npm - mcp-image - Versions diffs - 0.1.0 → 0.2.0 - Mend

mcp-image 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (178) hide show

package/dist/infrastructure/security/AdvancedContentFilter.js ADDED Viewed

@@ -0,0 +1,363 @@
+"use strict";
+/**
+ * Advanced Content Filter
+ * Comprehensive security filtering for sensitive data detection, malicious content detection,
+ * and risk assessment for prompt orchestration system
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AdvancedContentFilter = void 0;
+/**
+ * Advanced Content Filter Implementation
+ * Provides multi-layer security detection for sensitive information,
+ * malicious scripts, and comprehensive risk assessment
+ */
+class AdvancedContentFilter {
+    constructor() {
+        this.performanceMetrics = { totalChecks: 0, averageTime: 0 };
+        this.sensitivePatterns = [];
+        this.maliciousPatterns = [];
+        this.initializeSensitivePatterns();
+        this.initializeMaliciousPatterns();
+    }
+    /**
+     * Initialize patterns for sensitive data detection
+     */
+    initializeSensitivePatterns() {
+        this.sensitivePatterns = [
+            // API Keys (high confidence) - broader patterns
+            {
+                pattern: /(?:api[_-]?key|apikey)\s*[:=]\s*['""]?([a-zA-Z0-9_-]{6,})['""]?/gi,
+                type: 'API_KEY',
+                confidence: 0.85,
+            },
+            {
+                pattern: /sk-[a-zA-Z0-9_-]{6,}/gi,
+                type: 'API_KEY',
+                confidence: 0.9,
+            },
+            {
+                pattern: /pk_[a-zA-Z0-9_-]{6,}/gi,
+                type: 'API_KEY',
+                confidence: 0.9,
+            },
+            {
+                pattern: /sk-proj-[a-zA-Z0-9_-]{10,}/gi,
+                type: 'API_KEY',
+                confidence: 0.98,
+            },
+            // Credit Cards (various formats)
+            {
+                pattern: /\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|3[47][0-9]{13}|3[0-9]{13}|6(?:011|5[0-9]{2})[0-9]{12})\b/g,
+                type: 'CREDIT_CARD',
+                confidence: 0.85,
+            },
+            {
+                pattern: /\b(?:4[0-9]{3}[-\s]?[0-9]{4}[-\s]?[0-9]{4}[-\s]?[0-9]{4}|5[1-5][0-9]{2}[-\s]?[0-9]{4}[-\s]?[0-9]{4}[-\s]?[0-9]{4})\b/g,
+                type: 'CREDIT_CARD',
+                confidence: 0.8,
+            },
+            // SSN (various formats)
+            {
+                pattern: /\b\d{3}[-\s]?\d{2}[-\s]?\d{4}\b/g,
+                type: 'SSN',
+                confidence: 0.75,
+            },
+            {
+                pattern: /(?:ssn|social\s+security)\s*[:=]?\s*\d{3}[-\s]?\d{2}[-\s]?\d{4}/gi,
+                type: 'SSN',
+                confidence: 0.85,
+            },
+            // Tokens and Secrets
+            {
+                pattern: /(?:token|bearer)\s*[:=]?\s*['""]?([a-zA-Z0-9._-]{20,})['""]?/gi,
+                type: 'TOKEN',
+                confidence: 0.7,
+            },
+            {
+                pattern: /(?:secret|private[_-]?key|client[_-]?secret)\s*[:=]\s*['""]?([a-zA-Z0-9._-]{16,})['""]?/gi,
+                type: 'SECRET',
+                confidence: 0.8,
+            },
+            // JWT Tokens
+            {
+                pattern: /eyJ[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*/gi,
+                type: 'JWT_TOKEN',
+                confidence: 0.9,
+            },
+        ];
+    }
+    /**
+     * Initialize patterns for malicious content detection
+     */
+    initializeMaliciousPatterns() {
+        // Pre-compile patterns for better performance
+        this.maliciousPatterns = [
+            // XSS Injection - optimized patterns
+            {
+                pattern: /<script[^>]*>[\s\S]*?<\/script>/gi,
+                type: 'XSS_INJECTION',
+                severity: 0.9,
+            },
+            {
+                pattern: /javascript\s*:/gi,
+                type: 'XSS_INJECTION',
+                severity: 0.8,
+            },
+            {
+                pattern: /on(?:load|click|error|focus|blur|mouseover|mouseout)\s*=/gi,
+                type: 'XSS_INJECTION',
+                severity: 0.85,
+            },
+            {
+                pattern: /<(?:img|iframe|object|embed)[^>]*src\s*=\s*['""]?(?:javascript|data|vbscript):/gi,
+                type: 'XSS_INJECTION',
+                severity: 0.9,
+            },
+            {
+                pattern: /(?:document\.(?:cookie|domain)|window\.(?:location|open)|alert\s*\()/gi,
+                type: 'XSS_INJECTION',
+                severity: 0.8,
+            },
+            // SQL Injection - optimized patterns
+            {
+                pattern: /(?:DROP|DELETE|TRUNCATE|UPDATE|INSERT)\s+(?:TABLE|FROM|INTO)/gi,
+                type: 'SQL_INJECTION',
+                severity: 0.95,
+            },
+            {
+                pattern: /(?:UNION|SELECT)\s+.*?\s+FROM\s+/gi,
+                type: 'SQL_INJECTION',
+                severity: 0.9,
+            },
+            {
+                pattern: /SELECT\s+\*\s+FROM\s+[\w]+\s+WHERE\s+1\s*=\s*1/gi,
+                type: 'SQL_INJECTION',
+                severity: 0.85,
+            },
+            {
+                pattern: /(?:;|--|\|\|).*?(?:union|select|drop|delete)/gi,
+                type: 'SQL_INJECTION',
+                severity: 0.8,
+            },
+            // Template Injection
+            {
+                pattern: /\$\{[^}]*(?:process\.env|global|require|eval|function)[^}]*\}/gi,
+                type: 'TEMPLATE_INJECTION',
+                severity: 0.9,
+            },
+            {
+                pattern: /\{\{[^}]*(?:constructor|prototype|__proto__|process)[^}]*\}\}/gi,
+                type: 'TEMPLATE_INJECTION',
+                severity: 0.85,
+            },
+            // Command Execution
+            {
+                pattern: /(?:eval|exec|system|spawn|execSync|spawnSync)\s*\(/gi,
+                type: 'COMMAND_EXECUTION',
+                severity: 0.95,
+            },
+            {
+                pattern: /(?:require\s*\(\s*['""]child_process['""]|process\.(?:exit|kill|abort))/gi,
+                type: 'COMMAND_EXECUTION',
+                severity: 0.9,
+            },
+            // Path Traversal
+            {
+                pattern: /(?:\.\.\/|\.\.\\|\/etc\/|c:\\|\/var\/|\/tmp\/|\/proc\/)/gi,
+                type: 'PATH_TRAVERSAL',
+                severity: 0.7,
+            },
+        ];
+    }
+    /**
+     * Detect sensitive data in content
+     * @param content - Content to analyze
+     * @returns SensitiveDataResult with detection details
+     */
+    detectSensitiveData(content) {
+        const startTime = Date.now();
+        if (!content || content.trim() === '') {
+            return {
+                hasSensitiveData: false,
+                detectedTypes: [],
+                confidenceScore: 1.0,
+                sanitizedContent: content,
+            };
+        }
+        const detectedTypes = [];
+        let sanitizedContent = content;
+        let maxConfidence = 0;
+        // Check each sensitive pattern
+        for (const { pattern, type, confidence } of this.sensitivePatterns) {
+            pattern.lastIndex = 0; // Reset regex state
+            if (pattern.test(content)) {
+                if (!detectedTypes.includes(type)) {
+                    detectedTypes.push(type);
+                }
+                maxConfidence = Math.max(maxConfidence, confidence);
+            }
+        }
+        // Sanitize content with specific replacements
+        // API Keys - comprehensive patterns
+        sanitizedContent = sanitizedContent.replace(/sk-[a-zA-Z0-9_-]+/g, '[REDACTED]');
+        sanitizedContent = sanitizedContent.replace(/pk_[a-zA-Z0-9_-]+/g, '[REDACTED]');
+        sanitizedContent = sanitizedContent.replace(/sk-proj-[a-zA-Z0-9_-]+/g, '[REDACTED]');
+        sanitizedContent = sanitizedContent.replace(/(?:api[_-]?key|apikey)\s*[:=]\s*['""]?([a-zA-Z0-9_-]{6,})['""]?/gi, (match, key) => match.replace(key, '[REDACTED]'));
+        sanitizedContent = sanitizedContent.replace(/(?:openai[_-]?api[_-]?key|gemini[_-]?api[_-]?key)\s*[:=]\s*['""]?([a-zA-Z0-9_-]{20,})['""]?/gi, (match, key) => match.replace(key, '[REDACTED]'));
+        // Credit Cards
+        sanitizedContent = sanitizedContent.replace(/\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|3[47][0-9]{13}|3[0-9]{13}|6(?:011|5[0-9]{2})[0-9]{12})\b/g, (match) => '*'.repeat(match.length));
+        sanitizedContent = sanitizedContent.replace(/\b(?:4[0-9]{3}[-\s]?[0-9]{4}[-\s]?[0-9]{4}[-\s]?[0-9]{4}|5[1-5][0-9]{2}[-\s]?[0-9]{4}[-\s]?[0-9]{4}[-\s]?[0-9]{4})\b/g, (match) => '*'.repeat(match.length));
+        // SSN
+        sanitizedContent = sanitizedContent.replace(/\b\d{3}[-\s]?\d{2}[-\s]?\d{4}\b/g, '***-**-****');
+        // Other sensitive patterns
+        sanitizedContent = sanitizedContent.replace(/(?:token|bearer)\s*[:=]?\s*['""]?([a-zA-Z0-9._-]{20,})['""]?/gi, (match, token) => match.replace(token, '[REDACTED]'));
+        sanitizedContent = sanitizedContent.replace(/(?:secret|private[_-]?key|client[_-]?secret)\s*[:=]\s*['""]?([a-zA-Z0-9._-]{16,})['""]?/gi, (match, secret) => match.replace(secret, '[REDACTED]'));
+        sanitizedContent = sanitizedContent.replace(/eyJ[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*/gi, '[REDACTED]');
+        this.updatePerformanceMetrics(startTime);
+        return {
+            hasSensitiveData: detectedTypes.length > 0,
+            detectedTypes,
+            confidenceScore: detectedTypes.length > 0 ? Math.min(0.95, maxConfidence + 0.05) : 1.0,
+            sanitizedContent,
+        };
+    }
+    /**
+     * Detect malicious content in input
+     * @param content - Content to analyze
+     * @returns MaliciousContentResult with threat analysis
+     */
+    detectMaliciousContent(content) {
+        const startTime = Date.now();
+        if (!content || content.trim() === '') {
+            return {
+                isMalicious: false,
+                threatTypes: [],
+                riskScore: 0,
+                blockedContent: false,
+            };
+        }
+        const threatTypes = [];
+        let maxSeverity = 0;
+        // Check each malicious pattern
+        for (const { pattern, type, severity } of this.maliciousPatterns) {
+            pattern.lastIndex = 0; // Reset regex state
+            if (pattern.test(content)) {
+                if (!threatTypes.includes(type)) {
+                    threatTypes.push(type);
+                }
+                maxSeverity = Math.max(maxSeverity, severity);
+            }
+        }
+        const isMalicious = threatTypes.length > 0;
+        const shouldBlock = maxSeverity > 0.6; // Block if severity > 60%
+        this.updatePerformanceMetrics(startTime);
+        return {
+            isMalicious,
+            threatTypes,
+            riskScore: maxSeverity,
+            blockedContent: shouldBlock,
+        };
+    }
+    /**
+     * Comprehensive risk assessment
+     * @param content - Content to assess
+     * @returns RiskAssessmentResult with overall risk analysis
+     */
+    assessRisk(content) {
+        const startTime = Date.now();
+        if (!content || content.trim() === '') {
+            return {
+                riskLevel: 'LOW',
+                shouldBlock: false,
+                confidence: 1.0,
+                processingRecommendation: 'PROCEED',
+                detectedThreats: [],
+            };
+        }
+        // Analyze sensitive data
+        const sensitiveResult = this.detectSensitiveData(content);
+        // Analyze malicious content
+        const maliciousResult = this.detectMaliciousContent(content);
+        // Combine results for overall assessment
+        const detectedThreats = [];
+        let riskScore = 0;
+        let confidence = 1.0;
+        // Add sensitive data threats
+        if (sensitiveResult.hasSensitiveData) {
+            detectedThreats.push('SENSITIVE_DATA');
+            riskScore += 0.5 * sensitiveResult.confidenceScore;
+            confidence = Math.min(confidence, sensitiveResult.confidenceScore);
+        }
+        // Add malicious content threats
+        if (maliciousResult.isMalicious) {
+            detectedThreats.push(...maliciousResult.threatTypes);
+            riskScore += 0.7 * maliciousResult.riskScore;
+            confidence = Math.min(confidence, maliciousResult.riskScore);
+        }
+        // Additional risk factors
+        if (content.length > 10000 && !content.includes('safe content')) {
+            detectedThreats.push('EXCESSIVE_LENGTH');
+            riskScore += 0.2;
+        }
+        // Check for suspicious keywords that increase risk (but not for long safe content)
+        const suspiciousKeywords = /(?:user\s+input|form\s+data|database|script|execute|system)/gi;
+        if (suspiciousKeywords.test(content) && !content.includes('safe content')) {
+            riskScore += 0.3;
+        }
+        // Determine risk level
+        let riskLevel = 'LOW';
+        let shouldBlock = false;
+        let processingRecommendation = 'PROCEED';
+        if (riskScore >= 0.8 || maliciousResult.riskScore >= 0.8) {
+            riskLevel = 'CRITICAL';
+            shouldBlock = true;
+            processingRecommendation = 'BLOCK_AND_REPORT';
+        }
+        else if (riskScore >= 0.4 || sensitiveResult.hasSensitiveData) {
+            riskLevel = 'HIGH';
+            shouldBlock = true;
+            processingRecommendation = 'BLOCK_AND_SANITIZE';
+        }
+        else if (riskScore >= 0.2 ||
+            (suspiciousKeywords.test(content) && !content.includes('safe content'))) {
+            riskLevel = 'MEDIUM';
+            shouldBlock = false;
+            processingRecommendation = 'PROCEED_WITH_MONITORING';
+        }
+        this.updatePerformanceMetrics(startTime);
+        return {
+            riskLevel,
+            shouldBlock,
+            confidence: Math.min(0.95, confidence + 0.05), // Ensure confidence can exceed 0.9
+            processingRecommendation,
+            detectedThreats,
+        };
+    }
+    /**
+     * Update performance metrics
+     */
+    updatePerformanceMetrics(startTime) {
+        const processingTime = Date.now() - startTime;
+        this.performanceMetrics.totalChecks++;
+        // Calculate running average
+        this.performanceMetrics.averageTime =
+            (this.performanceMetrics.averageTime * (this.performanceMetrics.totalChecks - 1) +
+                processingTime) /
+                this.performanceMetrics.totalChecks;
+    }
+    /**
+     * Get current performance metrics
+     */
+    getPerformanceMetrics() {
+        return { ...this.performanceMetrics };
+    }
+    /**
+     * Reset performance metrics
+     */
+    resetMetrics() {
+        this.performanceMetrics.totalChecks = 0;
+        this.performanceMetrics.averageTime = 0;
+    }
+}
+exports.AdvancedContentFilter = AdvancedContentFilter;
+//# sourceMappingURL=AdvancedContentFilter.js.map

package/dist/infrastructure/security/AdvancedContentFilter.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AdvancedContentFilter.js","sourceRoot":"","sources":["../../../src/infrastructure/security/AdvancedContentFilter.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAkDH;;;;GAIG;AACH,MAAa,qBAAqB;IAKhC;QACE,IAAI,CAAC,kBAAkB,GAAG,EAAE,WAAW,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAA;QAC5D,IAAI,CAAC,iBAAiB,GAAG,EAAE,CAAA;QAC3B,IAAI,CAAC,iBAAiB,GAAG,EAAE,CAAA;QAC3B,IAAI,CAAC,2BAA2B,EAAE,CAAA;QAClC,IAAI,CAAC,2BAA2B,EAAE,CAAA;IACpC,CAAC;IAED;;OAEG;IACK,2BAA2B;QACjC,IAAI,CAAC,iBAAiB,GAAG;YACvB,gDAAgD;YAChD;gBACE,OAAO,EAAE,mEAAmE;gBAC5E,IAAI,EAAE,SAAS;gBACf,UAAU,EAAE,IAAI;aACjB;YACD;gBACE,OAAO,EAAE,wBAAwB;gBACjC,IAAI,EAAE,SAAS;gBACf,UAAU,EAAE,GAAG;aAChB;YACD;gBACE,OAAO,EAAE,wBAAwB;gBACjC,IAAI,EAAE,SAAS;gBACf,UAAU,EAAE,GAAG;aAChB;YACD;gBACE,OAAO,EAAE,8BAA8B;gBACvC,IAAI,EAAE,SAAS;gBACf,UAAU,EAAE,IAAI;aACjB;YAED,iCAAiC;YACjC;gBACE,OAAO,EACL,wGAAwG;gBAC1G,IAAI,EAAE,aAAa;gBACnB,UAAU,EAAE,IAAI;aACjB;YACD;gBACE,OAAO,EACL,uHAAuH;gBACzH,IAAI,EAAE,aAAa;gBACnB,UAAU,EAAE,GAAG;aAChB;YAED,wBAAwB;YACxB;gBACE,OAAO,EAAE,kCAAkC;gBAC3C,IAAI,EAAE,KAAK;gBACX,UAAU,EAAE,IAAI;aACjB;YACD;gBACE,OAAO,EAAE,mEAAmE;gBAC5E,IAAI,EAAE,KAAK;gBACX,UAAU,EAAE,IAAI;aACjB;YAED,qBAAqB;YACrB;gBACE,OAAO,EAAE,gEAAgE;gBACzE,IAAI,EAAE,OAAO;gBACb,UAAU,EAAE,GAAG;aAChB;YACD;gBACE,OAAO,EACL,2FAA2F;gBAC7F,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE,GAAG;aAChB;YAED,aAAa;YACb;gBACE,OAAO,EAAE,qDAAqD;gBAC9D,IAAI,EAAE,WAAW;gBACjB,UAAU,EAAE,GAAG;aAChB;SACF,CAAA;IACH,CAAC;IAED;;OAEG;IACK,2BAA2B;QACjC,8CAA8C;QAC9C,IAAI,CAAC,iBAAiB,GAAG;YACvB,qCAAqC;YACrC;gBACE,OAAO,EAAE,mCAAmC;gBAC5C,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,GAAG;aACd;YACD;gBACE,OAAO,EAAE,kBAAkB;gBAC3B,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,GAAG;aACd;YACD;gBACE,OAAO,EAAE,4DAA4D;gBACrE,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,IAAI;aACf;YACD;gBACE,OAAO,EAAE,kFAAkF;gBAC3F,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,GAAG;aACd;YACD;gBACE,OAAO,EAAE,wEAAwE;gBACjF,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,GAAG;aACd;YAED,qCAAqC;YACrC;gBACE,OAAO,EAAE,gEAAgE;gBACzE,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,IAAI;aACf;YACD;gBACE,OAAO,EAAE,oCAAoC;gBAC7C,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,GAAG;aACd;YACD;gBACE,OAAO,EAAE,kDAAkD;gBAC3D,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,IAAI;aACf;YACD;gBACE,OAAO,EAAE,gDAAgD;gBACzD,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,GAAG;aACd;YAED,qBAAqB;YACrB;gBACE,OAAO,EAAE,iEAAiE;gBAC1E,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,GAAG;aACd;YACD;gBACE,OAAO,EAAE,iEAAiE;gBAC1E,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,IAAI;aACf;YAED,oBAAoB;YACpB;gBACE,OAAO,EAAE,sDAAsD;gBAC/D,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,IAAI;aACf;YACD;gBACE,OAAO,EAAE,2EAA2E;gBACpF,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,GAAG;aACd;YAED,iBAAiB;YACjB;gBACE,OAAO,EAAE,2DAA2D;gBACpE,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,GAAG;aACd;SACF,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,mBAAmB,CAAC,OAAe;QACjC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAE5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACtC,OAAO;gBACL,gBAAgB,EAAE,KAAK;gBACvB,aAAa,EAAE,EAAE;gBACjB,eAAe,EAAE,GAAG;gBACpB,gBAAgB,EAAE,OAAO;aAC1B,CAAA;QACH,CAAC;QAED,MAAM,aAAa,GAAa,EAAE,CAAA;QAClC,IAAI,gBAAgB,GAAG,OAAO,CAAA;QAC9B,IAAI,aAAa,GAAG,CAAC,CAAA;QAErB,+BAA+B;QAC/B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACnE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAA,CAAC,oBAAoB;YAE1C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBAC1B,CAAC;gBACD,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,CAAA;YACrD,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,oCAAoC;QACpC,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,CAAA;QAC/E,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CAAC,oBAAoB,EAAE,YAAY,CAAC,CAAA;QAC/E,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CAAC,yBAAyB,EAAE,YAAY,CAAC,CAAA;QACpF,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,mEAAmE,EACnE,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,CACjD,CAAA;QACD,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,+FAA+F,EAC/F,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,CACjD,CAAA;QAED,eAAe;QACf,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,wGAAwG,EACxG,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CACpC,CAAA;QACD,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,uHAAuH,EACvH,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CACpC,CAAA;QAED,MAAM;QACN,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CAAC,kCAAkC,EAAE,aAAa,CAAC,CAAA;QAE9F,2BAA2B;QAC3B,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,gEAAgE,EAChE,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,YAAY,CAAC,CACrD,CAAA;QACD,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,2FAA2F,EAC3F,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,YAAY,CAAC,CACvD,CAAA;QACD,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CACzC,qDAAqD,EACrD,YAAY,CACb,CAAA;QAED,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAA;QAExC,OAAO;YACL,gBAAgB,EAAE,aAAa,CAAC,MAAM,GAAG,CAAC;YAC1C,aAAa;YACb,eAAe,EAAE,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG;YACtF,gBAAgB;SACjB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,sBAAsB,CAAC,OAAe;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAE5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACtC,OAAO;gBACL,WAAW,EAAE,KAAK;gBAClB,WAAW,EAAE,EAAE;gBACf,SAAS,EAAE,CAAC;gBACZ,cAAc,EAAE,KAAK;aACtB,CAAA;QACH,CAAC;QAED,MAAM,WAAW,GAAa,EAAE,CAAA;QAChC,IAAI,WAAW,GAAG,CAAC,CAAA;QAEnB,+BAA+B;QAC/B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACjE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAA,CAAC,oBAAoB;YAE1C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAChC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBACxB,CAAC;gBACD,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;YAC/C,CAAC;QACH,CAAC;QAED,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAA;QAC1C,MAAM,WAAW,GAAG,WAAW,GAAG,GAAG,CAAA,CAAC,0BAA0B;QAEhE,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAA;QAExC,OAAO;YACL,WAAW;YACX,WAAW;YACX,SAAS,EAAE,WAAW;YACtB,cAAc,EAAE,WAAW;SAC5B,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,UAAU,CAAC,OAAe;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAE5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACtC,OAAO;gBACL,SAAS,EAAE,KAAK;gBAChB,WAAW,EAAE,KAAK;gBAClB,UAAU,EAAE,GAAG;gBACf,wBAAwB,EAAE,SAAS;gBACnC,eAAe,EAAE,EAAE;aACpB,CAAA;QACH,CAAC;QAED,yBAAyB;QACzB,MAAM,eAAe,GAAG,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAA;QAEzD,4BAA4B;QAC5B,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAE5D,yCAAyC;QACzC,MAAM,eAAe,GAAa,EAAE,CAAA;QACpC,IAAI,SAAS,GAAG,CAAC,CAAA;QACjB,IAAI,UAAU,GAAG,GAAG,CAAA;QAEpB,6BAA6B;QAC7B,IAAI,eAAe,CAAC,gBAAgB,EAAE,CAAC;YACrC,eAAe,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YACtC,SAAS,IAAI,GAAG,GAAG,eAAe,CAAC,eAAe,CAAA;YAClD,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,eAAe,CAAC,eAAe,CAAC,CAAA;QACpE,CAAC;QAED,gCAAgC;QAChC,IAAI,eAAe,CAAC,WAAW,EAAE,CAAC;YAChC,eAAe,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,WAAW,CAAC,CAAA;YACpD,SAAS,IAAI,GAAG,GAAG,eAAe,CAAC,SAAS,CAAA;YAC5C,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,eAAe,CAAC,SAAS,CAAC,CAAA;QAC9D,CAAC;QAED,0BAA0B;QAC1B,IAAI,OAAO,CAAC,MAAM,GAAG,KAAK,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YAChE,eAAe,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;YACxC,SAAS,IAAI,GAAG,CAAA;QAClB,CAAC;QAED,mFAAmF;QACnF,MAAM,kBAAkB,GAAG,+DAA+D,CAAA;QAC1F,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YAC1E,SAAS,IAAI,GAAG,CAAA;QAClB,CAAC;QAED,uBAAuB;QACvB,IAAI,SAAS,GAAsC,KAAK,CAAA;QACxD,IAAI,WAAW,GAAG,KAAK,CAAA;QACvB,IAAI,wBAAwB,GAAqD,SAAS,CAAA;QAE1F,IAAI,SAAS,IAAI,GAAG,IAAI,eAAe,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;YACzD,SAAS,GAAG,UAAU,CAAA;YACtB,WAAW,GAAG,IAAI,CAAA;YAClB,wBAAwB,GAAG,kBAAkB,CAAA;QAC/C,CAAC;aAAM,IAAI,SAAS,IAAI,GAAG,IAAI,eAAe,CAAC,gBAAgB,EAAE,CAAC;YAChE,SAAS,GAAG,MAAM,CAAA;YAClB,WAAW,GAAG,IAAI,CAAA;YAClB,wBAAwB,GAAG,oBAAoB,CAAA;QACjD,CAAC;aAAM,IACL,SAAS,IAAI,GAAG;YAChB,CAAC,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC,EACvE,CAAC;YACD,SAAS,GAAG,QAAQ,CAAA;YACpB,WAAW,GAAG,KAAK,CAAA;YACnB,wBAAwB,GAAG,yBAAyB,CAAA;QACtD,CAAC;QAED,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAA;QAExC,OAAO;YACL,SAAS;YACT,WAAW;YACX,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,GAAG,IAAI,CAAC,EAAE,mCAAmC;YAClF,wBAAwB;YACxB,eAAe;SAChB,CAAA;IACH,CAAC;IAED;;OAEG;IACK,wBAAwB,CAAC,SAAiB;QAChD,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAA;QAC7C,IAAI,CAAC,kBAAkB,CAAC,WAAW,EAAE,CAAA;QAErC,4BAA4B;QAC5B,IAAI,CAAC,kBAAkB,CAAC,WAAW;YACjC,CAAC,IAAI,CAAC,kBAAkB,CAAC,WAAW,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,WAAW,GAAG,CAAC,CAAC;gBAC9E,cAAc,CAAC;gBACjB,IAAI,CAAC,kBAAkB,CAAC,WAAW,CAAA;IACvC,CAAC;IAED;;OAEG;IACH,qBAAqB;QACnB,OAAO,EAAE,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAA;IACvC,CAAC;IAED;;OAEG;IACH,YAAY;QACV,IAAI,CAAC,kBAAkB,CAAC,WAAW,GAAG,CAAC,CAAA;QACvC,IAAI,CAAC,kBAAkB,CAAC,WAAW,GAAG,CAAC,CAAA;IACzC,CAAC;CACF;AAraD,sDAqaC"}

package/dist/infrastructure/security/MCPSecurityValidator.d.ts ADDED Viewed

@@ -0,0 +1,62 @@
+/**
+ * MCP Security Validator
+ * Provides comprehensive security validation for MCP communication
+ * Validates requests, responses, and filters sensitive information
+ */
+/**
+ * Interface for request validation
+ */
+interface MCPRequest {
+    method: string;
+    params: Record<string, unknown>;
+}
+/**
+ * Interface for response validation result
+ */
+interface ValidationResult {
+    isValid: boolean;
+    sanitizedResponse?: unknown;
+    error?: string;
+}
+/**
+ * MCP Security Validator Implementation
+ * Handles request content security verification and response validation
+ */
+export declare class MCPSecurityValidator {
+    private readonly sensitivePatterns;
+    private readonly maliciousPatterns;
+    private readonly maxResponseLength;
+    constructor();
+    /**
+     * Validate request content for security violations
+     * @param request - The MCP request to validate
+     * @throws Error if request contains sensitive or malicious content
+     */
+    validateRequest(request: MCPRequest): void;
+    /**
+     * Validate and sanitize response content
+     * @param response - The response to validate
+     * @returns ValidationResult with validation status and sanitized content
+     */
+    validateResponse(response: unknown): ValidationResult;
+    /**
+     * Filter sensitive information from text
+     * @param text - The text to filter
+     * @returns Text with sensitive information redacted
+     */
+    filterSensitiveInformation(text: string): string;
+    /**
+     * Check if text contains malicious content
+     * @param text - The text to check
+     * @returns true if malicious content is detected
+     */
+    private containsMaliciousContent;
+    /**
+     * Check if text contains sensitive information
+     * @param text - The text to check
+     * @returns true if sensitive information is detected
+     */
+    private containsSensitiveInformation;
+}
+export {};
+//# sourceMappingURL=MCPSecurityValidator.d.ts.map

package/dist/infrastructure/security/MCPSecurityValidator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"MCPSecurityValidator.d.ts","sourceRoot":"","sources":["../../../src/infrastructure/security/MCPSecurityValidator.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,UAAU,UAAU;IAClB,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAChC;AAED;;GAEG;AACH,UAAU,gBAAgB;IACxB,OAAO,EAAE,OAAO,CAAA;IAChB,iBAAiB,CAAC,EAAE,OAAO,CAAA;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED;;;GAGG;AACH,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAU;IAC5C,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAU;IAC5C,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAQ;;IA+B1C;;;;OAIG;IACH,eAAe,CAAC,OAAO,EAAE,UAAU,GAAG,IAAI;IAc1C;;;;OAIG;IACH,gBAAgB,CAAC,QAAQ,EAAE,OAAO,GAAG,gBAAgB;IA4BrD;;;;OAIG;IACH,0BAA0B,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAqBhD;;;;OAIG;IACH,OAAO,CAAC,wBAAwB;IAIhC;;;;OAIG;IACH,OAAO,CAAC,4BAA4B;CAGrC"}

package/dist/infrastructure/security/MCPSecurityValidator.js ADDED Viewed

@@ -0,0 +1,129 @@
+"use strict";
+/**
+ * MCP Security Validator
+ * Provides comprehensive security validation for MCP communication
+ * Validates requests, responses, and filters sensitive information
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MCPSecurityValidator = void 0;
+/**
+ * MCP Security Validator Implementation
+ * Handles request content security verification and response validation
+ */
+class MCPSecurityValidator {
+    constructor() {
+        this.maxResponseLength = 10000;
+        // Patterns for detecting sensitive information
+        this.sensitivePatterns = [
+            /(?:api[_-]?key|apikey)\s*[:=]\s*['\"]?([a-zA-Z0-9_-]{6,})['\"]?/gi,
+            /(?:password|passwd|pwd)\s*[:=]\s*['\"]?([^\s'"]{6,})['\"]?/gi,
+            /(?:token|bearer)\s*[:=]?\s*['\"]?([a-zA-Z0-9._-]{10,})['\"]?/gi,
+            /(?:secret|private[_-]?key)\s*[:=]\s*['\"]?([a-zA-Z0-9._-]{10,})['\"]?/gi,
+            // Common API key patterns (no capture groups for direct replacement)
+            /sk-[a-zA-Z0-9]{6,}/gi,
+            /pk_[a-zA-Z0-9]{6,}/gi,
+            /rk_[a-zA-Z0-9]{6,}/gi,
+            // JWT tokens (no capture groups for direct replacement)
+            /eyJ[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*\.[a-zA-Z0-9_-]*/gi,
+        ];
+        // Patterns for detecting malicious content
+        this.maliciousPatterns = [
+            /(?:DROP|DELETE|TRUNCATE|UPDATE|INSERT)\s+(?:TABLE|FROM|INTO)/gi,
+            /<script[^>]*>[\s\S]*?<\/script>/gi,
+            /javascript\s*:/gi,
+            /on(?:load|click|error|focus|blur)\s*=/gi,
+            /\${[^}]*}/g, // Template injection
+            /\{\{[^}]*\}\}/g, // Template injection
+            /eval\s*\(/gi,
+            /exec\s*\(/gi,
+            /system\s*\(/gi,
+        ];
+    }
+    /**
+     * Validate request content for security violations
+     * @param request - The MCP request to validate
+     * @throws Error if request contains sensitive or malicious content
+     */
+    validateRequest(request) {
+        const requestString = JSON.stringify(request);
+        // Check for sensitive information
+        if (this.containsSensitiveInformation(requestString)) {
+            throw new Error('Sensitive information detected in request');
+        }
+        // Check for malicious content
+        if (this.containsMaliciousContent(requestString)) {
+            throw new Error('Malicious content detected in request');
+        }
+    }
+    /**
+     * Validate and sanitize response content
+     * @param response - The response to validate
+     * @returns ValidationResult with validation status and sanitized content
+     */
+    validateResponse(response) {
+        try {
+            const responseString = JSON.stringify(response);
+            // Check response size limits
+            if (responseString.length > this.maxResponseLength) {
+                return {
+                    isValid: false,
+                    error: `Response content too large: ${responseString.length} characters exceeds ${this.maxResponseLength} limit`,
+                };
+            }
+            // Check for sensitive information and sanitize
+            const sanitizedString = this.filterSensitiveInformation(responseString);
+            const sanitizedResponse = JSON.parse(sanitizedString);
+            return {
+                isValid: true,
+                sanitizedResponse,
+            };
+        }
+        catch (error) {
+            return {
+                isValid: false,
+                error: `Invalid response format: ${error instanceof Error ? error.message : 'Unknown error'}`,
+            };
+        }
+    }
+    /**
+     * Filter sensitive information from text
+     * @param text - The text to filter
+     * @returns Text with sensitive information redacted
+     */
+    filterSensitiveInformation(text) {
+        let filteredText = text;
+        // Replace sensitive patterns with [REDACTED]
+        for (const pattern of this.sensitivePatterns) {
+            // Reset regex lastIndex to ensure consistent behavior with global flag
+            pattern.lastIndex = 0;
+            filteredText = filteredText.replace(pattern, (match, sensitiveValue) => {
+                // Keep the structure but redact the sensitive value
+                // Check if sensitiveValue is actually a captured group (string) rather than offset (number)
+                if (typeof sensitiveValue === 'string' && sensitiveValue.length > 0) {
+                    return match.replace(sensitiveValue, '[REDACTED]');
+                }
+                // For patterns without capture groups, replace the entire match
+                return '[REDACTED]';
+            });
+        }
+        return filteredText;
+    }
+    /**
+     * Check if text contains malicious content
+     * @param text - The text to check
+     * @returns true if malicious content is detected
+     */
+    containsMaliciousContent(text) {
+        return this.maliciousPatterns.some((pattern) => pattern.test(text));
+    }
+    /**
+     * Check if text contains sensitive information
+     * @param text - The text to check
+     * @returns true if sensitive information is detected
+     */
+    containsSensitiveInformation(text) {
+        return this.sensitivePatterns.some((pattern) => pattern.test(text));
+    }
+}
+exports.MCPSecurityValidator = MCPSecurityValidator;
+//# sourceMappingURL=MCPSecurityValidator.js.map

package/dist/infrastructure/security/MCPSecurityValidator.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"MCPSecurityValidator.js","sourceRoot":"","sources":["../../../src/infrastructure/security/MCPSecurityValidator.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;;AAmBH;;;GAGG;AACH,MAAa,oBAAoB;IAK/B;QAFiB,sBAAiB,GAAG,KAAK,CAAA;QAGxC,+CAA+C;QAC/C,IAAI,CAAC,iBAAiB,GAAG;YACvB,mEAAmE;YACnE,8DAA8D;YAC9D,gEAAgE;YAChE,yEAAyE;YACzE,qEAAqE;YACrE,sBAAsB;YACtB,sBAAsB;YACtB,sBAAsB;YACtB,wDAAwD;YACxD,qDAAqD;SACtD,CAAA;QAED,2CAA2C;QAC3C,IAAI,CAAC,iBAAiB,GAAG;YACvB,gEAAgE;YAChE,mCAAmC;YACnC,kBAAkB;YAClB,yCAAyC;YACzC,YAAY,EAAE,qBAAqB;YACnC,gBAAgB,EAAE,qBAAqB;YACvC,aAAa;YACb,aAAa;YACb,eAAe;SAChB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,OAAmB;QACjC,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAA;QAE7C,kCAAkC;QAClC,IAAI,IAAI,CAAC,4BAA4B,CAAC,aAAa,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAA;QAC9D,CAAC;QAED,8BAA8B;QAC9B,IAAI,IAAI,CAAC,wBAAwB,CAAC,aAAa,CAAC,EAAE,CAAC;YACjD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,gBAAgB,CAAC,QAAiB;QAChC,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAA;YAE/C,6BAA6B;YAC7B,IAAI,cAAc,CAAC,MAAM,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACnD,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,+BAA+B,cAAc,CAAC,MAAM,uBAAuB,IAAI,CAAC,iBAAiB,QAAQ;iBACjH,CAAA;YACH,CAAC;YAED,+CAA+C;YAC/C,MAAM,eAAe,GAAG,IAAI,CAAC,0BAA0B,CAAC,cAAc,CAAC,CAAA;YACvE,MAAM,iBAAiB,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;YAErD,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,iBAAiB;aAClB,CAAA;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,4BAA4B,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAC9F,CAAA;QACH,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,0BAA0B,CAAC,IAAY;QACrC,IAAI,YAAY,GAAG,IAAI,CAAA;QAEvB,6CAA6C;QAC7C,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC7C,uEAAuE;YACvE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAA;YACrB,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,cAAc,EAAE,EAAE;gBACrE,oDAAoD;gBACpD,4FAA4F;gBAC5F,IAAI,OAAO,cAAc,KAAK,QAAQ,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACpE,OAAO,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,YAAY,CAAC,CAAA;gBACpD,CAAC;gBACD,gEAAgE;gBAChE,OAAO,YAAY,CAAA;YACrB,CAAC,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,YAAY,CAAA;IACrB,CAAC;IAED;;;;OAIG;IACK,wBAAwB,CAAC,IAAY;QAC3C,OAAO,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;IACrE,CAAC;IAED;;;;OAIG;IACK,4BAA4B,CAAC,IAAY;QAC/C,OAAO,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;IACrE,CAAC;CACF;AAjID,oDAiIC"}