mythos-sentinel 0.1.0

package/src/mcp/server.js

@@ -0,0 +1,226 @@
+import readline from 'node:readline';
+import { scanPath } from '../scanner/scan.js';
+import { loadPolicy, checkPayment, checkCommand, checkFilesystemAccess, checkNetwork } from '../core/policy.js';
+import { createSnapshot } from '../core/snapshot.js';
+import { loadRouteScoreServices, recommendService, routeService, serviceForDomain, scoreService, listServiceCategories } from '../core/routescore.js';
+import { VERSION } from '../version.js';
+import { normalizeX402Receipt } from '../core/x402-receipts.js';
+
+const tools = [
+  {
+    name: 'sentinel_scan_path',
+    description: 'Scan an agent skill, MCP server, repository, or folder for risky commands, prompt injection, secrets, wallet access, and policy violations.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        path: { type: 'string', description: 'Path to scan. Defaults to current directory.' },
+        policyPath: { type: 'string', description: 'Path to mythos.policy.json.' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_check_x402_payment',
+    description: 'Check whether an x402/Base payment is allowed by the local Sentinel policy.',
+    inputSchema: {
+      type: 'object',
+      required: ['domain', 'amountUSDC'],
+      properties: {
+        domain: { type: 'string' },
+        amountUSDC: { type: 'number' },
+        dailySpentUSDC: { type: 'number' },
+        policyPath: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_check_command',
+    description: 'Check whether a shell command is allowed, blocked, or requires approval by the local Sentinel policy.',
+    inputSchema: {
+      type: 'object',
+      required: ['command'],
+      properties: {
+        command: { type: 'string' },
+        policyPath: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_check_file',
+    description: 'Check whether an agent can read or write a file path under the local Sentinel policy.',
+    inputSchema: {
+      type: 'object',
+      required: ['path'],
+      properties: {
+        path: { type: 'string' },
+        operation: { type: 'string', enum: ['read', 'write'] },
+        policyPath: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_check_network',
+    description: 'Check whether network access to a domain is allowed by the local Sentinel policy.',
+    inputSchema: {
+      type: 'object',
+      required: ['domain'],
+      properties: {
+        domain: { type: 'string' },
+        policyPath: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_recommend_x402_service',
+    description: 'Recommend a seed x402/Base paid API by category, price, and RouteScore before an agent spends money.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        category: { type: 'string', description: 'Example: web_search, content_extraction, inference, web3_data, wallet_intel.' },
+        maxPriceUSDC: { type: 'number', description: 'Maximum acceptable price per call.' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_route_x402_service',
+    description: 'Select the best known x402 service plus fallback services by category, price, query, and local RouteScore telemetry.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        category: { type: 'string', description: 'Example: web_search, content_extraction, inference, web3_data, wallet_intel.' },
+        maxPriceUSDC: { type: 'number', description: 'Maximum acceptable price per call.' },
+        query: { type: 'string', description: 'Optional semantic keyword filter over local/imported services.' },
+        minScore: { type: 'number', description: 'Optional minimum RouteScore required for selected/fallback services.' },
+        policyPath: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_list_service_categories',
+    description: 'List supported RouteScore service categories and aliases for routing paid agent APIs.',
+    inputSchema: { type: 'object', properties: {} }
+  },
+  {
+    name: 'sentinel_parse_x402_receipt',
+    description: 'Normalize an x402 payment receipt or payment-response payload without storing prompts, responses, secrets, or wallet balances.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        receipt: { type: 'object', description: 'x402 receipt/payment response JSON.' },
+        raw: { type: 'string', description: 'Optional raw/base64 payment response blob.' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_score_x402_domain',
+    description: 'Return the seed catalog score for a payment domain if Sentinel knows it.',
+    inputSchema: {
+      type: 'object',
+      required: ['domain'],
+      properties: {
+        domain: { type: 'string' }
+      }
+    }
+  },
+  {
+    name: 'sentinel_snapshot',
+    description: 'Create a hash snapshot of a workspace before an agent changes files.',
+    inputSchema: {
+      type: 'object',
+      properties: {
+        path: { type: 'string', description: 'Path to snapshot. Defaults to current directory.' }
+      }
+    }
+  }
+];
+
+export async function runMcpServer({ input = process.stdin, output = process.stdout } = {}) {
+  const rl = readline.createInterface({ input, crlfDelay: Infinity });
+  for await (const line of rl) {
+    const trimmed = line.trim();
+    if (!trimmed) continue;
+    let message;
+    try {
+      message = JSON.parse(trimmed);
+      const response = await handleMessage(message);
+      if (response) output.write(`${JSON.stringify(response)}\n`);
+    } catch (error) {
+      const id = message?.id ?? null;
+      output.write(`${JSON.stringify({ jsonrpc: '2.0', id, error: { code: -32000, message: error.message } })}\n`);
+    }
+  }
+}
+
+export async function handleMessage(message) {
+  const { id, method, params = {} } = message;
+  if (!method || id === undefined) return null;
+  if (method === 'initialize') {
+    return result(id, {
+      protocolVersion: params.protocolVersion || '2025-06-18',
+      serverInfo: { name: 'mythos-sentinel', version: VERSION },
+      capabilities: { tools: {} }
+    });
+  }
+  if (method === 'tools/list') return result(id, { tools });
+  if (method === 'tools/call') return result(id, await callTool(params.name, params.arguments || {}));
+  return { jsonrpc: '2.0', id, error: { code: -32601, message: `Method not found: ${method}` } };
+}
+
+async function callTool(name, args) {
+  const policy = await loadPolicy(args.policyPath || 'mythos.policy.json');
+  if (name === 'sentinel_scan_path') {
+    const report = await scanPath(args.path || '.', { policy });
+    return content(report);
+  }
+  if (name === 'sentinel_check_x402_payment') {
+    const services = await loadRouteScoreServices({ rootDir: process.cwd() });
+    const matched = serviceForDomain(args.domain, services);
+    const score = matched ? scoreService(matched).score : args.routeScore;
+    const decision = checkPayment({ domain: args.domain, amountUSDC: args.amountUSDC, dailySpentUSDC: args.dailySpentUSDC || 0, unknownDailySpentUSDC: args.unknownDailySpentUSDC || 0, routeScore: score, category: args.category, knownService: Boolean(matched) }, policy);
+    return content(decision);
+  }
+  if (name === 'sentinel_check_command') {
+    return content(checkCommand({ command: args.command }, policy));
+  }
+  if (name === 'sentinel_check_file') {
+    return content(checkFilesystemAccess({ filePath: args.path, operation: args.operation || 'read' }, policy));
+  }
+  if (name === 'sentinel_check_network') {
+    return content(checkNetwork({ domain: args.domain }, policy));
+  }
+  if (name === 'sentinel_recommend_x402_service') {
+    const services = await loadRouteScoreServices({ rootDir: process.cwd() });
+    return content(recommendService({ category: args.category, maxPriceUSDC: args.maxPriceUSDC, query: args.query, services }));
+  }
+  if (name === 'sentinel_route_x402_service') {
+    const services = await loadRouteScoreServices({ rootDir: process.cwd() });
+    return content(routeService({ category: args.category, maxPriceUSDC: args.maxPriceUSDC, query: args.query, minScore: args.minScore || 0, services }));
+  }
+  if (name === 'sentinel_list_service_categories') {
+    return content({ ok: true, categories: listServiceCategories() });
+  }
+  if (name === 'sentinel_parse_x402_receipt') {
+    return content(normalizeX402Receipt(args.receipt || args.raw || args, { source: 'mcp' }));
+  }
+  if (name === 'sentinel_score_x402_domain') {
+    const services = await loadRouteScoreServices({ rootDir: process.cwd() });
+    const matched = serviceForDomain(args.domain, services);
+    return content(matched ? scoreService(matched) : { ok: false, decision: 'unknown', domain: args.domain, reasons: ['domain is not in the local RouteScore catalog'] });
+  }
+  if (name === 'sentinel_snapshot') {
+    const snapshot = await createSnapshot(args.path || '.');
+    return content(snapshot);
+  }
+  throw new Error(`Unknown tool: ${name}`);
+}
+
+function content(data) {
+  return {
+    content: [{ type: 'text', text: JSON.stringify(data, null, 2) }],
+    structuredContent: data,
+    isError: data.ok === false || data.summary?.ok === false
+  };
+}
+
+function result(id, value) {
+  return { jsonrpc: '2.0', id, result: value };
+}

package/src/report/format.js

@@ -0,0 +1,53 @@
+import { SEVERITY_ORDER } from '../core/policy.js';
+
+const SYMBOLS = {
+  info: 'ℹ',
+  low: '◦',
+  medium: '▲',
+  high: '◆',
+  critical: '✖'
+};
+
+export function formatScanReport(report) {
+  const { summary, files, findings } = report;
+  const lines = [];
+  lines.push('');
+  lines.push('Mythos Sentinel Report');
+  lines.push('======================');
+  lines.push(`Target: ${report.target}`);
+  lines.push(`Files: ${files.scanned}/${files.total} scanned, ${files.skipped} skipped`);
+  lines.push(`Findings: ${summary.findingCount} | Highest: ${summary.highestSeverity.toUpperCase()} | Status: ${summary.ok ? 'PASS' : 'FAIL'}`);
+  if (!findings.length) {
+    lines.push('');
+    lines.push('No findings.');
+    return lines.join('\n');
+  }
+  lines.push('');
+  for (const finding of sortFindings(findings)) {
+    lines.push(`${SYMBOLS[finding.severity] || '!'} [${finding.severity.toUpperCase()}] ${finding.id} ${finding.title}`);
+    lines.push(`  ${finding.file}:${finding.line}`);
+    if (finding.evidence) lines.push(`  evidence: ${finding.evidence}`);
+    lines.push(`  fix: ${finding.recommendation}`);
+    lines.push('');
+  }
+  return lines.join('\n');
+}
+
+export function formatPaymentDecision(decision) {
+  const lines = [];
+  lines.push(`Decision: ${decision.decision.toUpperCase()} ${decision.ok ? '✅' : '⛔'}`);
+  if (decision.subject) lines.push(`Subject: ${decision.subject}`);
+  if (decision.trustTier) lines.push(`Trust: ${decision.trustTier}`);
+  if (decision.amountUSDC !== undefined) lines.push(`Amount: ${decision.amountUSDC} USDC`);
+  if (decision.routeScore !== undefined && decision.routeScore !== null) lines.push(`RouteScore: ${decision.routeScore}/100`);
+  for (const reason of decision.reasons || []) lines.push(`- ${reason}`);
+  return lines.join('\n');
+}
+
+function sortFindings(findings) {
+  return [...findings].sort((a, b) => {
+    const s = SEVERITY_ORDER.indexOf(b.severity) - SEVERITY_ORDER.indexOf(a.severity);
+    if (s) return s;
+    return `${a.file}:${a.line}`.localeCompare(`${b.file}:${b.line}`);
+  });
+}

package/src/report/sarif.js

@@ -0,0 +1,50 @@
+export function toSarif(report) {
+  const rules = new Map();
+  for (const finding of report.findings) {
+    if (!rules.has(finding.id)) {
+      rules.set(finding.id, {
+        id: finding.id,
+        name: finding.title,
+        shortDescription: { text: finding.title },
+        fullDescription: { text: finding.recommendation },
+        properties: { category: finding.category, tags: finding.tags || [], severity: finding.severity }
+      });
+    }
+  }
+
+  return {
+    version: '2.1.0',
+    $schema: 'https://json.schemastore.org/sarif-2.1.0.json',
+    runs: [
+      {
+        tool: {
+          driver: {
+            name: 'Mythos Sentinel',
+            informationUri: 'https://github.com/thewaltero/mythos-sentinel',
+            rules: [...rules.values()]
+          }
+        },
+        results: report.findings.map((finding) => ({
+          ruleId: finding.id,
+          level: sarifLevel(finding.severity),
+          message: { text: `${finding.title}. ${finding.recommendation}` },
+          locations: [
+            {
+              physicalLocation: {
+                artifactLocation: { uri: finding.file },
+                region: { startLine: finding.line || 1 }
+              }
+            }
+          ],
+          properties: { severity: finding.severity, category: finding.category, evidence: finding.evidence }
+        }))
+      }
+    ]
+  };
+}
+
+function sarifLevel(severity) {
+  if (severity === 'critical' || severity === 'high') return 'error';
+  if (severity === 'medium') return 'warning';
+  return 'note';
+}

package/src/scanner/rules.js

@@ -0,0 +1,185 @@
+export const CONTENT_RULES = [
+  {
+    id: 'MS-SECRET-001',
+    title: 'Private key material detected',
+    severity: 'critical',
+    category: 'secrets',
+    pattern: /-----BEGIN (RSA |OPENSSH |EC |DSA |)?PRIVATE KEY-----/i,
+    recommendation: 'Remove private key material, rotate the key, and use a secret manager.',
+    tags: ['secret', 'credential', 'wallet-risk']
+  },
+  {
+    id: 'MS-SECRET-002',
+    title: 'Potential wallet or API secret variable',
+    severity: 'critical',
+    category: 'secrets',
+    pattern: /\b(PRIVATE_KEY|WALLET_PRIVATE_KEY|MNEMONIC|SEED_PHRASE|CDP_API_KEY_SECRET|OPENAI_API_KEY|ANTHROPIC_API_KEY)\b\s*[:=]\s*['\"]?[^\s'\"]{12,}/i,
+    recommendation: 'Move secrets into a secret manager and never package them inside agent skills.',
+    tags: ['secret', 'api-key', 'wallet-risk']
+  },
+  {
+    id: 'MS-CMD-001',
+    title: 'Remote script piped into shell',
+    severity: 'critical',
+    category: 'command-execution',
+    pattern: /\b(curl|wget)\b[^\n|;]+\|\s*(sudo\s+)?(bash|sh|zsh)\b/i,
+    recommendation: 'Do not pipe remote content directly into a shell. Pin and inspect installers.',
+    tags: ['supply-chain', 'rce']
+  },
+  {
+    id: 'MS-CMD-002',
+    title: 'Dangerous recursive delete command',
+    severity: 'critical',
+    category: 'command-execution',
+    pattern: /\brm\s+-rf\s+(\/|~|\$HOME|\.\.\/)/i,
+    recommendation: 'Require explicit human approval for destructive commands.',
+    tags: ['destructive', 'shell']
+  },
+  {
+    id: 'MS-CMD-004',
+    title: 'World-writable permission change',
+    severity: 'high',
+    category: 'command-execution',
+    pattern: /\bchmod\s+(?:-R\s+)?777\b/i,
+    recommendation: 'Avoid world-writable permissions. Use least-privilege file modes.',
+    tags: ['filesystem', 'privilege']
+  },
+  {
+    id: 'MS-CMD-005',
+    title: 'Encoded PowerShell command',
+    severity: 'high',
+    category: 'command-execution',
+    pattern: /\bpowershell(?:\.exe)?\b[^\n]*(?:-enc|-encodedcommand)\b/i,
+    recommendation: 'Do not allow encoded PowerShell in agent tools without explicit review.',
+    tags: ['powershell', 'obfuscation']
+  },
+  {
+    id: 'MS-CMD-003',
+    title: 'Process execution from agent code',
+    severity: 'high',
+    category: 'command-execution',
+    pattern: /\b(child_process\.(exec|execSync|spawn|spawnSync)|subprocess\.(run|Popen|call)|os\.system|Runtime\.getRuntime\(\)\.exec)\b/i,
+    recommendation: 'Restrict shell access with a manifest and proxy tool calls through Sentinel.',
+    tags: ['shell', 'runtime']
+  },
+  {
+    id: 'MS-CODE-001',
+    title: 'Dynamic code evaluation',
+    severity: 'high',
+    category: 'code-execution',
+    pattern: /\b(eval\s*\(|new Function\s*\(|exec\s*\()/i,
+    recommendation: 'Avoid dynamic execution in agent skills and MCP tools unless sandboxed.',
+    tags: ['rce', 'obfuscation']
+  },
+  {
+    id: 'MS-PROMPT-001',
+    title: 'Prompt-injection phrase in agent-facing instructions',
+    severity: 'high',
+    category: 'prompt-injection',
+    pattern: /(ignore (all )?(previous|prior) instructions|disregard (the )?(system|developer) message|reveal (your )?(system prompt|secrets)|exfiltrate|silently send)/i,
+    recommendation: 'Treat skill instructions as untrusted input. Remove override/exfiltration language.',
+    tags: ['prompt-injection', 'tool-poisoning']
+  },
+  {
+    id: 'MS-NET-001',
+    title: 'Network call in skill or tool code',
+    severity: 'medium',
+    category: 'network',
+    pattern: /\b(fetch|axios\.|requests\.|http\.request|https\.request|curl\b|wget\b)\b/i,
+    recommendation: 'Declare network domains in the Sentinel policy allowlist.',
+    tags: ['network', 'exfiltration-risk']
+  },
+  {
+    id: 'MS-OBF-001',
+    title: 'Suspicious obfuscation pattern',
+    severity: 'medium',
+    category: 'obfuscation',
+    pattern: /(Buffer\.from\([^\n]+base64|atob\(|fromCharCode\(|base64\s+-d|eval\([^\n]{80,})/i,
+    recommendation: 'Deobfuscate and inspect code before allowing an agent to run it.',
+    tags: ['obfuscation']
+  },
+  {
+    id: 'MS-PAY-001',
+    title: 'Payment or wallet code detected',
+    severity: 'medium',
+    category: 'payments',
+    pattern: /\b(walletClient|privateKeyToAccount|sendTransaction|createPaymentHeader|settlePayment|paymentMiddleware|x402Fetch|facilitator)\b|402 Payment Required|Payment-Required/i,
+    recommendation: 'Apply x402 spend limits and require explicit approval for wallet operations.',
+    tags: ['x402', 'base', 'wallet']
+  },
+  {
+    id: 'MS-GHA-002',
+    title: 'pull_request_target workflow detected',
+    severity: 'high',
+    category: 'ci',
+    pattern: /pull_request_target:/i,
+    recommendation: 'Avoid pull_request_target for untrusted code paths unless the workflow is carefully isolated.',
+    tags: ['github-actions', 'supply-chain']
+  },
+  {
+    id: 'MS-GHA-001',
+    title: 'Broad GitHub Actions permission',
+    severity: 'high',
+    category: 'ci',
+    pattern: /permissions:\s*[\r\n]+(?:\s+\w+-token:\s+write\s*[\r\n]+|\s+contents:\s+write\s*[\r\n]+|\s+actions:\s+write\s*[\r\n]+){2,}|permissions:\s*write-all/i,
+    recommendation: 'Use least-privilege GitHub Actions permissions.',
+    tags: ['github-actions', 'supply-chain']
+  },
+  {
+    id: 'MS-MCP-001',
+    title: 'MCP server command launches a shell',
+    severity: 'medium',
+    category: 'mcp',
+    pattern: /\"command\"\s*:\s*\"(?:bash|sh|zsh|powershell|cmd(?:\.exe)?)\"/i,
+    recommendation: 'Prefer direct executable commands over shell wrappers for MCP servers.',
+    tags: ['mcp', 'tooling']
+  },
+  {
+    id: 'MS-NPM-001',
+    title: 'Package lifecycle script detected',
+    severity: 'medium',
+    category: 'supply-chain',
+    pattern: /"(preinstall|install|postinstall|prepare)"\s*:\s*"[^"]+"/i,
+    recommendation: 'Review package lifecycle scripts before agent installation.',
+    tags: ['npm', 'supply-chain']
+  }
+];
+
+export const PATH_RULES = [
+  {
+    id: 'MS-FS-001',
+    title: 'Sensitive environment file included',
+    severity: 'high',
+    category: 'filesystem',
+    pattern: /(^|\/)\.env(\.|$)/i,
+    recommendation: 'Do not expose .env files to agents or package them in skills.',
+    tags: ['secrets', 'filesystem']
+  },
+  {
+    id: 'MS-FS-002',
+    title: 'SSH key path included',
+    severity: 'critical',
+    category: 'filesystem',
+    pattern: /(^|\/)(id_rsa|id_ed25519|\.ssh)(\/|$)/i,
+    recommendation: 'Never let agents read SSH private keys.',
+    tags: ['ssh', 'credential']
+  },
+  {
+    id: 'MS-FS-004',
+    title: 'Wallet or keystore file path included',
+    severity: 'critical',
+    category: 'filesystem',
+    pattern: /(^|\/)(wallet\.json|keystore|UTC--|seed\.txt|mnemonic\.txt)(\/|$)/i,
+    recommendation: 'Keep wallet and keystore files outside agent-accessible workspaces.',
+    tags: ['wallet', 'credential']
+  },
+  {
+    id: 'MS-FS-003',
+    title: 'Private key file extension included',
+    severity: 'critical',
+    category: 'filesystem',
+    pattern: /\.(pem|key|p12|pfx)$/i,
+    recommendation: 'Move private key files out of the agent-accessible workspace.',
+    tags: ['secret', 'credential']
+  }
+];

package/src/scanner/scan.js

@@ -0,0 +1,118 @@
+import fs from 'node:fs/promises';
+import path from 'node:path';
+import { walkFiles, readTextMaybe, sha256File } from '../core/fs.js';
+import { matchesAnyGlob } from '../core/path-utils.js';
+import { CONTENT_RULES, PATH_RULES } from './rules.js';
+import { VERSION } from '../version.js';
+import { evaluateFindings } from '../core/policy.js';
+
+export async function scanPath(targetPath = '.', options = {}) {
+  const root = path.resolve(targetPath);
+  const policy = options.policy || {};
+  const startedAt = new Date().toISOString();
+  const ignore = [
+    ...(policy.scanner?.ignore || []),
+    ...(await readMythosIgnore(root)),
+    ...(options.ignore || [])
+  ];
+  const files = await walkFiles(root, { ignore });
+  const findings = [];
+  const scannedFiles = [];
+  const skippedFiles = [];
+
+  for (const file of files) {
+    const rel = file.rel;
+    for (const rule of PATH_RULES) {
+      if (rule.pattern.test(rel)) findings.push(makeFinding(rule, rel, 1, rel));
+    }
+
+    if (matchesAnyGlob(rel, policy.filesystem?.deny || [])) {
+      findings.push({
+        id: 'MS-POLICY-FS-DENY',
+        title: 'File path violates Sentinel filesystem deny policy',
+        severity: 'high',
+        category: 'policy',
+        file: rel,
+        line: 1,
+        evidence: rel,
+        recommendation: 'Move this file outside the agent workspace or update policy deliberately.',
+        confidence: 'high',
+        tags: ['policy', 'filesystem']
+      });
+    }
+
+    const read = await readTextMaybe(file.absPath, options.maxBytes || 512 * 1024);
+    if (read.skipped) {
+      skippedFiles.push({ file: rel, reason: read.reason });
+      continue;
+    }
+    scannedFiles.push({ file: rel, bytes: read.size, sha256: await sha256File(file.absPath) });
+    findings.push(...scanText(rel, read.text));
+  }
+
+  const summary = evaluateFindings(findings, policy, options.failOn);
+  return {
+    schema: 'https://mythos.dev/schemas/sentinel-report.v0.json',
+    tool: { name: 'mythos-sentinel', version: VERSION },
+    target: root,
+    startedAt,
+    completedAt: new Date().toISOString(),
+    summary,
+    files: { total: files.length, scanned: scannedFiles.length, skipped: skippedFiles.length },
+    scannedFiles,
+    skippedFiles,
+    findings
+  };
+}
+
+export function scanText(file, text) {
+  const findings = [];
+  const lines = text.split(/\r?\n/);
+  for (const rule of CONTENT_RULES) {
+    for (let i = 0; i < lines.length; i++) {
+      const line = lines[i];
+      if (rule.pattern.test(line)) {
+        findings.push(makeFinding(rule, file, i + 1, redactEvidence(line.trim())));
+      }
+    }
+  }
+  return findings;
+}
+
+function makeFinding(rule, file, line, evidence) {
+  return {
+    id: rule.id,
+    title: rule.title,
+    severity: rule.severity,
+    category: rule.category,
+    file,
+    line,
+    evidence,
+    recommendation: rule.recommendation,
+    confidence: 'medium',
+    tags: rule.tags || []
+  };
+}
+
+function redactEvidence(value) {
+  if (!value) return value;
+  let evidence = value;
+  evidence = evidence.replace(/(PRIVATE_KEY|MNEMONIC|SEED_PHRASE|API_KEY|TOKEN|SECRET)(\s*[:=]\s*)['\"]?[^\s'\"]+/ig, '$1$2[REDACTED]');
+  if (evidence.length > 220) evidence = `${evidence.slice(0, 217)}...`;
+  return evidence;
+}
+
+
+async function readMythosIgnore(root) {
+  const ignorePath = path.join(root, '.mythosignore');
+  try {
+    const raw = await fs.readFile(ignorePath, 'utf8');
+    return raw
+      .split(/\r?\n/)
+      .map((line) => line.trim())
+      .filter((line) => line && !line.startsWith('#'));
+  } catch (error) {
+    if (error && error.code === 'ENOENT') return [];
+    throw error;
+  }
+}