mcp-security-scanner 1.0.0

package/dist/data/dangerous-sinks.d.ts

@@ -0,0 +1,13 @@
+export interface DangerousSink {
+    name: string;
+    module: string;
+    severity: "critical" | "high" | "medium";
+    category: string;
+    description: string;
+}
+export declare const COMMAND_INJECTION_SINKS: DangerousSink[];
+export declare const CODE_EXECUTION_SINKS: DangerousSink[];
+export declare const SSRF_SINKS: DangerousSink[];
+export declare const PATH_TRAVERSAL_SINKS: DangerousSink[];
+export declare const CRYPTO_WEAK_SINKS: DangerousSink[];
+//# sourceMappingURL=dangerous-sinks.d.ts.map

package/dist/data/dangerous-sinks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dangerous-sinks.d.ts","sourceRoot":"","sources":["../../src/data/dangerous-sinks.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,eAAO,MAAM,uBAAuB,EAAE,aAAa,EAQlD,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,aAAa,EAO/C,CAAC;AAEF,eAAO,MAAM,UAAU,EAAE,aAAa,EAMrC,CAAC;AAEF,eAAO,MAAM,oBAAoB,EAAE,aAAa,EAc/C,CAAC;AAEF,eAAO,MAAM,iBAAiB,EAAE,aAAa,EAI5C,CAAC"}

package/dist/data/dangerous-sinks.js

@@ -0,0 +1,45 @@
+export const COMMAND_INJECTION_SINKS = [
+    { name: "exec", module: "child_process", severity: "critical", category: "command_injection", description: "Executes shell command with full shell interpolation" },
+    { name: "execSync", module: "child_process", severity: "critical", category: "command_injection", description: "Synchronous shell execution" },
+    { name: "spawn", module: "child_process", severity: "high", category: "command_injection", description: "Spawns process (dangerous with shell:true)" },
+    { name: "spawnSync", module: "child_process", severity: "high", category: "command_injection", description: "Synchronous spawn (dangerous with shell:true)" },
+    { name: "execFile", module: "child_process", severity: "medium", category: "command_injection", description: "Executes file (safer but still risky with user input)" },
+    { name: "execFileSync", module: "child_process", severity: "medium", category: "command_injection", description: "Synchronous file execution" },
+    { name: "fork", module: "child_process", severity: "high", category: "command_injection", description: "Forks new Node.js process" },
+];
+export const CODE_EXECUTION_SINKS = [
+    { name: "eval", module: "global", severity: "critical", category: "code_execution", description: "Evaluates arbitrary JavaScript" },
+    { name: "Function", module: "global", severity: "critical", category: "code_execution", description: "Creates function from string (eval equivalent)" },
+    { name: "runInNewContext", module: "vm", severity: "critical", category: "code_execution", description: "Executes code in new V8 context" },
+    { name: "runInThisContext", module: "vm", severity: "critical", category: "code_execution", description: "Executes code in current V8 context" },
+    { name: "compileFunction", module: "vm", severity: "critical", category: "code_execution", description: "Compiles function from string" },
+    { name: "Script", module: "vm", severity: "critical", category: "code_execution", description: "Creates compiled script from string" },
+];
+export const SSRF_SINKS = [
+    { name: "fetch", module: "global", severity: "high", category: "ssrf", description: "HTTP fetch with user-controlled URL" },
+    { name: "get", module: "axios", severity: "high", category: "ssrf", description: "Axios GET request" },
+    { name: "post", module: "axios", severity: "high", category: "ssrf", description: "Axios POST request" },
+    { name: "request", module: "http", severity: "high", category: "ssrf", description: "Node.js HTTP request" },
+    { name: "request", module: "https", severity: "high", category: "ssrf", description: "Node.js HTTPS request" },
+];
+export const PATH_TRAVERSAL_SINKS = [
+    { name: "readFile", module: "fs", severity: "high", category: "path_traversal", description: "Read file with user-controlled path" },
+    { name: "readFileSync", module: "fs", severity: "high", category: "path_traversal", description: "Synchronous file read" },
+    { name: "writeFile", module: "fs", severity: "critical", category: "path_traversal", description: "Write file with user-controlled path" },
+    { name: "writeFileSync", module: "fs", severity: "critical", category: "path_traversal", description: "Synchronous file write" },
+    { name: "readdir", module: "fs", severity: "medium", category: "path_traversal", description: "List directory with user-controlled path" },
+    { name: "readdirSync", module: "fs", severity: "medium", category: "path_traversal", description: "Synchronous directory listing" },
+    { name: "stat", module: "fs", severity: "medium", category: "path_traversal", description: "File stat with user-controlled path" },
+    { name: "access", module: "fs", severity: "medium", category: "path_traversal", description: "File access check" },
+    { name: "unlink", module: "fs", severity: "critical", category: "path_traversal", description: "Delete file with user-controlled path" },
+    { name: "unlinkSync", module: "fs", severity: "critical", category: "path_traversal", description: "Synchronous file deletion" },
+    { name: "mkdir", module: "fs", severity: "medium", category: "path_traversal", description: "Create directory with user-controlled path" },
+    { name: "rmdir", module: "fs", severity: "high", category: "path_traversal", description: "Remove directory with user-controlled path" },
+    { name: "rm", module: "fs", severity: "critical", category: "path_traversal", description: "Recursive file/directory removal" },
+];
+export const CRYPTO_WEAK_SINKS = [
+    { name: "createHash('md5')", module: "crypto", severity: "medium", category: "weak_crypto", description: "MD5 hash (broken for security use)" },
+    { name: "createHash('sha1')", module: "crypto", severity: "medium", category: "weak_crypto", description: "SHA-1 hash (deprecated for security use)" },
+    { name: "Math.random()", module: "global", severity: "high", category: "weak_crypto", description: "Non-cryptographic PRNG used for security" },
+];
+//# sourceMappingURL=dangerous-sinks.js.map

package/dist/data/dangerous-sinks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dangerous-sinks.js","sourceRoot":"","sources":["../../src/data/dangerous-sinks.ts"],"names":[],"mappings":"AAQA,MAAM,CAAC,MAAM,uBAAuB,GAAoB;IACtD,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,sDAAsD,EAAE;IACnK,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,6BAA6B,EAAE;IAC9I,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,4CAA4C,EAAE;IACtJ,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,+CAA+C,EAAE;IAC7J,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,uDAAuD,EAAE;IACtK,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAC/I,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAmB,EAAE,WAAW,EAAE,2BAA2B,EAAE;CACrI,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAoB;IACnD,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,gCAAgC,EAAE;IACnI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,gDAAgD,EAAE;IACvJ,EAAE,IAAI,EAAE,iBAAiB,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,iCAAiC,EAAE;IAC3I,EAAE,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,qCAAqC,EAAE;IAChJ,EAAE,IAAI,EAAE,iBAAiB,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,+BAA+B,EAAE;IACzI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,qCAAqC,EAAE;CACvI,CAAC;AAEF,MAAM,CAAC,MAAM,UAAU,GAAoB;IACzC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,qCAAqC,EAAE;IAC3H,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,mBAAmB,EAAE;IACtG,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,oBAAoB,EAAE;IACxG,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,sBAAsB,EAAE;IAC5G,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,uBAAuB,EAAE;CAC/G,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAoB;IACnD,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,qCAAqC,EAAE;IACpI,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,uBAAuB,EAAE;IAC1H,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,sCAAsC,EAAE;IAC1I,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,wBAAwB,EAAE;IAChI,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,0CAA0C,EAAE;IAC1I,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,+BAA+B,EAAE;IACnI,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,qCAAqC,EAAE;IAClI,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,mBAAmB,EAAE;IAClH,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,uCAAuC,EAAE;IACxI,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,2BAA2B,EAAE;IAChI,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,4CAA4C,EAAE;IAC1I,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,4CAA4C,EAAE;IACxI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,WAAW,EAAE,kCAAkC,EAAE;CAChI,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAoB;IAChD,EAAE,IAAI,EAAE,mBAAmB,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,WAAW,EAAE,oCAAoC,EAAE;IAC/I,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,WAAW,EAAE,0CAA0C,EAAE;IACtJ,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,WAAW,EAAE,0CAA0C,EAAE;CAChJ,CAAC"}

package/dist/data/owasp-mcp-top10.d.ts

@@ -0,0 +1,12 @@
+import type { OwaspMcpId } from "../types/findings.js";
+export interface OwaspCategory {
+    id: OwaspMcpId;
+    title: string;
+    description: string;
+    remediation: string;
+    cwe: string[];
+    references: string[];
+}
+export declare const OWASP_MCP_TOP10: OwaspCategory[];
+export declare function getOwaspCategory(id: OwaspMcpId): OwaspCategory;
+//# sourceMappingURL=owasp-mcp-top10.d.ts.map

package/dist/data/owasp-mcp-top10.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"owasp-mcp-top10.d.ts","sourceRoot":"","sources":["../../src/data/owasp-mcp-top10.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAEvD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,UAAU,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,EAAE,CAAC;IACd,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB;AAED,eAAO,MAAM,eAAe,EAAE,aAAa,EA8G1C,CAAC;AAEF,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,UAAU,GAAG,aAAa,CAE9D"}

package/dist/data/owasp-mcp-top10.js

@@ -0,0 +1,95 @@
+export const OWASP_MCP_TOP10 = [
+    {
+        id: "MCP01",
+        title: "Excessive Privilege & Token Mismanagement",
+        description: "MCP clients or servers operate with broader permissions than necessary. API keys, tokens, or credentials are stored insecurely, shared across unrelated services, or transmitted without adequate protection.",
+        remediation: "Apply least privilege. Store secrets in environment variables, not config files. Rotate tokens regularly. Never embed API keys in CLI arguments.",
+        cwe: ["CWE-269", "CWE-522"],
+        references: [
+            "https://owasp.org/www-project-mcp-top-10/",
+            "https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/4132057/",
+        ],
+    },
+    {
+        id: "MCP02",
+        title: "Tool & Scope Mismanagement",
+        description: "MCP servers expose too many tools, tools with overly broad capabilities, or accept arbitrary input types (any, unrestricted file paths, shell commands). Excessive tool count increases attack surface.",
+        remediation: "Minimize exposed tools. Use strict Zod schemas with allowlists. Limit parameter types. Avoid wildcard patterns in schemas.",
+        cwe: ["CWE-250", "CWE-732"],
+        references: ["https://owasp.org/www-project-mcp-top-10/"],
+    },
+    {
+        id: "MCP03",
+        title: "Tool Poisoning via Description Injection",
+        description: "Malicious or compromised MCP servers embed hidden instructions in tool descriptions that manipulate LLM behavior. Includes prompt injection, ANSI escape sequences, zero-width Unicode characters, and social engineering patterns.",
+        remediation: "Pin tool definitions and verify hashes. Review all tool descriptions manually. Strip control characters. Monitor for description changes.",
+        cwe: ["CWE-94", "CWE-116"],
+        references: [
+            "https://owasp.org/www-project-mcp-top-10/",
+            "https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks",
+        ],
+    },
+    {
+        id: "MCP04",
+        title: "Supply Chain & Dependency Vulnerabilities",
+        description: "MCP servers depend on vulnerable packages, typosquatted dependencies, or packages with malicious install scripts. Unpinned versions allow silent updates.",
+        remediation: "Pin exact versions in lockfiles. Audit install scripts. Check for typosquatting. Monitor advisories. Use npm audit / OSV.",
+        cwe: ["CWE-1357", "CWE-829"],
+        references: ["https://owasp.org/www-project-mcp-top-10/"],
+    },
+    {
+        id: "MCP05",
+        title: "Command Injection & Code Execution",
+        description: "MCP tool handlers pass user-controlled input to dangerous sinks: child_process.exec, eval, new Function, vm.runInNewContext, fs operations with unsanitized paths, fetch with user-controlled URLs (SSRF).",
+        remediation: "Never pass user input to exec/eval. Use execFile with argument arrays. Validate and sanitize all paths against a base directory. Allowlist URLs.",
+        cwe: ["CWE-78", "CWE-94", "CWE-22", "CWE-918"],
+        references: ["https://owasp.org/www-project-mcp-top-10/"],
+    },
+    {
+        id: "MCP06",
+        title: "Context & Tool Shadowing",
+        description: "One MCP server's tool descriptions reference tools from other servers, enabling cross-origin manipulation. Rogue servers register tools with names that shadow legitimate tools (e.g. read_file, bash).",
+        remediation: "Namespace all tools. Monitor for tool name collisions across servers. Flag cross-origin references in descriptions.",
+        cwe: ["CWE-346"],
+        references: [
+            "https://owasp.org/www-project-mcp-top-10/",
+            "https://blog.trailofbits.com/2025/04/22/mcp-security-research/",
+        ],
+    },
+    {
+        id: "MCP07",
+        title: "Insufficient Authentication & Transport Security",
+        description: "MCP servers accept unauthenticated connections, use HTTP instead of HTTPS for remote transport, or expose SSE/WebSocket endpoints without TLS.",
+        remediation: "Require authentication for all remote servers. Use HTTPS/WSS exclusively. Validate OAuth tokens. Bind to localhost for local servers.",
+        cwe: ["CWE-287", "CWE-319"],
+        references: ["https://owasp.org/www-project-mcp-top-10/"],
+    },
+    {
+        id: "MCP08",
+        title: "Insufficient Logging & Error Handling",
+        description: "Tool handlers lack error handling, swallow exceptions silently, expose stack traces in responses, or have no audit logging of tool invocations.",
+        remediation: "Wrap all tool handlers in try-catch. Log tool invocations with timestamps. Never expose err.stack or err.message to clients. Implement rate limiting.",
+        cwe: ["CWE-778", "CWE-209"],
+        references: ["https://owasp.org/www-project-mcp-top-10/"],
+    },
+    {
+        id: "MCP09",
+        title: "Shadow Servers & Unauthorized MCP Endpoints",
+        description: "Unknown or unverified MCP servers in configuration files. Servers using npx -y to auto-install unverified packages. Servers pointing to binaries in writable directories (/tmp).",
+        remediation: "Audit all configured servers. Verify npm package names. Avoid npx -y for unknown packages. Only use servers from trusted sources.",
+        cwe: ["CWE-829", "CWE-494"],
+        references: ["https://owasp.org/www-project-mcp-top-10/"],
+    },
+    {
+        id: "MCP10",
+        title: "Context Over-sharing & Data Exposure",
+        description: "MCP clients share excessive context with servers: all environment variables, sensitive file paths, broad resource access patterns. Servers expose resources with overly permissive URI patterns.",
+        remediation: "Explicitly list env vars per server. Restrict resource URI patterns. Minimize data shared with each server. Apply data minimization principles.",
+        cwe: ["CWE-200", "CWE-532"],
+        references: ["https://owasp.org/www-project-mcp-top-10/"],
+    },
+];
+export function getOwaspCategory(id) {
+    return OWASP_MCP_TOP10.find((c) => c.id === id);
+}
+//# sourceMappingURL=owasp-mcp-top10.js.map

package/dist/data/owasp-mcp-top10.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"owasp-mcp-top10.js","sourceRoot":"","sources":["../../src/data/owasp-mcp-top10.ts"],"names":[],"mappings":"AAWA,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,2CAA2C;QAClD,WAAW,EACT,+MAA+M;QACjN,WAAW,EACT,kJAAkJ;QACpJ,GAAG,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;QAC3B,UAAU,EAAE;YACV,2CAA2C;YAC3C,yEAAyE;SAC1E;KACF;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,4BAA4B;QACnC,WAAW,EACT,yMAAyM;QAC3M,WAAW,EACT,4HAA4H;QAC9H,GAAG,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;QAC3B,UAAU,EAAE,CAAC,2CAA2C,CAAC;KAC1D;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,0CAA0C;QACjD,WAAW,EACT,qOAAqO;QACvO,WAAW,EACT,2IAA2I;QAC7I,GAAG,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC;QAC1B,UAAU,EAAE;YACV,2CAA2C;YAC3C,gFAAgF;SACjF;KACF;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,2CAA2C;QAClD,WAAW,EACT,2JAA2J;QAC7J,WAAW,EACT,2HAA2H;QAC7H,GAAG,EAAE,CAAC,UAAU,EAAE,SAAS,CAAC;QAC5B,UAAU,EAAE,CAAC,2CAA2C,CAAC;KAC1D;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EACT,4MAA4M;QAC9M,WAAW,EACT,kJAAkJ;QACpJ,GAAG,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC;QAC9C,UAAU,EAAE,CAAC,2CAA2C,CAAC;KAC1D;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,0BAA0B;QACjC,WAAW,EACT,yMAAyM;QAC3M,WAAW,EACT,qHAAqH;QACvH,GAAG,EAAE,CAAC,SAAS,CAAC;QAChB,UAAU,EAAE;YACV,2CAA2C;YAC3C,gEAAgE;SACjE;KACF;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,kDAAkD;QACzD,WAAW,EACT,gJAAgJ;QAClJ,WAAW,EACT,uIAAuI;QACzI,GAAG,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;QAC3B,UAAU,EAAE,CAAC,2CAA2C,CAAC;KAC1D;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,uCAAuC;QAC9C,WAAW,EACT,iJAAiJ;QACnJ,WAAW,EACT,uJAAuJ;QACzJ,GAAG,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;QAC3B,UAAU,EAAE,CAAC,2CAA2C,CAAC;KAC1D;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,6CAA6C;QACpD,WAAW,EACT,kLAAkL;QACpL,WAAW,EACT,mIAAmI;QACrI,GAAG,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;QAC3B,UAAU,EAAE,CAAC,2CAA2C,CAAC;KAC1D;IACD;QACE,EAAE,EAAE,OAAO;QACX,KAAK,EAAE,sCAAsC;QAC7C,WAAW,EACT,kMAAkM;QACpM,WAAW,EACT,iJAAiJ;QACnJ,GAAG,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;QAC3B,UAAU,EAAE,CAAC,2CAA2C,CAAC;KAC1D;CACF,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,EAAc;IAC7C,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAE,CAAC;AACnD,CAAC"}

package/dist/data/poisoning-patterns.d.ts

@@ -0,0 +1,15 @@
+export interface PoisoningPattern {
+    name: string;
+    pattern: RegExp;
+    severity: "critical" | "high" | "medium";
+    category: string;
+    description: string;
+}
+export declare const POISONING_PATTERNS: PoisoningPattern[];
+export declare const ANSI_PATTERNS: RegExp[];
+export declare const UNICODE_STEGO_PATTERNS: {
+    name: string;
+    pattern: RegExp;
+    description: string;
+}[];
+//# sourceMappingURL=poisoning-patterns.d.ts.map

package/dist/data/poisoning-patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"poisoning-patterns.d.ts","sourceRoot":"","sources":["../../src/data/poisoning-patterns.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,eAAO,MAAM,kBAAkB,EAAE,gBAAgB,EAoHhD,CAAC;AAGF,eAAO,MAAM,aAAa,EAAE,MAAM,EAQjC,CAAC;AAGF,eAAO,MAAM,sBAAsB,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,EAgB1F,CAAC"}

package/dist/data/poisoning-patterns.js

@@ -0,0 +1,146 @@
+export const POISONING_PATTERNS = [
+    // File read / credential harvesting
+    {
+        name: "File Read Instruction",
+        pattern: /(?:read|cat|open|access|get|fetch|load|include)\s+.*(?:\/etc\/|~\/\.ssh|\.env|credentials|\.aws|\.kube|id_rsa|known_hosts|\.gnupg)/i,
+        severity: "critical",
+        category: "credential_harvesting",
+        description: "Instructs LLM to read sensitive files",
+    },
+    {
+        name: "Home Directory Access",
+        pattern: /(?:read|access|open)\s+.*(?:home\s+directory|user\s+folder|~\/)/i,
+        severity: "high",
+        category: "credential_harvesting",
+        description: "Instructs LLM to access home directory contents",
+    },
+    // Data exfiltration
+    {
+        name: "Data Exfiltration",
+        pattern: /(?:send|post|upload|transmit|forward|exfiltrate)\s+.*(?:content|data|file|secret|token|key|credential|result)/i,
+        severity: "critical",
+        category: "exfiltration",
+        description: "Instructs LLM to transmit data externally",
+    },
+    {
+        name: "URL Parameter Injection",
+        pattern: /(?:include|append|add|insert|embed)\s+.*(?:parameter|query|url|request|header)/i,
+        severity: "high",
+        category: "exfiltration",
+        description: "Instructs LLM to inject data into outbound requests",
+    },
+    // Instruction override
+    {
+        name: "Instruction Override",
+        pattern: /ignore\s+(?:previous|above|all|prior|earlier)\s+(?:instructions|rules|guidelines|prompts)/i,
+        severity: "critical",
+        category: "instruction_override",
+        description: "Attempts to override previous LLM instructions",
+    },
+    {
+        name: "Role Assumption",
+        pattern: /(?:you\s+are\s+now|act\s+as|pretend\s+to\s+be|switch\s+to|assume\s+the\s+role)/i,
+        severity: "high",
+        category: "instruction_override",
+        description: "Attempts to change LLM persona or role",
+    },
+    // System prompt extraction
+    {
+        name: "System Prompt Extraction",
+        pattern: /(?:system\s+prompt|repeat\s+.*instructions|what\s+.*instructions|show\s+.*prompt|reveal\s+.*rules)/i,
+        severity: "high",
+        category: "prompt_extraction",
+        description: "Attempts to extract system prompt or instructions",
+    },
+    // Social engineering
+    {
+        name: "Secrecy Instruction",
+        pattern: /(?:do\s+not\s+tell|don'?t\s+inform|keep\s+.*secret|hide\s+.*from|don'?t\s+mention|never\s+reveal)/i,
+        severity: "critical",
+        category: "social_engineering",
+        description: "Instructs LLM to hide actions from user",
+    },
+    {
+        name: "Urgency Manipulation",
+        pattern: /(?:immediately|urgent|critical|must\s+do\s+now|without\s+delay|right\s+away|do\s+not\s+wait)/i,
+        severity: "medium",
+        category: "social_engineering",
+        description: "Uses urgency to bypass careful evaluation",
+    },
+    // Cross-origin tool manipulation
+    {
+        name: "Cross-Origin Tool Reference",
+        pattern: /(?:when\s+using|before\s+calling|after\s+calling|always\s+.*with\s+the)\s+.*(?:tool|function|command)/i,
+        severity: "high",
+        category: "cross_origin",
+        description: "References tools from other MCP servers",
+    },
+    {
+        name: "Cross-Server Instruction",
+        pattern: /(?:tell\s+the\s+other|pass\s+to|forward\s+to|use\s+the\s+.*server|call\s+the\s+.*server)/i,
+        severity: "high",
+        category: "cross_origin",
+        description: "Instructs cross-server communication",
+    },
+    // Privilege escalation
+    {
+        name: "Privilege Escalation",
+        pattern: /(?:admin|root|sudo|elevated|unrestricted|full\s+access|bypass\s+.*check|skip\s+.*validation)/i,
+        severity: "high",
+        category: "privilege_escalation",
+        description: "Requests elevated privileges or validation bypass",
+    },
+    // Credential harvesting via parameters
+    {
+        name: "Parameter Credential Request",
+        pattern: /(?:password|api.?key|token|secret|credential|auth)\s+.*(?:parameter|field|input|argument)/i,
+        severity: "high",
+        category: "credential_harvesting",
+        description: "Tool schema requests credential-like parameters",
+    },
+    // Encoded payloads
+    {
+        name: "Base64 Encoded Instruction",
+        pattern: /(?:decode|base64|atob)\s*\(/i,
+        severity: "medium",
+        category: "obfuscation",
+        description: "Contains encoded content that may hide instructions",
+    },
+    // Markdown/HTML injection in descriptions
+    {
+        name: "Markdown Image Exfiltration",
+        pattern: /!\[.*?\]\(https?:\/\/.*?\)/,
+        severity: "high",
+        category: "exfiltration",
+        description: "Markdown image tag that could exfiltrate data via URL parameters",
+    },
+];
+// ANSI escape sequence patterns
+export const ANSI_PATTERNS = [
+    /\x1b\[/, // CSI (Control Sequence Introducer)
+    /\x1b\[/, // Octal CSI (using hex equivalent)
+    /\\u001b\[/, // Unicode CSI (literal string)
+    /\\x1b\[/, // Hex CSI (literal string)
+    /\x1b\]/, // OSC (Operating System Command)
+    /\x1b[PX^_]/, // DCS, SOS, PM, APC
+    /[\x00-\x08\x0e-\x1f]/, // C0 control codes (except tab, newline, carriage return)
+];
+// Unicode steganography patterns
+export const UNICODE_STEGO_PATTERNS = [
+    { name: "Zero-Width Space", pattern: /\u200B/, description: "U+200B ZERO WIDTH SPACE" },
+    { name: "Zero-Width Non-Joiner", pattern: /\u200C/, description: "U+200C ZERO WIDTH NON-JOINER" },
+    { name: "Zero-Width Joiner", pattern: /\u200D/, description: "U+200D ZERO WIDTH JOINER" },
+    { name: "Word Joiner", pattern: /\u2060/, description: "U+2060 WORD JOINER" },
+    { name: "Zero-Width No-Break Space", pattern: /\uFEFF/, description: "U+FEFF BOM / ZERO WIDTH NO-BREAK SPACE" },
+    { name: "LTR Mark", pattern: /\u200E/, description: "U+200E LEFT-TO-RIGHT MARK" },
+    { name: "RTL Mark", pattern: /\u200F/, description: "U+200F RIGHT-TO-LEFT MARK" },
+    { name: "LTR Embedding", pattern: /\u202A/, description: "U+202A LEFT-TO-RIGHT EMBEDDING" },
+    { name: "RTL Embedding", pattern: /\u202B/, description: "U+202B RIGHT-TO-LEFT EMBEDDING" },
+    { name: "LTR Override", pattern: /\u202D/, description: "U+202D LEFT-TO-RIGHT OVERRIDE" },
+    { name: "RTL Override", pattern: /\u202E/, description: "U+202E RIGHT-TO-LEFT OVERRIDE" },
+    { name: "Invisible Separator", pattern: /\u2063/, description: "U+2063 INVISIBLE SEPARATOR" },
+    { name: "Invisible Plus", pattern: /\u2064/, description: "U+2064 INVISIBLE PLUS" },
+    { name: "Soft Hyphen", pattern: /\u00AD/, description: "U+00AD SOFT HYPHEN" },
+    { name: "Mongolian Vowel Separator", pattern: /\u180E/, description: "U+180E MONGOLIAN VOWEL SEPARATOR" },
+];
+//# sourceMappingURL=poisoning-patterns.js.map

package/dist/data/poisoning-patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"poisoning-patterns.js","sourceRoot":"","sources":["../../src/data/poisoning-patterns.ts"],"names":[],"mappings":"AAQA,MAAM,CAAC,MAAM,kBAAkB,GAAuB;IACpD,oCAAoC;IACpC;QACE,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,qIAAqI;QAC9I,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,uBAAuB;QACjC,WAAW,EAAE,uCAAuC;KACrD;IACD;QACE,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,WAAW,EAAE,iDAAiD;KAC/D;IACD,oBAAoB;IACpB;QACE,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,gHAAgH;QACzH,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,2CAA2C;KACzD;IACD;QACE,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,iFAAiF;QAC1F,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,qDAAqD;KACnE;IACD,uBAAuB;IACvB;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,4FAA4F;QACrG,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,gDAAgD;KAC9D;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,iFAAiF;QAC1F,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,wCAAwC;KACtD;IACD,2BAA2B;IAC3B;QACE,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,qGAAqG;QAC9G,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,WAAW,EAAE,mDAAmD;KACjE;IACD,qBAAqB;IACrB;QACE,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,oGAAoG;QAC7G,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,oBAAoB;QAC9B,WAAW,EAAE,yCAAyC;KACvD;IACD;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,+FAA+F;QACxG,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,oBAAoB;QAC9B,WAAW,EAAE,2CAA2C;KACzD;IACD,iCAAiC;IACjC;QACE,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,wGAAwG;QACjH,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,yCAAyC;KACvD;IACD;QACE,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,2FAA2F;QACpG,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,sCAAsC;KACpD;IACD,uBAAuB;IACvB;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,+FAA+F;QACxG,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,sBAAsB;QAChC,WAAW,EAAE,mDAAmD;KACjE;IACD,uCAAuC;IACvC;QACE,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,4FAA4F;QACrG,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,WAAW,EAAE,iDAAiD;KAC/D;IACD,mBAAmB;IACnB;QACE,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,8BAA8B;QACvC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,aAAa;QACvB,WAAW,EAAE,qDAAqD;KACnE;IACD,0CAA0C;IAC1C;QACE,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,WAAW,EAAE,kEAAkE;KAChF;CACF,CAAC;AAEF,gCAAgC;AAChC,MAAM,CAAC,MAAM,aAAa,GAAa;IACrC,QAAQ,EAAY,oCAAoC;IACxD,QAAQ,EAAa,mCAAmC;IACxD,WAAW,EAAU,+BAA+B;IACpD,SAAS,EAAY,2BAA2B;IAChD,QAAQ,EAAa,iCAAiC;IACtD,YAAY,EAAS,oBAAoB;IACzC,sBAAsB,EAAG,0DAA0D;CACpF,CAAC;AAEF,iCAAiC;AACjC,MAAM,CAAC,MAAM,sBAAsB,GAA6D;IAC9F,EAAE,IAAI,EAAE,kBAAkB,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,yBAAyB,EAAE;IACvF,EAAE,IAAI,EAAE,uBAAuB,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,8BAA8B,EAAE;IACjG,EAAE,IAAI,EAAE,mBAAmB,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,0BAA0B,EAAE;IACzF,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE;IAC7E,EAAE,IAAI,EAAE,2BAA2B,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,wCAAwC,EAAE;IAC/G,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;IACjF,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;IACjF,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,gCAAgC,EAAE;IAC3F,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,gCAAgC,EAAE;IAC3F,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,+BAA+B,EAAE;IACzF,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,+BAA+B,EAAE;IACzF,EAAE,IAAI,EAAE,qBAAqB,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAC7F,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE;IACnF,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE;IAC7E,EAAE,IAAI,EAAE,2BAA2B,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,kCAAkC,EAAE;CAC1G,CAAC"}

package/dist/data/popular-packages.d.ts

@@ -0,0 +1,2 @@
+export declare const POPULAR_PACKAGES: string[];
+//# sourceMappingURL=popular-packages.d.ts.map

package/dist/data/popular-packages.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"popular-packages.d.ts","sourceRoot":"","sources":["../../src/data/popular-packages.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,gBAAgB,EAAE,MAAM,EAmEpC,CAAC"}

package/dist/data/popular-packages.js

@@ -0,0 +1,71 @@
+// Top npm package names for typosquatting detection
+// Source: npm download statistics (abridged)
+export const POPULAR_PACKAGES = [
+    // Core frameworks & runtimes
+    "express", "react", "vue", "angular", "svelte", "next", "nuxt", "gatsby",
+    "nestjs", "fastify", "koa", "hapi", "restify",
+    // Build & bundling
+    "webpack", "vite", "esbuild", "rollup", "parcel", "turbo", "tsup",
+    "babel-core", "typescript", "ts-node", "tsx",
+    // Testing
+    "jest", "mocha", "chai", "vitest", "cypress", "playwright", "puppeteer",
+    "supertest", "nock", "sinon", "nyc", "istanbul",
+    // Utilities
+    "lodash", "underscore", "ramda", "rxjs", "immer", "date-fns", "moment",
+    "dayjs", "uuid", "nanoid", "ms", "debug", "chalk", "ora", "inquirer",
+    "commander", "yargs", "minimist", "dotenv", "cross-env", "concurrently",
+    // HTTP & networking
+    "axios", "got", "node-fetch", "undici", "superagent", "request",
+    "ws", "socket.io", "socket.io-client",
+    // Database & ORM
+    "mongoose", "sequelize", "typeorm", "prisma", "knex", "pg", "mysql2",
+    "redis", "ioredis", "mongodb", "sqlite3", "better-sqlite3", "drizzle-orm",
+    // Auth & security
+    "jsonwebtoken", "bcrypt", "bcryptjs", "passport", "helmet", "cors",
+    "csurf", "express-rate-limit", "express-session", "cookie-parser",
+    // Validation & schema
+    "zod", "joi", "yup", "ajv", "class-validator", "superstruct",
+    // File & stream
+    "fs-extra", "glob", "globby", "chokidar", "multer", "formidable",
+    "archiver", "unzipper", "tar", "sharp", "jimp",
+    // Logging
+    "winston", "pino", "bunyan", "morgan", "log4js",
+    // Cloud & infra
+    "aws-sdk", "@aws-sdk/client-s3", "firebase", "firebase-admin",
+    "@google-cloud/storage", "@azure/storage-blob",
+    // React ecosystem
+    "react-dom", "react-router", "react-router-dom", "react-query",
+    "@tanstack/react-query", "zustand", "jotai", "recoil", "redux",
+    "react-redux", "@reduxjs/toolkit", "swr", "formik", "react-hook-form",
+    // Vue ecosystem
+    "vuex", "pinia", "vue-router", "@vueuse/core",
+    // CSS & UI
+    "tailwindcss", "postcss", "autoprefixer", "sass", "less", "styled-components",
+    "@emotion/react", "@emotion/styled", "@mui/material", "@chakra-ui/react",
+    "bootstrap", "antd",
+    // Linting & formatting
+    "eslint", "prettier", "stylelint", "lint-staged", "husky",
+    // MCP ecosystem
+    "@modelcontextprotocol/sdk", "mcp", "@anthropic-ai/sdk",
+    // AI & ML
+    "openai", "@langchain/core", "langchain", "llamaindex",
+    // Misc popular
+    "semver", "mime-types", "content-type", "accepts", "negotiator",
+    "qs", "query-string", "url-parse", "path-to-regexp", "minimatch",
+    "micromatch", "picomatch", "ansi-regex", "strip-ansi", "wrap-ansi",
+    "string-width", "cli-table3", "table", "boxen",
+    "execa", "shelljs", "cross-spawn", "npm-run-all",
+    "lru-cache", "node-cache", "keyv", "flat-cache",
+    "cheerio", "jsdom", "htmlparser2", "css-select",
+    "marked", "markdown-it", "remark", "rehype",
+    "nodemailer", "handlebars", "ejs", "pug", "nunjucks",
+    "cron", "node-cron", "bull", "bullmq", "agenda",
+    "p-limit", "p-queue", "p-map", "p-retry", "async",
+    "signal-exit", "on-exit", "exit-hook",
+    "body-parser", "compression", "serve-static", "connect",
+    "http-proxy", "http-proxy-middleware", "express-http-proxy",
+    "graphql", "apollo-server", "@apollo/client",
+    "three", "d3", "chart.js", "echarts",
+    "electron", "tauri",
+];
+//# sourceMappingURL=popular-packages.js.map

package/dist/data/popular-packages.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"popular-packages.js","sourceRoot":"","sources":["../../src/data/popular-packages.ts"],"names":[],"mappings":"AAAA,oDAAoD;AACpD,6CAA6C;AAC7C,MAAM,CAAC,MAAM,gBAAgB,GAAa;IACxC,6BAA6B;IAC7B,SAAS,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ;IACxE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS;IAC7C,mBAAmB;IACnB,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM;IACjE,YAAY,EAAE,YAAY,EAAE,SAAS,EAAE,KAAK;IAC5C,UAAU;IACV,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW;IACvE,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU;IAC/C,YAAY;IACZ,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ;IACtE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU;IACpE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc;IACvE,oBAAoB;IACpB,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,SAAS;IAC/D,IAAI,EAAE,WAAW,EAAE,kBAAkB;IACrC,iBAAiB;IACjB,UAAU,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ;IACpE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,gBAAgB,EAAE,aAAa;IACzE,kBAAkB;IAClB,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM;IAClE,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,eAAe;IACjE,sBAAsB;IACtB,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,aAAa;IAC5D,gBAAgB;IAChB,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,YAAY;IAChE,UAAU,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM;IAC9C,UAAU;IACV,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ;IAC/C,gBAAgB;IAChB,SAAS,EAAE,oBAAoB,EAAE,UAAU,EAAE,gBAAgB;IAC7D,uBAAuB,EAAE,qBAAqB;IAC9C,kBAAkB;IAClB,WAAW,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa;IAC9D,uBAAuB,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO;IAC9D,aAAa,EAAE,kBAAkB,EAAE,KAAK,EAAE,QAAQ,EAAE,iBAAiB;IACrE,gBAAgB;IAChB,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc;IAC7C,WAAW;IACX,aAAa,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,mBAAmB;IAC7E,gBAAgB,EAAE,iBAAiB,EAAE,eAAe,EAAE,kBAAkB;IACxE,WAAW,EAAE,MAAM;IACnB,uBAAuB;IACvB,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,aAAa,EAAE,OAAO;IACzD,gBAAgB;IAChB,2BAA2B,EAAE,KAAK,EAAE,mBAAmB;IACvD,UAAU;IACV,QAAQ,EAAE,iBAAiB,EAAE,WAAW,EAAE,YAAY;IACtD,eAAe;IACf,QAAQ,EAAE,YAAY,EAAE,cAAc,EAAE,SAAS,EAAE,YAAY;IAC/D,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,gBAAgB,EAAE,WAAW;IAChE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,WAAW;IAClE,cAAc,EAAE,YAAY,EAAE,OAAO,EAAE,OAAO;IAC9C,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,aAAa;IAChD,WAAW,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IAC/C,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,YAAY;IAC/C,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ;IAC3C,YAAY,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU;IACpD,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ;IAC/C,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO;IACjD,aAAa,EAAE,SAAS,EAAE,WAAW;IACrC,aAAa,EAAE,aAAa,EAAE,cAAc,EAAE,SAAS;IACvD,YAAY,EAAE,uBAAuB,EAAE,oBAAoB;IAC3D,SAAS,EAAE,eAAe,EAAE,gBAAgB;IAC5C,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS;IACpC,UAAU,EAAE,OAAO;CACpB,CAAC"}

package/dist/data/secret-patterns.d.ts

@@ -0,0 +1,8 @@
+export interface SecretPattern {
+    name: string;
+    pattern: RegExp;
+    severity: "critical" | "high" | "medium";
+    description: string;
+}
+export declare const SECRET_PATTERNS: SecretPattern[];
+//# sourceMappingURL=secret-patterns.d.ts.map

package/dist/data/secret-patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-patterns.d.ts","sourceRoot":"","sources":["../../src/data/secret-patterns.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,eAAO,MAAM,eAAe,EAAE,aAAa,EA+H1C,CAAC"}

package/dist/data/secret-patterns.js

@@ -0,0 +1,129 @@
+export const SECRET_PATTERNS = [
+    {
+        name: "AWS Access Key",
+        pattern: /(AKIA|AGPA|AIDA|AROA)[A-Z0-9]{16}/,
+        severity: "critical",
+        description: "AWS IAM access key ID",
+    },
+    {
+        name: "AWS Secret Key",
+        pattern: /(?:aws_secret_access_key|aws_secret)\s*[=:]\s*['"]?[A-Za-z0-9/+=]{40}['"]?/i,
+        severity: "critical",
+        description: "AWS secret access key",
+    },
+    {
+        name: "GitHub Token (ghp/ghs)",
+        pattern: /gh[ps]_[A-Za-z0-9_]{36,}/,
+        severity: "critical",
+        description: "GitHub personal access or server token",
+    },
+    {
+        name: "GitHub OAuth Token",
+        pattern: /gho_[A-Za-z0-9_]{36,}/,
+        severity: "high",
+        description: "GitHub OAuth access token",
+    },
+    {
+        name: "Slack Token",
+        pattern: /xox[bporas]-[0-9]{10,13}-[0-9a-zA-Z]{10,48}/,
+        severity: "critical",
+        description: "Slack bot, user, or app token",
+    },
+    {
+        name: "Stripe Live Key",
+        pattern: /sk_live_[0-9a-zA-Z]{24,99}/,
+        severity: "critical",
+        description: "Stripe live secret key",
+    },
+    {
+        name: "Stripe Publishable Key",
+        pattern: /pk_live_[0-9a-zA-Z]{24,99}/,
+        severity: "medium",
+        description: "Stripe publishable key (lower risk but still sensitive)",
+    },
+    {
+        name: "Google API Key",
+        pattern: /AIza[0-9A-Za-z_-]{35}/,
+        severity: "high",
+        description: "Google API key",
+    },
+    {
+        name: "SendGrid API Key",
+        pattern: /SG\.[0-9A-Za-z_-]{22}\.[0-9A-Za-z_-]{43}/,
+        severity: "critical",
+        description: "SendGrid API key",
+    },
+    {
+        name: "Twilio API Key",
+        pattern: /SK[a-f0-9]{32}/,
+        severity: "high",
+        description: "Twilio API key SID",
+    },
+    {
+        name: "Private Key Header",
+        pattern: /-----BEGIN\s+(RSA|DSA|EC|PGP|OPENSSH)\s+PRIVATE\s+KEY-----/,
+        severity: "critical",
+        description: "Private key material",
+    },
+    {
+        name: "JWT Token",
+        pattern: /eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}/,
+        severity: "medium",
+        description: "JSON Web Token (may contain sensitive claims)",
+    },
+    {
+        name: "NPM Token",
+        pattern: /npm_[A-Za-z0-9]{36}/,
+        severity: "critical",
+        description: "npm publish token",
+    },
+    {
+        name: "Anthropic API Key",
+        pattern: /sk-ant-[A-Za-z0-9_-]{40,}/,
+        severity: "critical",
+        description: "Anthropic Claude API key",
+    },
+    {
+        name: "OpenAI API Key",
+        pattern: /sk-[A-Za-z0-9]{48,}/,
+        severity: "critical",
+        description: "OpenAI API key",
+    },
+    {
+        name: "Database URL",
+        pattern: /(?:postgres|mysql|mongodb|redis):\/\/[^:]+:[^@]+@/i,
+        severity: "critical",
+        description: "Database connection string with embedded credentials",
+    },
+    {
+        name: "Generic Password Assignment",
+        pattern: /(?:password|passwd|pwd)\s*[=:]\s*['"][^'"]{8,}['"]/i,
+        severity: "high",
+        description: "Hardcoded password in variable assignment",
+    },
+    {
+        name: "Generic API Key Assignment",
+        pattern: /(?:api[_-]?key|apikey|api[_-]?secret)\s*[=:]\s*['"][A-Za-z0-9_\-]{16,}['"]/i,
+        severity: "high",
+        description: "Hardcoded API key in variable assignment",
+    },
+    {
+        name: "Mailgun API Key",
+        pattern: /key-[0-9a-zA-Z]{32}/,
+        severity: "high",
+        description: "Mailgun API key",
+    },
+    {
+        name: "Heroku API Key",
+        pattern: /[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}/,
+        severity: "medium",
+        description: "Possible Heroku API key or UUID with secrets context",
+    },
+    {
+        name: "Generic Token Assignment",
+        pattern: /(?:token|secret|credential)\s*[=:]\s*['"][A-Za-z0-9_\-.]{20,}['"]/i,
+        severity: "medium",
+        description: "Hardcoded token or secret in variable assignment",
+    },
+];
+//# sourceMappingURL=secret-patterns.js.map

package/dist/data/secret-patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-patterns.js","sourceRoot":"","sources":["../../src/data/secret-patterns.ts"],"names":[],"mappings":"AAOA,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,uBAAuB;KACrC;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,6EAA6E;QACtF,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,uBAAuB;KACrC;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wCAAwC;KACtD;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,2BAA2B;KACzC;IACD;QACE,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,+BAA+B;KAC7C;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wBAAwB;KACtC;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,yDAAyD;KACvE;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,gBAAgB;KAC9B;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,0CAA0C;QACnD,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,kBAAkB;KAChC;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,gBAAgB;QACzB,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,oBAAoB;KAClC;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,4DAA4D;QACrE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,sBAAsB;KACpC;IACD;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,+CAA+C;KAC7D;IACD;QACE,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,qBAAqB;QAC9B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,mBAAmB;KACjC;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,0BAA0B;KACxC;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,qBAAqB;QAC9B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gBAAgB;KAC9B;IACD;QACE,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,oDAAoD;QAC7D,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,sDAAsD;KACpE;IACD;QACE,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,qDAAqD;QAC9D,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,2CAA2C;KACzD;IACD;QACE,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,6EAA6E;QACtF,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,0CAA0C;KACxD;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,qBAAqB;QAC9B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,iBAAiB;KAC/B;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,6EAA6E;QACtF,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,sDAAsD;KACpE;IACD;QACE,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,kDAAkD;KAChE;CACF,CAAC"}

package/dist/deps/index.d.ts

@@ -0,0 +1,3 @@
+import type { ToolDef } from "../types/index.js";
+export declare const depsTools: ToolDef[];
+//# sourceMappingURL=index.d.ts.map

package/dist/deps/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/deps/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAqVjD,eAAO,MAAM,SAAS,EAAE,OAAO,EAQ9B,CAAC"}