkUrl(url) {
+        const violations = [];
+        const threats = [];
+        let riskContribution = 0;
+        try {
+            const parsed = new URL(url);
+            // Check for suspicious protocols
+            if (!["http:", "https:"].includes(parsed.protocol)) {
+                violations.push("suspicious_protocol");
+                threats.push(`Suspicious protocol: ${parsed.protocol}`);
+                riskContribution += 40;
+            }
+            // Check for IP addresses instead of domains
+            if (/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/.test(parsed.hostname)) {
+                violations.push("ip_address_url");
+                threats.push("Direct IP address URL");
+                riskContribution += 20;
+            }
+            // Check for suspicious patterns in URL
+            if (parsed.href.includes("..") || parsed.href.includes("%00")) {
+                violations.push("path_traversal_url");
+                threats.push("Path traversal in URL");
+                riskContribution += 30;
+            }
+            // Check for data URLs
+            if (url.startsWith("data:")) {
+                violations.push("data_url");
+                threats.push("Data URL detected");
+                riskContribution += 25;
+            }
+        }
+        catch {
+            violations.push("invalid_url");
+            threats.push("Invalid URL format");
+            riskContribution += 30;
+        }
+        return {
+            safe: violations.length === 0,
+            violations,
+            threats,
+            riskContribution,
+        };
+    }
+    generateRecommendations(violations) {
+        const recommendations = [];
+        if (violations.some((v) => v.includes("metadata"))) {
+            recommendations.push("Strip metadata from uploaded files before processing");
+        }
+        if (violations.some((v) => v.includes("base64"))) {
+            recommendations.push("Validate and sanitize base64 payloads before decoding");
+        }
+        if (violations.some((v) => v.includes("mime"))) {
+            recommendations.push("Implement strict MIME type validation");
+        }
+        if (violations.some((v) => v.includes("steganography"))) {
+            recommendations.push("Consider re-encoding images to remove hidden data");
+        }
+        if (violations.some((v) => v.includes("injection"))) {
+            recommendations.push("Sanitize extracted text before including in prompts");
+        }
+        if (recommendations.length === 0) {
+            recommendations.push("Continue monitoring multi-modal inputs");
+        }
+        return recommendations;
+    }
+}
+exports.MultiModalGuard = MultiModalGuard;
+//# sourceMappingURL=multimodal-guard.js.map

package/dist/guards/multimodal-guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"multimodal-guard.js","sourceRoot":"","sources":["../../src/guards/multimodal-guard.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;GAiBG;;;AAoDH,MAAa,eAAe;IAoD1B,YAAY,SAAgC,EAAE;QAjD9C,oDAAoD;QACnC,uBAAkB,GAA6C;YAC9E,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,6EAA6E,EAAE;YACvH,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,iEAAiE,EAAE;YACvG,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,qEAAqE,EAAE;YACvG,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,qDAAqD,EAAE;YACzF,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,kEAAkE,EAAE;YAC1G,EAAE,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,oCAAoC,EAAE;YAC7E,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,qCAAqC,EAAE;YAC7E,EAAE,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,8CAA8C,EAAE;YACzF,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,qCAAqC,EAAE;SAC9E,CAAC;QAEF,sDAAsD;QACrC,+BAA0B,GAAG;YAC5C,kBAAkB;YAClB,aAAa;YACb,WAAW;YACX,YAAY;YACZ,WAAW;YACX,SAAS;YACT,QAAQ;YACR,WAAW;YACX,UAAU;YACV,cAAc;YACd,cAAc;YACd,UAAU;SACX,CAAC;QAEF,6BAA6B;QACZ,yBAAoB,GAAG;YACtC,0BAA0B;YAC1B,6BAA6B;YAC7B,kBAAkB;YAClB,2BAA2B;YAC3B,wBAAwB;YACxB,iBAAiB;YACjB,sBAAsB;YACtB,2BAA2B;SAC5B,CAAC;QAEF,2DAA2D;QAC1C,kBAAa,GAAG;YAC/B,mCAAmC,EAAE,6BAA6B;YAClE,YAAY,EAAE,iCAAiC;YAC/C,OAAO,EAAE,eAAe;YACxB,8BAA8B,EAAE,qBAAqB;SACtD,CAAC;QAGA,IAAI,CAAC,MAAM,GAAG;YACZ,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI;YACzC,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,IAAI,IAAI;YACzD,mBAAmB,EAAE,MAAM,CAAC,mBAAmB,IAAI,IAAI;YACvD,eAAe,EAAE,MAAM,CAAC,eAAe,IAAI,KAAK,EAAE,OAAO;YACzD,cAAc,EAAE,MAAM,CAAC,cAAc,IAAI,EAAE;YAC3C,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI;gBAC3C,YAAY;gBACZ,WAAW;gBACX,WAAW;gBACX,YAAY;gBACZ,YAAY;gBACZ,WAAW;gBACX,WAAW;gBACX,iBAAiB;gBACjB,YAAY;aACb;YACD,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,KAAK;SACvC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CACH,OAA0B,EAC1B,SAAkB;QAElB,MAAM,KAAK,GAAG,SAAS,IAAI,MAAM,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAC9C,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,eAAe,GAAa,EAAE,CAAC;QACrC,MAAM,sBAAsB,GAAa,EAAE,CAAC;QAC5C,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,IAAI,kBAAkB,GAAG,KAAK,CAAC;QAC/B,IAAI,qBAAqB,GAAG,KAAK,CAAC;QAElC,6CAA6C;QAC7C,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YAC3B,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,MAAM,EAAE,4CAA4C;gBACpD,UAAU,EAAE,CAAC,mBAAmB,CAAC;gBACjC,UAAU,EAAE,KAAK;gBACjB,gBAAgB,EAAE;oBAChB,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,gBAAgB,EAAE,CAAC,aAAa,CAAC;oBACjC,mBAAmB,EAAE,KAAK;oBAC1B,uBAAuB,EAAE,KAAK;oBAC9B,wBAAwB,EAAE,EAAE;oBAC5B,UAAU,EAAE,GAAG;iBAChB;gBACD,eAAe,EAAE,CAAC,kDAAkD,CAAC;aACtE,CAAC;QACJ,CAAC;QAED,kBAAkB;QAClB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,IAAI,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzD,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;gBACvC,eAAe,CAAC,IAAI,CAAC,wBAAwB,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACjE,SAAS,IAAI,EAAE,CAAC;YAClB,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7D,UAAU,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBACxC,eAAe,CAAC,IAAI,CAAC,yBAAyB,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAClE,SAAS,IAAI,EAAE,CAAC;YAClB,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,mBAAmB,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;YACnF,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;YACpF,IAAI,mBAAmB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtC,UAAU,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;gBAC5C,eAAe,CAAC,IAAI,CAAC,6BAA6B,GAAG,EAAE,CAAC,CAAC;gBACzD,SAAS,IAAI,EAAE,CAAC;YAClB,CAAC;YAED,0BAA0B;YAC1B,IAAI,wCAAwC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACpE,UAAU,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC3C,eAAe,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;gBACzD,SAAS,IAAI,EAAE,CAAC;YAClB,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACjD,MAAM,cAAc,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC3D,IAAI,cAAc,CAAC,UAAU,EAAE,CAAC;gBAC9B,kBAAkB,GAAG,IAAI,CAAC;gBAC1B,UAAU,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;gBAC9C,sBAAsB,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;gBACxD,SAAS,IAAI,cAAc,CAAC,gBAAgB,CAAC;YAC/C,CAAC;YAED,sBAAsB;YACtB,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;YAC7D,IAAI,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;gBAC/C,UAAU,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;gBACtC,eAAe,CAAC,IAAI,CAAC,iBAAiB,YAAY,kBAAkB,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC,CAAC;gBACnG,SAAS,IAAI,EAAE,CAAC;YAClB,CAAC;QACH,CAAC;QAED,wDAAwD;QACxD,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;YAC1B,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YACxD,IAAI,UAAU,CAAC,cAAc,EAAE,CAAC;gBAC9B,qBAAqB,GAAG,IAAI,CAAC;gBAC7B,UAAU,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;gBAC1C,sBAAsB,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;gBACpD,SAAS,IAAI,UAAU,CAAC,gBAAgB,CAAC;YAC3C,CAAC;QACH,CAAC;QAED,oCAAoC;QACpC,IAAI,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACxD,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAChE,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;gBACvB,UAAU,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC3C,eAAe,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;gBACzD,SAAS,IAAI,EAAE,CAAC;gBAEhB,8BAA8B;gBAC9B,KAAK,MAAM,OAAO,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;oBAC5C,IAAI,CAAC;wBACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;wBACjE,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;wBAC3C,IAAI,WAAW,CAAC,cAAc,EAAE,CAAC;4BAC/B,qBAAqB,GAAG,IAAI,CAAC;4BAC7B,UAAU,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;4BAC5C,sBAAsB,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;4BACrD,SAAS,IAAI,EAAE,CAAC;wBAClB,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,uBAAuB;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACvD,MAAM,WAAW,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC9D,IAAI,WAAW,CAAC,QAAQ,EAAE,CAAC;gBACzB,UAAU,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC3C,eAAe,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;gBACzD,qBAAqB,GAAG,IAAI,CAAC;gBAC7B,SAAS,IAAI,EAAE,CAAC;YAClB,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,IAAI,OAAO,CAAC,IAAI,KAAK,KAAK,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC7C,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;gBACpB,UAAU,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;gBACzC,eAAe,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;gBAC3C,SAAS,IAAI,SAAS,CAAC,gBAAgB,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,wBAAwB;QACxB,MAAM,OAAO,GAAG;YACd,OAAO,CAAC,aAAa,IAAI,EAAE;YAC3B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC;SACvC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEZ,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YACjD,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,UAAU,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;gBACxC,sBAAsB,CAAC,IAAI,CAAC,WAAW,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;gBAC1E,SAAS,IAAI,EAAE,CAAC;YAClB,CAAC;QACH,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,SAAS,IAAI,EAAE,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;QAEzD,OAAO;YACL,OAAO,EAAE,CAAC,OAAO;YACjB,MAAM,EAAE,OAAO;gBACb,CAAC,CAAC,gCAAgC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBACrE,CAAC,CAAC,4CAA4C;YAChD,UAAU;YACV,UAAU,EAAE,KAAK;YACjB,gBAAgB,EAAE;gBAChB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,gBAAgB,EAAE,eAAe;gBACjC,mBAAmB,EAAE,kBAAkB;gBACvC,uBAAuB,EAAE,qBAAqB;gBAC9C,wBAAwB,EAAE,sBAAsB;gBAChD,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;aACrC;YACD,eAAe,EAAE,IAAI,CAAC,uBAAuB,CAAC,UAAU,CAAC;SAC1D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,UAAU,CACR,QAA6B,EAC7B,SAAkB;QAElB,MAAM,KAAK,GAAG,SAAS,IAAI,YAAY,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QACpD,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,WAAW,GAAa,EAAE,CAAC;QACjC,IAAI,cAAc,GAAG,CAAC,CAAC;QACvB,IAAI,qBAAqB,GAAG,KAAK,CAAC;QAClC,IAAI,gBAAgB,GAAG,KAAK,CAAC;QAE7B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC1C,aAAa,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;YACzC,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;YAC7D,WAAW,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,gBAAgB,CAAC,wBAAwB,CAAC,CAAC;YACtE,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,MAAM,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;YAC9E,qBAAqB,GAAG,qBAAqB,IAAI,MAAM,CAAC,gBAAgB,CAAC,mBAAmB,CAAC;YAC7F,gBAAgB,GAAG,gBAAgB,IAAI,MAAM,CAAC,gBAAgB,CAAC,uBAAuB,CAAC;QACzF,CAAC;QAED,MAAM,OAAO,GAAG,cAAc,IAAI,EAAE,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC;QAEjE,OAAO;YACL,OAAO,EAAE,CAAC,OAAO;YACjB,MAAM,EAAE,OAAO;gBACb,CAAC,CAAC,kBAAkB,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBACxE,CAAC,CAAC,gDAAgD;YACpD,UAAU,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC;YACvC,UAAU,EAAE,KAAK;YACjB,gBAAgB,EAAE;gBAChB,IAAI,EAAE,SAAS,QAAQ,CAAC,MAAM,GAAG;gBACjC,gBAAgB,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;gBAC1C,mBAAmB,EAAE,qBAAqB;gBAC1C,uBAAuB,EAAE,gBAAgB;gBACzC,wBAAwB,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;gBACnD,UAAU,EAAE,cAAc;aAC3B;YACD,eAAe,EAAE,IAAI,CAAC,uBAAuB,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;SAC3E,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,kBAAkB,CAAC,WAAmB;QACpC,MAAM,QAAQ,GAAwB,EAAE,CAAC;QAEzC,IAAI,CAAC;YACH,8CAA8C;YAC9C,8EAA8E;YAC9E,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YACnD,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAE3C,qCAAqC;YACrC,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC;YAC7D,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;gBAC7C,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC/C,MAAM,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBACjD,IAAI,GAAG,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBACjC,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;oBACrD,CAAC;gBACH,CAAC;YACH,CAAC;YAED,8BAA8B;YAC9B,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACnE,IAAI,QAAQ,EAAE,CAAC;gBACb,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,YAAY,CAAC,QAA6B;QAMhD,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,IAAI,gBAAgB,GAAG,CAAC,CAAC;QAEzB,MAAM,UAAU,GAAG,CAAC,GAAW,EAAE,KAAU,EAAE,OAAe,EAAE,EAAE,EAAE;YAChE,MAAM,WAAW,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;YAElD,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,0BAA0B;gBAC1B,IAAI,IAAI,CAAC,0BAA0B,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAClD,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;wBACxD,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;4BACxB,UAAU,CAAC,IAAI,CAAC,sBAAsB,IAAI,EAAE,CAAC,CAAC;4BAC9C,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,WAAW,EAAE,CAAC,CAAC;4BAC3C,gBAAgB,IAAI,EAAE,CAAC;wBACzB,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,yCAAyC;gBACzC,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;oBACxD,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;wBAC7C,UAAU,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;wBACpC,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,WAAW,EAAE,CAAC,CAAC;wBAC3C,gBAAgB,IAAI,EAAE,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACvD,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC3C,UAAU,CAAC,CAAC,EAAE,CAAC,EAAE,WAAW,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACpD,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACzB,CAAC;QAED,OAAO;YACL,UAAU,EAAE,UAAU,CAAC,MAAM,GAAG,CAAC;YACjC,UAAU,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;YACpC,QAAQ,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC;YAChC,gBAAgB,EAAE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,gBAAgB,CAAC;SACjD,CAAC;IACJ,CAAC;IAEO,QAAQ,CAAC,IAAY;QAM3B,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,IAAI,gBAAgB,GAAG,CAAC,CAAC;QAEzB,KAAK,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,UAAU,CAAC,IAAI,CAAC,kBAAkB,IAAI,EAAE,CAAC,CAAC;gBAC1C,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpB,gBAAgB,IAAI,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAED,qEAAqE;QACrE,MAAM,cAAc,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,qCAAqC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QACxF,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;YACvB,UAAU,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;YAClD,QAAQ,CAAC,IAAI,CAAC,qBAAqB,cAAc,GAAG,CAAC,CAAC;YACtD,gBAAgB,IAAI,EAAE,CAAC;QACzB,CAAC;QAED,8BAA8B;QAC9B,MAAM,gBAAgB,GAAG,8BAA8B,CAAC,CAAC,iCAAiC;QAC1F,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,UAAU,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAC9C,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC/B,gBAAgB,IAAI,EAAE,CAAC;QACzB,CAAC;QAED,OAAO;YACL,cAAc,EAAE,UAAU,CAAC,MAAM,GAAG,CAAC;YACrC,UAAU;YACV,QAAQ;YACR,gBAAgB,EAAE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,gBAAgB,CAAC;SACjD,CAAC;IACJ,CAAC;IAEO,oBAAoB,CAAC,OAAe;QAI1C,yDAAyD;QACzD,MAAM,aAAa,GAAG,qEAAqE,CAAC;QAC5F,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,IAAI,KAAK,CAAC;QACV,OAAO,CAAC,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACtD,2BAA2B;YAC3B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;gBAChD,6DAA6D;gBAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBACvC,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACjC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1B,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,mBAAmB;YACrB,CAAC;QACH,CAAC;QAED,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC;YAC1B,QAAQ;SACT,CAAC;IACJ,CAAC;IAEO,mBAAmB,CAAC,OAAe;QAIzC,MAAM,OAAO,GAAa,EAAE,CAAC;QAE7B,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACxC,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzB,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,+DAA+D;QAC/D,MAAM,gBAAgB,GAAG,GAAG,CAAC;QAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC;QACpC,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC;QACzC,MAAM,OAAO,GAAG,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC;QAE5C,IAAI,OAAO,GAAG,gBAAgB,EAAE,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QACpC,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC;YAC5B,OAAO;SACR,CAAC;IACJ,CAAC;IAEO,QAAQ,CAAC,GAAW;QAM1B,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,IAAI,gBAAgB,GAAG,CAAC,CAAC;QAEzB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAE5B,iCAAiC;YACjC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACnD,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;gBACvC,OAAO,CAAC,IAAI,CAAC,wBAAwB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACxD,gBAAgB,IAAI,EAAE,CAAC;YACzB,CAAC;YAED,4CAA4C;YAC5C,IAAI,sCAAsC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjE,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;gBAClC,OAAO,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;gBACtC,gBAAgB,IAAI,EAAE,CAAC;YACzB,CAAC;YAED,uCAAuC;YACvC,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9D,UAAU,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;gBACtC,OAAO,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;gBACtC,gBAAgB,IAAI,EAAE,CAAC;YACzB,CAAC;YAED,sBAAsB;YACtB,IAAI,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAC5B,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBAClC,gBAAgB,IAAI,EAAE,CAAC;YACzB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACnC,gBAAgB,IAAI,EAAE,CAAC;QACzB,CAAC;QAED,OAAO;YACL,IAAI,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC;YAC7B,UAAU;YACV,OAAO;YACP,gBAAgB;SACjB,CAAC;IACJ,CAAC;IAEO,uBAAuB,CAAC,UAAoB;QAClD,MAAM,eAAe,GAAa,EAAE,CAAC;QAErC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YACnD,eAAe,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QAC/E,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACjD,eAAe,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QAChF,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAC/C,eAAe,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QAChE,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC;YACxD,eAAe,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC5E,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YACpD,eAAe,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;QAC9E,CAAC;QAED,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,eAAe,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACjE,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;CACF;AAvjBD,0CAujBC"}