opena2a-cli 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/review.d.ts +110 -0
- package/dist/commands/review.d.ts.map +1 -0
- package/dist/commands/review.js +634 -0
- package/dist/commands/review.js.map +1 -0
- package/dist/commands/shield.js +38 -12
- package/dist/commands/shield.js.map +1 -1
- package/dist/index.js +21 -0
- package/dist/index.js.map +1 -1
- package/dist/report/review-html.d.ts +16 -0
- package/dist/report/review-html.d.ts.map +1 -0
- package/dist/report/review-html.js +579 -0
- package/dist/report/review-html.js.map +1 -0
- package/dist/router.js +1 -1
- package/dist/router.js.map +1 -1
- package/dist/shield/ai-tool-config.d.ts +49 -0
- package/dist/shield/ai-tool-config.d.ts.map +1 -0
- package/dist/shield/ai-tool-config.js +169 -0
- package/dist/shield/ai-tool-config.js.map +1 -0
- package/dist/shield/findings.js +4 -4
- package/dist/shield/findings.js.map +1 -1
- package/dist/shield/init.d.ts +3 -0
- package/dist/shield/init.d.ts.map +1 -1
- package/dist/shield/init.js +145 -12
- package/dist/shield/init.js.map +1 -1
- package/dist/shield/report-html.js +102 -9
- package/dist/shield/report-html.js.map +1 -1
- package/dist/shield/status.d.ts.map +1 -1
- package/dist/shield/status.js +13 -0
- package/dist/shield/status.js.map +1 -1
- package/package.json +5 -1
|
@@ -0,0 +1,579 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Unified Review HTML Dashboard Generator.
|
|
4
|
+
*
|
|
5
|
+
* Generates a self-contained HTML file with:
|
|
6
|
+
* - Dark theme (#0f172a bg, #1e293b cards, teal primary)
|
|
7
|
+
* - 6-tab navigation (Overview, Credentials, Hygiene, Integrity, Shield, HMA)
|
|
8
|
+
* - Composite score gauge with grade
|
|
9
|
+
* - Phase status cards with timing
|
|
10
|
+
* - Cross-tab navigation
|
|
11
|
+
* - Copy buttons for remediation commands
|
|
12
|
+
*
|
|
13
|
+
* No external dependencies. No emojis. Monospace font.
|
|
14
|
+
*/
|
|
15
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
|
+
exports.generateReviewHtml = generateReviewHtml;
|
|
17
|
+
function esc(s) {
|
|
18
|
+
if (!s)
|
|
19
|
+
return '';
|
|
20
|
+
return s.replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>')
|
|
21
|
+
.replace(/"/g, '"').replace(/'/g, ''');
|
|
22
|
+
}
|
|
23
|
+
function generateReviewHtml(report) {
|
|
24
|
+
const jsonData = JSON.stringify(report).replace(/<\//g, '<\\/');
|
|
25
|
+
return `<!DOCTYPE html>
|
|
26
|
+
<html lang="en">
|
|
27
|
+
<head>
|
|
28
|
+
<meta charset="UTF-8">
|
|
29
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
30
|
+
<title>OpenA2A Security Review - ${esc(report.projectName ?? 'Project')}</title>
|
|
31
|
+
<style>
|
|
32
|
+
:root {
|
|
33
|
+
--bg: #0f172a;
|
|
34
|
+
--card: #1e293b;
|
|
35
|
+
--card-border: #334155;
|
|
36
|
+
--primary: #06b6d4;
|
|
37
|
+
--text: #e2e8f0;
|
|
38
|
+
--muted: #94a3b8;
|
|
39
|
+
--dim: #64748b;
|
|
40
|
+
--critical: #ef4444;
|
|
41
|
+
--high: #f97316;
|
|
42
|
+
--medium: #eab308;
|
|
43
|
+
--low: #3b82f6;
|
|
44
|
+
--info: #6b7280;
|
|
45
|
+
--green: #22c55e;
|
|
46
|
+
--red: #ef4444;
|
|
47
|
+
--amber: #f59e0b;
|
|
48
|
+
--font: 'JetBrains Mono','Fira Code','SF Mono',Menlo,Consolas,monospace;
|
|
49
|
+
}
|
|
50
|
+
*{margin:0;padding:0;box-sizing:border-box;}
|
|
51
|
+
body{background:var(--bg);color:var(--text);font-family:var(--font);font-size:14px;line-height:1.6;}
|
|
52
|
+
.container{max-width:1200px;margin:0 auto;padding:16px 20px;}
|
|
53
|
+
.header{display:flex;align-items:center;justify-content:space-between;padding:12px 0;border-bottom:1px solid var(--card-border);margin-bottom:16px;}
|
|
54
|
+
.header-title{font-size:20px;font-weight:700;color:var(--primary);}
|
|
55
|
+
.header-meta{font-size:12px;color:var(--dim);}
|
|
56
|
+
.nav{display:flex;gap:2px;margin-bottom:16px;border-bottom:1px solid var(--card-border);padding-bottom:0;}
|
|
57
|
+
.nav-tab{background:none;border:none;color:var(--dim);font-family:var(--font);font-size:13px;padding:8px 14px;cursor:pointer;border-bottom:2px solid transparent;transition:all 0.15s;}
|
|
58
|
+
.nav-tab:hover{color:var(--text);}
|
|
59
|
+
.nav-tab.active{color:var(--primary);border-bottom-color:var(--primary);}
|
|
60
|
+
.page{display:none;}
|
|
61
|
+
.page.active{display:block;}
|
|
62
|
+
.card{background:var(--card);border:1px solid var(--card-border);border-radius:6px;padding:16px;margin-bottom:12px;}
|
|
63
|
+
.card-title{font-size:14px;font-weight:700;color:var(--text);margin-bottom:10px;}
|
|
64
|
+
.stats-grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(150px,1fr));gap:8px;margin-bottom:16px;}
|
|
65
|
+
.stat-card{background:var(--card);border:1px solid var(--card-border);border-radius:6px;padding:12px 14px;text-align:center;}
|
|
66
|
+
.stat-value{font-size:24px;font-weight:700;}
|
|
67
|
+
.stat-label{font-size:11px;color:var(--dim);text-transform:uppercase;letter-spacing:0.5px;margin-top:2px;}
|
|
68
|
+
.score-banner{display:flex;align-items:center;gap:24px;background:var(--card);border:1px solid var(--card-border);border-radius:6px;padding:20px 24px;margin-bottom:16px;}
|
|
69
|
+
.score-banner-num{font-size:48px;font-weight:700;line-height:1;letter-spacing:-1px;}
|
|
70
|
+
.score-banner-grade{font-size:20px;font-weight:700;line-height:1;padding:6px 14px;border-radius:4px;letter-spacing:0.5px;}
|
|
71
|
+
.score-banner-bar{flex:1;display:flex;flex-direction:column;gap:6px;}
|
|
72
|
+
.score-banner-track{height:6px;background:rgba(255,255,255,0.06);border-radius:3px;overflow:hidden;}
|
|
73
|
+
.score-banner-fill{height:100%;border-radius:3px;transition:width 0.3s;}
|
|
74
|
+
.score-banner-label{font-size:12px;color:var(--dim);display:flex;justify-content:space-between;}
|
|
75
|
+
.phase-grid{display:grid;grid-template-columns:repeat(5,1fr);gap:8px;margin-bottom:16px;}
|
|
76
|
+
.phase-card{background:var(--card);border:1px solid var(--card-border);border-radius:6px;padding:12px 14px;}
|
|
77
|
+
.phase-name{font-size:13px;font-weight:600;margin-bottom:4px;}
|
|
78
|
+
.phase-detail{font-size:12px;color:var(--muted);}
|
|
79
|
+
.phase-time{font-size:11px;color:var(--dim);margin-top:4px;}
|
|
80
|
+
.status-badge{display:inline-block;font-size:11px;font-weight:700;padding:2px 8px;border-radius:10px;text-transform:uppercase;letter-spacing:0.3px;}
|
|
81
|
+
.status-pass{background:rgba(34,197,94,0.15);color:var(--green);}
|
|
82
|
+
.status-warn{background:rgba(234,179,8,0.15);color:var(--medium);}
|
|
83
|
+
.status-fail{background:rgba(239,68,68,0.15);color:var(--red);}
|
|
84
|
+
.status-skip{background:rgba(107,114,128,0.15);color:var(--info);}
|
|
85
|
+
.sev-badge{display:inline-block;font-size:11px;font-weight:600;padding:2px 8px;border-radius:10px;text-transform:uppercase;}
|
|
86
|
+
.sev-critical{background:rgba(239,68,68,0.15);color:var(--critical);}
|
|
87
|
+
.sev-high{background:rgba(249,115,22,0.15);color:var(--high);}
|
|
88
|
+
.sev-medium{background:rgba(234,179,8,0.15);color:var(--medium);}
|
|
89
|
+
.sev-low{background:rgba(59,130,246,0.15);color:var(--low);}
|
|
90
|
+
.sev-info{background:rgba(107,114,128,0.15);color:var(--info);}
|
|
91
|
+
.data-table{width:100%;border-collapse:collapse;font-size:13px;}
|
|
92
|
+
.data-table th{text-align:left;padding:8px 10px;color:var(--dim);font-weight:600;font-size:11px;text-transform:uppercase;letter-spacing:0.5px;border-bottom:1px solid var(--card-border);}
|
|
93
|
+
.data-table td{padding:8px 10px;border-bottom:1px solid rgba(51,65,85,0.4);vertical-align:top;}
|
|
94
|
+
.data-table tr:last-child td{border-bottom:none;}
|
|
95
|
+
.data-table tr:hover td{background:rgba(6,182,212,0.03);}
|
|
96
|
+
.gauge-card{display:flex;flex-direction:column;align-items:center;padding:10px;}
|
|
97
|
+
.section-title{font-size:16px;font-weight:700;color:var(--text);margin:16px 0 8px;padding-bottom:4px;border-bottom:1px solid var(--card-border);}
|
|
98
|
+
.copy-btn{background:none;border:1px solid var(--dim);color:var(--dim);font-family:var(--font);font-size:11px;padding:2px 8px;border-radius:4px;cursor:pointer;margin-left:6px;transition:all 0.15s;}
|
|
99
|
+
.copy-btn:hover{border-color:var(--primary);color:var(--primary);}
|
|
100
|
+
.copy-btn.copied{border-color:var(--green);color:var(--green);}
|
|
101
|
+
.cmd-block{display:flex;align-items:center;background:rgba(0,0,0,0.3);padding:6px 10px;border-radius:4px;margin:4px 0;font-size:13px;color:var(--primary);}
|
|
102
|
+
.cmd-text{flex:1;}
|
|
103
|
+
.action-item{display:flex;align-items:flex-start;gap:10px;padding:8px 0;border-bottom:1px solid rgba(51,65,85,0.3);}
|
|
104
|
+
.action-item:last-child{border-bottom:none;}
|
|
105
|
+
.action-priority{font-size:10px;font-weight:700;color:var(--dim);min-width:20px;}
|
|
106
|
+
.action-content{flex:1;}
|
|
107
|
+
.action-desc{font-size:13px;margin-bottom:4px;}
|
|
108
|
+
.action-link{font-size:12px;color:var(--primary);cursor:pointer;text-decoration:underline;}
|
|
109
|
+
.empty-state{color:var(--dim);font-size:13px;padding:20px;text-align:center;}
|
|
110
|
+
.cta-card{background:var(--card);border:1px dashed var(--primary);border-radius:6px;padding:20px;text-align:center;}
|
|
111
|
+
.cta-title{font-size:16px;font-weight:700;color:var(--primary);margin-bottom:8px;}
|
|
112
|
+
.cta-desc{font-size:13px;color:var(--muted);margin-bottom:12px;}
|
|
113
|
+
.overview-top{display:grid;grid-template-columns:auto 1fr;gap:12px;margin-bottom:16px;}
|
|
114
|
+
@media(max-width:768px){.overview-top{grid-template-columns:1fr;}.phase-grid{grid-template-columns:repeat(2,1fr);}.stats-grid{grid-template-columns:repeat(2,1fr);}}
|
|
115
|
+
.hygiene-row{display:flex;justify-content:space-between;align-items:flex-start;padding:8px 0;border-bottom:1px solid rgba(51,65,85,0.3);font-size:13px;}
|
|
116
|
+
.hygiene-row:last-child{border-bottom:none;}
|
|
117
|
+
.hygiene-label{color:var(--muted);}
|
|
118
|
+
.arp-grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(130px,1fr));gap:8px;margin-top:8px;}
|
|
119
|
+
.arp-stat{text-align:center;padding:8px;background:rgba(0,0,0,0.2);border-radius:4px;}
|
|
120
|
+
.arp-stat-value{font-size:18px;font-weight:700;color:var(--primary);}
|
|
121
|
+
.arp-stat-label{font-size:11px;color:var(--dim);text-transform:uppercase;}
|
|
122
|
+
.header-subtitle{font-size:13px;color:var(--dim);margin-top:4px;}
|
|
123
|
+
.section-intro{font-size:13px;color:var(--muted);margin-bottom:12px;line-height:1.5;}
|
|
124
|
+
.score-explainer{background:var(--card);border:1px dashed var(--card-border);border-radius:6px;padding:14px 16px;margin-bottom:12px;font-size:13px;color:var(--muted);line-height:1.6;}
|
|
125
|
+
.score-explainer strong{color:var(--text);}
|
|
126
|
+
.check-desc{font-size:12px;color:var(--dim);margin-top:2px;}
|
|
127
|
+
.phase-desc{font-size:12px;color:var(--dim);margin-top:4px;line-height:1.4;}
|
|
128
|
+
.finding-desc{font-size:12px;color:var(--muted);padding:4px 10px 8px;line-height:1.4;}
|
|
129
|
+
.cred-card{background:var(--card);border:1px solid var(--card-border);border-radius:6px;padding:14px 16px;margin-bottom:8px;}
|
|
130
|
+
.cred-card-header{display:flex;align-items:center;gap:8px;margin-bottom:6px;flex-wrap:wrap;}
|
|
131
|
+
.cred-card-title{font-size:14px;font-weight:600;color:var(--text);}
|
|
132
|
+
.cred-card-meta{display:grid;grid-template-columns:1fr 1fr;gap:4px 16px;font-size:12px;margin-bottom:8px;}
|
|
133
|
+
.cred-card-meta-label{color:var(--dim);font-size:11px;text-transform:uppercase;letter-spacing:0.3px;}
|
|
134
|
+
.cred-card-meta-value{color:var(--muted);}
|
|
135
|
+
.cred-card-meta-value.env{color:var(--primary);font-weight:600;}
|
|
136
|
+
.cred-card-detail{border-top:1px solid rgba(51,65,85,0.4);padding-top:8px;margin-top:4px;}
|
|
137
|
+
.cred-card-detail-label{font-size:11px;font-weight:600;color:var(--dim);text-transform:uppercase;letter-spacing:0.3px;margin-bottom:2px;}
|
|
138
|
+
.cred-card-detail-text{font-size:12px;color:var(--muted);line-height:1.5;margin-bottom:6px;}
|
|
139
|
+
.badge-owasp{display:inline-block;background:rgba(245,158,11,0.15);color:#f59e0b;font-size:11px;font-weight:700;padding:2px 6px;border-radius:10px;margin-right:4px;}
|
|
140
|
+
.badge-mitre{display:inline-block;background:rgba(139,92,246,0.15);color:#8b5cf6;font-size:11px;font-weight:700;padding:2px 6px;border-radius:10px;margin-right:4px;}
|
|
141
|
+
.footer{border-top:1px solid var(--card-border);margin-top:32px;padding:16px 0;text-align:center;font-size:12px;color:var(--dim);}
|
|
142
|
+
.footer a{color:var(--primary);text-decoration:none;}
|
|
143
|
+
.footer a:hover{text-decoration:underline;}
|
|
144
|
+
</style>
|
|
145
|
+
</head>
|
|
146
|
+
<body>
|
|
147
|
+
<div class="container">
|
|
148
|
+
<div class="header">
|
|
149
|
+
<div>
|
|
150
|
+
<div class="header-title">OpenA2A Security Review</div>
|
|
151
|
+
<div class="header-subtitle">Security review of <strong style="color:var(--text)">${esc(report.projectName ?? report.directory)}</strong> -- composite score from 5 automated checks. Higher is better.</div>
|
|
152
|
+
</div>
|
|
153
|
+
<div class="header-meta">${esc(report.timestamp)}</div>
|
|
154
|
+
</div>
|
|
155
|
+
<nav class="nav" id="main-nav">
|
|
156
|
+
<button class="nav-tab active" data-page="overview">Overview</button>
|
|
157
|
+
<button class="nav-tab" data-page="credentials">Credentials</button>
|
|
158
|
+
<button class="nav-tab" data-page="hygiene">Hygiene</button>
|
|
159
|
+
<button class="nav-tab" data-page="integrity">Integrity</button>
|
|
160
|
+
<button class="nav-tab" data-page="shield">Shield</button>
|
|
161
|
+
<button class="nav-tab" data-page="hma">HMA</button>
|
|
162
|
+
</nav>
|
|
163
|
+
<div class="page active" id="page-overview"></div>
|
|
164
|
+
<div class="page" id="page-credentials"></div>
|
|
165
|
+
<div class="page" id="page-hygiene"></div>
|
|
166
|
+
<div class="page" id="page-integrity"></div>
|
|
167
|
+
<div class="page" id="page-shield"></div>
|
|
168
|
+
<div class="page" id="page-hma"></div>
|
|
169
|
+
<div class="footer">Generated by <a href="https://opena2a.org" target="_blank" rel="noopener">OpenA2A</a> -- Open Agent-to-Agent Security Platform</div>
|
|
170
|
+
</div>
|
|
171
|
+
|
|
172
|
+
<script id="report-data" type="application/json">${jsonData}</script>
|
|
173
|
+
<script>
|
|
174
|
+
(function(){
|
|
175
|
+
var report = JSON.parse(document.getElementById('report-data').textContent);
|
|
176
|
+
var pagesRendered = {};
|
|
177
|
+
|
|
178
|
+
function esc(s){return s==null?'':String(s).replace(/&/g,'&').replace(/</g,'<').replace(/>/g,'>').replace(/"/g,'"');}
|
|
179
|
+
function scoreColor(s){return s>=90?'var(--green)':s>=70?'var(--primary)':s>=50?'var(--medium)':'var(--red)';}
|
|
180
|
+
|
|
181
|
+
// Tab navigation
|
|
182
|
+
document.getElementById('main-nav').addEventListener('click',function(e){
|
|
183
|
+
var btn=e.target.closest('.nav-tab');if(!btn)return;
|
|
184
|
+
var pg=btn.getAttribute('data-page');
|
|
185
|
+
document.querySelectorAll('.nav-tab').forEach(function(t){t.classList.toggle('active',t===btn);});
|
|
186
|
+
document.querySelectorAll('.page').forEach(function(p){p.classList.toggle('active',p.id==='page-'+pg);});
|
|
187
|
+
renderPage(pg);
|
|
188
|
+
});
|
|
189
|
+
|
|
190
|
+
function renderPage(pg){
|
|
191
|
+
if(pagesRendered[pg])return;pagesRendered[pg]=true;
|
|
192
|
+
var el=document.getElementById('page-'+pg);
|
|
193
|
+
switch(pg){
|
|
194
|
+
case 'overview':el.innerHTML=renderOverview();break;
|
|
195
|
+
case 'credentials':el.innerHTML=renderCredentials();break;
|
|
196
|
+
case 'hygiene':el.innerHTML=renderHygiene();break;
|
|
197
|
+
case 'integrity':el.innerHTML=renderIntegrity();break;
|
|
198
|
+
case 'shield':el.innerHTML=renderShield();break;
|
|
199
|
+
case 'hma':el.innerHTML=renderHma();break;
|
|
200
|
+
}
|
|
201
|
+
}
|
|
202
|
+
|
|
203
|
+
// Copy command
|
|
204
|
+
window.copyCmd=function(btn){
|
|
205
|
+
var cmd=btn.getAttribute('data-cmd');
|
|
206
|
+
if(navigator.clipboard&&navigator.clipboard.writeText){
|
|
207
|
+
navigator.clipboard.writeText(cmd).then(function(){
|
|
208
|
+
btn.textContent='OK';btn.classList.add('copied');
|
|
209
|
+
setTimeout(function(){btn.textContent='Copy';btn.classList.remove('copied');},1500);
|
|
210
|
+
});
|
|
211
|
+
}else{
|
|
212
|
+
var ta=document.createElement('textarea');ta.value=cmd;ta.style.position='fixed';ta.style.left='-9999px';
|
|
213
|
+
document.body.appendChild(ta);ta.select();document.execCommand('copy');document.body.removeChild(ta);
|
|
214
|
+
btn.textContent='OK';btn.classList.add('copied');
|
|
215
|
+
setTimeout(function(){btn.textContent='Copy';btn.classList.remove('copied');},1500);
|
|
216
|
+
}
|
|
217
|
+
};
|
|
218
|
+
|
|
219
|
+
// Cross-tab navigation
|
|
220
|
+
window.goToTab=function(tab){
|
|
221
|
+
var btn=document.querySelector('.nav-tab[data-page="'+tab+'"]');
|
|
222
|
+
if(btn)btn.click();
|
|
223
|
+
};
|
|
224
|
+
|
|
225
|
+
// Gauge SVG
|
|
226
|
+
function gaugeCircle(score,grade){
|
|
227
|
+
var sz=170,cx=sz/2,cy=sz/2,r=65,sw=10,circ=2*Math.PI*r;
|
|
228
|
+
var pct=Math.max(0,Math.min(100,score))/100,dash=pct*circ,gap=circ-dash;
|
|
229
|
+
var clr=score>=90?'#22c55e':score>=70?'#06b6d4':score>=50?'#eab308':'#ef4444';
|
|
230
|
+
var s='<svg width="'+sz+'" height="'+sz+'" viewBox="0 0 '+sz+' '+sz+'">';
|
|
231
|
+
s+='<circle cx="'+cx+'" cy="'+cy+'" r="'+r+'" fill="none" stroke="rgba(255,255,255,0.05)" stroke-width="'+sw+'"/>';
|
|
232
|
+
s+='<circle cx="'+cx+'" cy="'+cy+'" r="'+r+'" fill="none" stroke="'+clr+'" stroke-width="'+sw+'" stroke-dasharray="'+dash+' '+gap+'" stroke-dashoffset="'+(circ*0.25)+'" stroke-linecap="round" transform="rotate(-90 '+cx+' '+cy+')"/>';
|
|
233
|
+
s+='<text x="'+cx+'" y="'+(cy-6)+'" text-anchor="middle" dominant-baseline="middle" font-size="32" font-weight="700" fill="'+clr+'" font-family="var(--font)">'+score+'</text>';
|
|
234
|
+
s+='<text x="'+cx+'" y="'+(cy+20)+'" text-anchor="middle" dominant-baseline="middle" font-size="14" font-weight="600" fill="'+clr+'" font-family="var(--font)">Grade '+esc(grade)+'</text>';
|
|
235
|
+
s+='</svg>';return s;
|
|
236
|
+
}
|
|
237
|
+
|
|
238
|
+
function cmdBlock(cmd){
|
|
239
|
+
return '<div class="cmd-block"><span class="cmd-text">'+esc(cmd)+'</span><button class="copy-btn" data-cmd="'+esc(cmd)+'" onclick="copyCmd(this)">Copy</button></div>';
|
|
240
|
+
}
|
|
241
|
+
|
|
242
|
+
function statCard(value,label,color){
|
|
243
|
+
return '<div class="stat-card"><div class="stat-value" style="color:'+color+'">'+esc(String(value))+'</div><div class="stat-label">'+esc(label)+'</div></div>';
|
|
244
|
+
}
|
|
245
|
+
|
|
246
|
+
function scoreBanner(score,grade){
|
|
247
|
+
var clr=scoreColor(score);
|
|
248
|
+
var gradeBg=score>=90?'rgba(34,197,94,0.15)':score>=70?'rgba(6,182,212,0.15)':score>=50?'rgba(234,179,8,0.15)':'rgba(239,68,68,0.15)';
|
|
249
|
+
var h='<div class="score-banner">';
|
|
250
|
+
h+='<div class="score-banner-num" style="color:'+clr+'">'+score+'</div>';
|
|
251
|
+
h+='<div class="score-banner-bar">';
|
|
252
|
+
h+='<div class="score-banner-label"><span>Composite Score</span><span>'+score+'/100</span></div>';
|
|
253
|
+
h+='<div class="score-banner-track"><div class="score-banner-fill" style="width:'+score+'%;background:'+clr+'"></div></div>';
|
|
254
|
+
h+='</div>';
|
|
255
|
+
h+='<div class="score-banner-grade" style="color:'+clr+';background:'+gradeBg+'">'+esc(grade)+'</div>';
|
|
256
|
+
h+='</div>';
|
|
257
|
+
return h;
|
|
258
|
+
}
|
|
259
|
+
|
|
260
|
+
var phaseDescriptions={
|
|
261
|
+
'Project Scan':'Checks .gitignore, lock files, security config, and dependency advisories',
|
|
262
|
+
'Credentials':'Scans source files for hardcoded API keys, tokens, and secrets',
|
|
263
|
+
'Config Integrity':'Verifies cryptographic signatures on monitored config files',
|
|
264
|
+
'Shield Analysis':'Analyzes 7 days of security events, policy violations, and ARP detections',
|
|
265
|
+
'HMA Scan':'Runs HackMyAgent security checks against your AI agent endpoints'
|
|
266
|
+
};
|
|
267
|
+
function phaseCard(phase){
|
|
268
|
+
var statusCls='status-'+phase.status;
|
|
269
|
+
var time=phase.status==='skip'?'--':(phase.durationMs/1000).toFixed(1)+'s';
|
|
270
|
+
var desc=phaseDescriptions[phase.name]||'';
|
|
271
|
+
return '<div class="phase-card"><div style="display:flex;justify-content:space-between;align-items:center"><div class="phase-name">'+esc(phase.name)+'</div><span class="status-badge '+statusCls+'">'+esc(phase.status)+'</span></div><div class="phase-detail">'+esc(phase.detail)+'</div>'+(desc?'<div class="phase-desc">'+esc(desc)+'</div>':'')+'<div class="phase-time">'+esc(time)+'</div></div>';
|
|
272
|
+
}
|
|
273
|
+
|
|
274
|
+
// ======================== OVERVIEW ========================
|
|
275
|
+
function renderOverview(){
|
|
276
|
+
var h='';
|
|
277
|
+
// Score banner
|
|
278
|
+
var sevCounts={critical:0,high:0,medium:0,low:0};
|
|
279
|
+
var findings=report.findings||[];
|
|
280
|
+
for(var i=0;i<findings.length;i++){var s=findings[i].severity;if(s in sevCounts)sevCounts[s]++;}
|
|
281
|
+
h+=scoreBanner(report.compositeScore,report.grade);
|
|
282
|
+
h+='<div class="stats-grid">';
|
|
283
|
+
h+=statCard(findings.length,'Findings',findings.length>0?'var(--amber)':'var(--green)');
|
|
284
|
+
h+=statCard(sevCounts.critical,'Critical',sevCounts.critical>0?'var(--critical)':'var(--text)');
|
|
285
|
+
h+=statCard(sevCounts.high,'High',sevCounts.high>0?'var(--high)':'var(--text)');
|
|
286
|
+
h+=statCard(sevCounts.medium,'Medium',sevCounts.medium>0?'var(--medium)':'var(--text)');
|
|
287
|
+
h+='</div>';
|
|
288
|
+
|
|
289
|
+
// Phase cards (full width, 5 columns)
|
|
290
|
+
h+='<h2 class="section-title">Phase Results</h2><div class="phase-grid">';
|
|
291
|
+
var phases=report.phases||[];
|
|
292
|
+
for(var i=0;i<phases.length;i++) h+=phaseCard(phases[i]);
|
|
293
|
+
h+='</div>';
|
|
294
|
+
|
|
295
|
+
// Score explainer -- structured as two mini-grids
|
|
296
|
+
h+='<div class="score-explainer">';
|
|
297
|
+
h+='<div style="font-size:12px;color:var(--dim);text-transform:uppercase;letter-spacing:0.5px;margin-bottom:8px">Score Breakdown</div>';
|
|
298
|
+
h+='<div style="display:grid;grid-template-columns:repeat(4,1fr);gap:6px;margin-bottom:12px">';
|
|
299
|
+
h+='<div style="text-align:center"><div style="font-size:16px;font-weight:700;color:var(--text)">35%</div><div style="font-size:11px;color:var(--muted)">Hygiene</div></div>';
|
|
300
|
+
h+='<div style="text-align:center"><div style="font-size:16px;font-weight:700;color:var(--text)">25%</div><div style="font-size:11px;color:var(--muted)">Shield</div></div>';
|
|
301
|
+
h+='<div style="text-align:center"><div style="font-size:16px;font-weight:700;color:var(--text)">22%</div><div style="font-size:11px;color:var(--muted)">Credentials</div></div>';
|
|
302
|
+
h+='<div style="text-align:center"><div style="font-size:16px;font-weight:700;color:var(--text)">18%</div><div style="font-size:11px;color:var(--muted)">Integrity</div></div>';
|
|
303
|
+
h+='</div>';
|
|
304
|
+
h+='<div style="display:flex;gap:8px;justify-content:center;font-size:11px;color:var(--dim);border-top:1px solid rgba(51,65,85,0.4);padding-top:8px">';
|
|
305
|
+
h+='<span><strong style="color:var(--green)">A</strong> 90+</span>';
|
|
306
|
+
h+='<span><strong style="color:var(--primary)">B</strong> 80+</span>';
|
|
307
|
+
h+='<span><strong style="color:var(--medium)">C</strong> 70+</span>';
|
|
308
|
+
h+='<span><strong style="color:var(--amber)">D</strong> 60+</span>';
|
|
309
|
+
h+='<span><strong style="color:var(--red)">F</strong> <60</span>';
|
|
310
|
+
h+='</div>';
|
|
311
|
+
h+='</div>';
|
|
312
|
+
|
|
313
|
+
// Action items
|
|
314
|
+
var actions=report.actionItems||[];
|
|
315
|
+
var actionImpact={
|
|
316
|
+
'critical':'Immediate risk of credential compromise or data breach',
|
|
317
|
+
'high':'Significant security gap that attackers can exploit',
|
|
318
|
+
'medium':'Moderate risk that weakens your security posture',
|
|
319
|
+
'low':'Minor improvement to harden your defenses',
|
|
320
|
+
'info':'Recommended best practice'
|
|
321
|
+
};
|
|
322
|
+
if(actions.length>0){
|
|
323
|
+
h+='<h2 class="section-title">Action Items</h2><div class="card">';
|
|
324
|
+
for(var i=0;i<actions.length;i++){
|
|
325
|
+
var a=actions[i];
|
|
326
|
+
var impact=actionImpact[a.severity]||'';
|
|
327
|
+
h+='<div class="action-item"><div class="action-priority">#'+a.priority+'</div><div class="action-content"><div class="action-desc"><span class="sev-badge sev-'+esc(a.severity)+'">'+esc(a.severity)+'</span> '+esc(a.description)+'</div>'+(impact?'<div class="check-desc">'+esc(impact)+'</div>':'')+cmdBlock(a.command)+'<span class="action-link" onclick="goToTab("'+esc(a.tab)+'")">View details</span></div></div>';
|
|
328
|
+
}
|
|
329
|
+
h+='</div>';
|
|
330
|
+
}
|
|
331
|
+
|
|
332
|
+
// Top findings
|
|
333
|
+
if(findings.length>0){
|
|
334
|
+
h+='<h2 class="section-title">Findings</h2><div class="card"><table class="data-table"><thead><tr><th>ID</th><th>Title</th><th>Severity</th><th>Source</th><th>Detail</th></tr></thead><tbody>';
|
|
335
|
+
var top=findings.slice(0,10);
|
|
336
|
+
for(var i=0;i<top.length;i++){var f=top[i];
|
|
337
|
+
h+='<tr><td>'+esc(f.id)+'</td><td>'+esc(f.title)+'</td><td><span class="sev-badge sev-'+esc(f.severity)+'">'+esc(f.severity)+'</span></td><td>'+esc(f.source)+'</td><td style="font-size:11px;color:var(--muted)">'+esc(f.detail)+'</td></tr>';
|
|
338
|
+
}
|
|
339
|
+
h+='</tbody></table></div>';
|
|
340
|
+
}
|
|
341
|
+
return h;
|
|
342
|
+
}
|
|
343
|
+
|
|
344
|
+
// ======================== CREDENTIALS ========================
|
|
345
|
+
function renderCredentials(){
|
|
346
|
+
var data=report.credentialData;
|
|
347
|
+
if(!data||data.totalFindings===0){
|
|
348
|
+
return '<div class="card"><div class="empty-state">No hardcoded credentials found. Your project is clean.</div></div>';
|
|
349
|
+
}
|
|
350
|
+
var h='<div class="section-intro">Hardcoded credentials in source code are the #1 cause of security breaches in AI projects. Keys pushed to git are scraped by bots within minutes. Each finding below is a credential that should be moved to environment variables.</div>';
|
|
351
|
+
h+='<div class="stats-grid">';
|
|
352
|
+
h+=statCard(data.totalFindings,'Total Findings',data.totalFindings>0?'var(--red)':'var(--green)');
|
|
353
|
+
h+=statCard(data.bySeverity.critical||0,'Critical',(data.bySeverity.critical||0)>0?'var(--critical)':'var(--text)');
|
|
354
|
+
h+=statCard(data.bySeverity.high||0,'High',(data.bySeverity.high||0)>0?'var(--high)':'var(--text)');
|
|
355
|
+
h+=statCard(data.bySeverity.medium||0,'Medium',(data.bySeverity.medium||0)>0?'var(--medium)':'var(--text)');
|
|
356
|
+
h+='</div>';
|
|
357
|
+
|
|
358
|
+
h+='<h2 class="section-title">Credential Findings</h2>';
|
|
359
|
+
var matches=data.matches||[];
|
|
360
|
+
for(var i=0;i<matches.length;i++){
|
|
361
|
+
var m=matches[i];
|
|
362
|
+
h+='<div class="cred-card">';
|
|
363
|
+
h+='<div class="cred-card-header"><span class="sev-badge sev-'+esc(m.severity)+'">'+esc(m.severity)+'</span><span class="cred-card-title">'+esc(m.title)+'</span><span style="color:var(--dim);font-size:12px">'+esc(m.findingId)+'</span></div>';
|
|
364
|
+
h+='<div class="cred-card-meta">';
|
|
365
|
+
h+='<div><div class="cred-card-meta-label">File</div><div class="cred-card-meta-value">'+esc(m.filePath)+':'+m.line+'</div></div>';
|
|
366
|
+
h+='<div><div class="cred-card-meta-label">Migrate to</div><div class="cred-card-meta-value env">'+esc(m.envVar)+'</div></div>';
|
|
367
|
+
h+='</div>';
|
|
368
|
+
if(m.explanation||m.businessImpact){
|
|
369
|
+
h+='<div class="cred-card-detail">';
|
|
370
|
+
if(m.explanation){h+='<div class="cred-card-detail-label">Why this matters</div><div class="cred-card-detail-text">'+esc(m.explanation)+'</div>';}
|
|
371
|
+
if(m.businessImpact){h+='<div class="cred-card-detail-label">Business impact</div><div class="cred-card-detail-text">'+esc(m.businessImpact)+'</div>';}
|
|
372
|
+
h+='</div>';
|
|
373
|
+
}
|
|
374
|
+
h+='</div>';
|
|
375
|
+
}
|
|
376
|
+
|
|
377
|
+
// Drift
|
|
378
|
+
if(data.driftFindings&&data.driftFindings.length>0){
|
|
379
|
+
h+='<h2 class="section-title">Scope Drift</h2>';
|
|
380
|
+
h+='<div class="card"><p style="color:var(--muted);font-size:12px;margin-bottom:8px;line-height:1.5">Scope drift occurs when a key provisioned for one service (e.g., Google Maps) silently grants access to AI services (e.g., Gemini). The key\\\'s permissions are wider than intended, expanding your attack surface without any code change.</p>';
|
|
381
|
+
h+='<table class="data-table"><thead><tr><th>ID</th><th>File</th><th>Line</th></tr></thead><tbody>';
|
|
382
|
+
for(var i=0;i<data.driftFindings.length;i++){
|
|
383
|
+
var d=data.driftFindings[i];
|
|
384
|
+
h+='<tr><td>'+esc(d.findingId)+'</td><td style="font-size:11px;color:var(--muted)">'+esc(d.filePath)+'</td><td>'+d.line+'</td></tr>';
|
|
385
|
+
}
|
|
386
|
+
h+='</tbody></table></div>';
|
|
387
|
+
}
|
|
388
|
+
|
|
389
|
+
h+='<h2 class="section-title">Remediation</h2>';
|
|
390
|
+
h+='<div class="card">'+cmdBlock('opena2a protect')+'<p style="color:var(--muted);font-size:12px;margin-top:8px">Migrate hardcoded credentials to environment variables or encrypted vault.</p></div>';
|
|
391
|
+
return h;
|
|
392
|
+
}
|
|
393
|
+
|
|
394
|
+
// ======================== HYGIENE ========================
|
|
395
|
+
var hygieneDescriptions={
|
|
396
|
+
'Credential scan':'Detects API keys and secrets hardcoded in source files',
|
|
397
|
+
'credentials':'Detects API keys and secrets hardcoded in source files',
|
|
398
|
+
'.gitignore':'Prevents sensitive files from being committed to version control',
|
|
399
|
+
'gitignore':'Prevents sensitive files from being committed to version control',
|
|
400
|
+
'.env protection':'Ensures .env files (which store secrets) are excluded from git',
|
|
401
|
+
'env protection':'Ensures .env files (which store secrets) are excluded from git',
|
|
402
|
+
'Lock file':'Pins exact dependency versions to prevent supply chain attacks',
|
|
403
|
+
'lock file':'Pins exact dependency versions to prevent supply chain attacks',
|
|
404
|
+
'Security config':'OpenA2A configuration enables automated security monitoring',
|
|
405
|
+
'security config':'OpenA2A configuration enables automated security monitoring'
|
|
406
|
+
};
|
|
407
|
+
function findHygieneDesc(label){
|
|
408
|
+
if(!label)return '';
|
|
409
|
+
var lc=label.toLowerCase();
|
|
410
|
+
for(var key in hygieneDescriptions){if(lc.indexOf(key.toLowerCase())>=0)return hygieneDescriptions[key];}
|
|
411
|
+
return '';
|
|
412
|
+
}
|
|
413
|
+
function renderHygiene(){
|
|
414
|
+
var init=report.initData;
|
|
415
|
+
var h='<div class="section-intro">Project hygiene measures foundational security practices. These checks do not require any OpenA2A tools -- they are standard development practices that prevent accidental exposure.</div>';
|
|
416
|
+
h+='<div class="stats-grid">';
|
|
417
|
+
h+=statCard(init.trustScore+'/100','Trust Score',scoreColor(init.trustScore));
|
|
418
|
+
h+=statCard('Grade '+init.grade,'Trust Grade',scoreColor(init.trustScore));
|
|
419
|
+
h+=statCard(init.postureScore+'/100','Posture Score',scoreColor(init.postureScore));
|
|
420
|
+
h+=statCard(init.riskLevel,'Risk Level',init.riskLevel==='SECURE'||init.riskLevel==='LOW'?'var(--green)':init.riskLevel==='MEDIUM'?'var(--medium)':'var(--red)');
|
|
421
|
+
h+='</div>';
|
|
422
|
+
|
|
423
|
+
h+='<div class="overview-top">';
|
|
424
|
+
h+='<div class="gauge-card">'+gaugeCircle(init.trustScore,init.grade)+'</div>';
|
|
425
|
+
h+='<div>';
|
|
426
|
+
h+='<h2 class="section-title">Hygiene Checks</h2>';
|
|
427
|
+
h+='<div class="card">';
|
|
428
|
+
var checks=init.hygieneChecks||[];
|
|
429
|
+
for(var i=0;i<checks.length;i++){
|
|
430
|
+
var c=checks[i];
|
|
431
|
+
var statusClr=c.status==='pass'?'var(--green)':c.status==='fail'?'var(--red)':c.status==='warn'?'var(--medium)':'var(--dim)';
|
|
432
|
+
var desc=findHygieneDesc(c.label);
|
|
433
|
+
h+='<div class="hygiene-row"><div><span class="hygiene-label">'+esc(c.label)+'</span>'+(desc?'<div class="check-desc">'+esc(desc)+'</div>':'')+'</div><span style="color:'+statusClr+'">'+esc(c.detail)+'</span></div>';
|
|
434
|
+
}
|
|
435
|
+
h+='</div>';
|
|
436
|
+
h+='</div></div>';
|
|
437
|
+
|
|
438
|
+
h+='<div class="score-explainer">';
|
|
439
|
+
h+='<div style="font-size:12px;color:var(--dim);text-transform:uppercase;letter-spacing:0.5px;margin-bottom:8px">Trust Score Formula</div>';
|
|
440
|
+
h+='<div style="display:grid;grid-template-columns:1fr 1fr;gap:4px 16px;font-size:12px">';
|
|
441
|
+
h+='<div style="color:var(--muted)">Start</div><div style="color:var(--text);font-weight:600">100</div>';
|
|
442
|
+
h+='<div style="color:var(--muted)">Critical credential</div><div style="color:var(--critical)">-25 each</div>';
|
|
443
|
+
h+='<div style="color:var(--muted)">High credential</div><div style="color:var(--high)">-15 each</div>';
|
|
444
|
+
h+='<div style="color:var(--muted)">Medium credential</div><div style="color:var(--medium)">-8 each</div>';
|
|
445
|
+
h+='<div style="color:var(--muted)">Missing .gitignore</div><div style="color:var(--red)">-15</div>';
|
|
446
|
+
h+='<div style="color:var(--muted)">Unprotected .env</div><div style="color:var(--red)">-10</div>';
|
|
447
|
+
h+='<div style="color:var(--muted)">No lock file</div><div style="color:var(--amber)">-5</div>';
|
|
448
|
+
h+='<div style="color:var(--muted)">Security config</div><div style="color:var(--green)">+5 bonus</div>';
|
|
449
|
+
h+='</div>';
|
|
450
|
+
h+='</div>';
|
|
451
|
+
|
|
452
|
+
h+='<div class="stats-grid">';
|
|
453
|
+
h+=statCard(init.activeProducts+'/'+init.totalProducts,'Active Products','var(--primary)');
|
|
454
|
+
h+=statCard(init.advisoryCount,'Advisories',init.advisoryCount>0?'var(--amber)':'var(--green)');
|
|
455
|
+
h+='</div>';
|
|
456
|
+
|
|
457
|
+
h+='<h2 class="section-title">Project Info</h2>';
|
|
458
|
+
h+='<div class="card">';
|
|
459
|
+
h+='<div class="hygiene-row"><span class="hygiene-label">Project</span><span>'+esc(init.projectName||'unnamed')+'</span></div>';
|
|
460
|
+
h+='<div class="hygiene-row"><span class="hygiene-label">Type</span><span>'+esc(init.projectType)+'</span></div>';
|
|
461
|
+
h+='<div class="hygiene-row"><span class="hygiene-label">Version</span><span>'+esc(init.projectVersion||'--')+'</span></div>';
|
|
462
|
+
h+='</div>';
|
|
463
|
+
return h;
|
|
464
|
+
}
|
|
465
|
+
|
|
466
|
+
// ======================== INTEGRITY ========================
|
|
467
|
+
function renderIntegrity(){
|
|
468
|
+
var guard=report.guardData;
|
|
469
|
+
var h='<div class="section-intro">ConfigGuard signs your configuration files with SHA-256 hashes. If anyone (or any agent) modifies a signed file, the tampering is immediately detectable. This is your first line of defense against configuration drift.</div>';
|
|
470
|
+
var statusClr=guard.signatureStatus==='valid'?'var(--green)':guard.signatureStatus==='tampered'?'var(--red)':'var(--dim)';
|
|
471
|
+
var statusLabel=guard.signatureStatus==='valid'?'Active':guard.signatureStatus==='tampered'?'Tampered':'Unsigned';
|
|
472
|
+
|
|
473
|
+
h+='<div class="stats-grid">';
|
|
474
|
+
h+=statCard(statusLabel,'Signature Status',statusClr);
|
|
475
|
+
h+=statCard(guard.filesMonitored,'Files Monitored','var(--primary)');
|
|
476
|
+
h+=statCard(guard.tamperedFiles?guard.tamperedFiles.length:0,'Tampered',(guard.tamperedFiles&&guard.tamperedFiles.length>0)?'var(--red)':'var(--green)');
|
|
477
|
+
h+='</div>';
|
|
478
|
+
|
|
479
|
+
if(guard.signatureStatus==='unsigned'){
|
|
480
|
+
h+='<div class="cta-card"><div class="cta-title">ConfigGuard Not Active</div><div class="cta-desc">Sign your config files to detect unauthorized modifications.</div>'+cmdBlock('opena2a guard sign')+'</div>';
|
|
481
|
+
}else if(guard.signatureStatus==='tampered'){
|
|
482
|
+
h+='<h2 class="section-title">Tampered Files</h2>';
|
|
483
|
+
h+='<div class="card"><table class="data-table"><thead><tr><th>File</th><th>Status</th></tr></thead><tbody>';
|
|
484
|
+
for(var i=0;i<guard.tamperedFiles.length;i++){
|
|
485
|
+
h+='<tr><td>'+esc(guard.tamperedFiles[i])+'</td><td><span class="sev-badge sev-critical">tampered</span></td></tr>';
|
|
486
|
+
}
|
|
487
|
+
h+='</tbody></table></div>';
|
|
488
|
+
h+='<h2 class="section-title">Remediation</h2>';
|
|
489
|
+
h+='<div class="card">'+cmdBlock('opena2a guard diff')+'<p style="color:var(--muted);font-size:12px;margin:4px 0">Review changes, then resign:</p>'+cmdBlock('opena2a guard resign')+'</div>';
|
|
490
|
+
}else{
|
|
491
|
+
h+='<div class="card"><div class="empty-state">All '+guard.filesMonitored+' monitored files have valid signatures.</div></div>';
|
|
492
|
+
}
|
|
493
|
+
return h;
|
|
494
|
+
}
|
|
495
|
+
|
|
496
|
+
// ======================== SHIELD ========================
|
|
497
|
+
function renderShield(){
|
|
498
|
+
var shield=report.shieldData;
|
|
499
|
+
var h='<div class="section-intro">Shield is the unified security orchestration layer. It collects events from all OpenA2A products (ARP, ConfigGuard, Secretless, HMA) into a tamper-evident log and classifies them into actionable findings.</div>';
|
|
500
|
+
h+='<div class="stats-grid">';
|
|
501
|
+
h+=statCard(shield.postureScore+'/100','Posture Score',scoreColor(shield.postureScore));
|
|
502
|
+
h+=statCard(shield.eventCount,'Events (7d)','var(--primary)');
|
|
503
|
+
h+=statCard(shield.classifiedFindings?shield.classifiedFindings.length:0,'Findings',shield.classifiedFindings&&shield.classifiedFindings.length>0?'var(--amber)':'var(--green)');
|
|
504
|
+
h+=statCard(shield.policyLoaded?'Loaded':'None','Policy',shield.policyLoaded?'var(--green)':'var(--dim)');
|
|
505
|
+
h+=statCard(shield.policyMode||'--','Mode','var(--muted)');
|
|
506
|
+
h+=statCard(shield.integrityStatus||'healthy','Integrity',shield.integrityStatus==='healthy'?'var(--green)':'var(--red)');
|
|
507
|
+
h+='</div>';
|
|
508
|
+
|
|
509
|
+
// Classified findings
|
|
510
|
+
var cf=shield.classifiedFindings||[];
|
|
511
|
+
if(cf.length>0){
|
|
512
|
+
h+='<h2 class="section-title">Classified Findings</h2>';
|
|
513
|
+
h+='<div class="card"><table class="data-table"><thead><tr><th>ID</th><th>Title</th><th>Severity</th><th>Count</th><th>Remediation</th></tr></thead><tbody>';
|
|
514
|
+
for(var i=0;i<cf.length;i++){
|
|
515
|
+
var f=cf[i];
|
|
516
|
+
var badges='';
|
|
517
|
+
if(f.finding.owaspAgentic)badges+='<span class="badge-owasp">'+esc(f.finding.owaspAgentic)+'</span>';
|
|
518
|
+
if(f.finding.mitreAtlas)badges+='<span class="badge-mitre">'+esc(f.finding.mitreAtlas)+'</span>';
|
|
519
|
+
h+='<tr><td>'+esc(f.finding.id)+'</td><td>'+esc(f.finding.title)+(badges?' '+badges:'')+'</td><td><span class="sev-badge sev-'+esc(f.finding.severity)+'">'+esc(f.finding.severity)+'</span></td><td>'+f.count+'</td><td>'+cmdBlock(f.finding.remediation)+'</td></tr>';
|
|
520
|
+
if(f.finding.description){
|
|
521
|
+
h+='<tr><td colspan="5" class="finding-desc">'+esc(f.finding.description)+'</td></tr>';
|
|
522
|
+
}
|
|
523
|
+
}
|
|
524
|
+
h+='</tbody></table></div>';
|
|
525
|
+
}
|
|
526
|
+
|
|
527
|
+
// ARP stats
|
|
528
|
+
var arp=shield.arpStats;
|
|
529
|
+
if(arp&&arp.totalEvents>0){
|
|
530
|
+
h+='<h2 class="section-title">Runtime Protection (ARP)</h2>';
|
|
531
|
+
h+='<div class="card"><div class="arp-grid">';
|
|
532
|
+
h+='<div class="arp-stat"><div class="arp-stat-value">'+arp.totalEvents+'</div><div class="arp-stat-label">Total Events</div></div>';
|
|
533
|
+
h+='<div class="arp-stat"><div class="arp-stat-value" style="color:var(--amber)">'+arp.anomalies+'</div><div class="arp-stat-label">Anomalies</div></div>';
|
|
534
|
+
h+='<div class="arp-stat"><div class="arp-stat-value" style="color:var(--red)">'+arp.violations+'</div><div class="arp-stat-label">Violations</div></div>';
|
|
535
|
+
h+='<div class="arp-stat"><div class="arp-stat-value">'+arp.processEvents+'</div><div class="arp-stat-label">Process</div></div>';
|
|
536
|
+
h+='<div class="arp-stat"><div class="arp-stat-value">'+arp.networkEvents+'</div><div class="arp-stat-label">Network</div></div>';
|
|
537
|
+
h+='<div class="arp-stat"><div class="arp-stat-value">'+arp.enforcements+'</div><div class="arp-stat-label">Enforcements</div></div>';
|
|
538
|
+
h+='</div></div>';
|
|
539
|
+
}else{
|
|
540
|
+
h+='<h2 class="section-title">Runtime Protection (ARP)</h2>';
|
|
541
|
+
h+='<div class="section-intro">ARP (Agent Runtime Protection) monitors process spawns, network connections, and file access in real time. It detects anomalous agent behavior before damage occurs.</div>';
|
|
542
|
+
h+='<div class="card"><div class="empty-state">No ARP events in the last 7 days. Start runtime monitoring:</div>'+cmdBlock('opena2a runtime start')+'</div>';
|
|
543
|
+
}
|
|
544
|
+
|
|
545
|
+
if(!shield.policyLoaded){
|
|
546
|
+
h+='<h2 class="section-title">Policy</h2>';
|
|
547
|
+
h+='<div class="cta-card"><div class="cta-title">No Security Policy</div><div class="cta-desc">Initialize Shield to enable adaptive security policy.</div>'+cmdBlock('opena2a shield init')+'</div>';
|
|
548
|
+
}
|
|
549
|
+
return h;
|
|
550
|
+
}
|
|
551
|
+
|
|
552
|
+
// ======================== HMA ========================
|
|
553
|
+
function renderHma(){
|
|
554
|
+
var hma=report.hmaData;
|
|
555
|
+
if(!hma||!hma.available){
|
|
556
|
+
var h='<div class="section-intro">HackMyAgent runs 150+ security checks against AI agent endpoints, testing for prompt injection, tool misuse, excessive agency, and OWASP Top 10 for LLM vulnerabilities.</div>';
|
|
557
|
+
h+='<div class="cta-card"><div class="cta-title">HackMyAgent Not Installed</div>';
|
|
558
|
+
h+='<div class="cta-desc">Install HMA to run comprehensive security scans against your AI agent.</div>';
|
|
559
|
+
h+=cmdBlock('npm install -g hackmyagent');
|
|
560
|
+
h+='<p style="color:var(--muted);font-size:13px;margin-top:12px;text-align:center">Then re-run: <code style="color:var(--primary)">opena2a review</code></p>';
|
|
561
|
+
h+='</div>';
|
|
562
|
+
return h;
|
|
563
|
+
}
|
|
564
|
+
var h='<div class="stats-grid">';
|
|
565
|
+
h+=statCard(hma.score+'/100','HMA Score',scoreColor(hma.score));
|
|
566
|
+
h+=statCard('Available','Status','var(--green)');
|
|
567
|
+
h+='</div>';
|
|
568
|
+
h+='<div class="card"><div class="empty-state">HMA is available. Run a full scan for detailed results:</div>'+cmdBlock('opena2a scan secure')+'</div>';
|
|
569
|
+
return h;
|
|
570
|
+
}
|
|
571
|
+
|
|
572
|
+
// Initial render
|
|
573
|
+
renderPage('overview');
|
|
574
|
+
})();
|
|
575
|
+
</script>
|
|
576
|
+
</body>
|
|
577
|
+
</html>`;
|
|
578
|
+
}
|
|
579
|
+
//# sourceMappingURL=review-html.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"review-html.js","sourceRoot":"","sources":["../../src/report/review-html.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;AAUH,gDA4iBC;AAljBD,SAAS,GAAG,CAAC,CAA4B;IACvC,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,CAAC;IAClB,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACxE,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC;AAED,SAAgB,kBAAkB,CAAC,MAAoB;IACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAEhE,OAAO;;;;;mCAK0B,GAAG,CAAC,MAAM,CAAC,WAAW,IAAI,SAAS,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;0FAyHmB,GAAG,CAAC,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,SAAS,CAAC;;+BAEtG,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC;;;;;;;;;;;;;;;;;;;mDAmBD,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAqZnD,CAAC;AACT,CAAC"}
|
package/dist/router.js
CHANGED
|
@@ -39,7 +39,7 @@ function classifyInput(argv) {
|
|
|
39
39
|
'scan', 'runtime', 'benchmark', 'crypto', 'secrets',
|
|
40
40
|
'identity', 'registry', 'research', 'hunt', 'train',
|
|
41
41
|
'guard', 'dlp', 'broker', 'config', 'self-register',
|
|
42
|
-
'verify', 'baselines',
|
|
42
|
+
'verify', 'baselines', 'review',
|
|
43
43
|
];
|
|
44
44
|
if (KNOWN_COMMANDS.includes(first)) {
|
|
45
45
|
return { type: 'subcommand', value: first, args: argv.slice(1) };
|
package/dist/router.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"router.js","sourceRoot":"","sources":["../src/router.ts"],"names":[],"mappings":";;AAsBA,sCA8CC;AAKD,0CAwFC;AAjKD,kDAAoD;AAEpD,sDAAgD;AAYhD;;;;;;;GAOG;AACH,SAAgB,aAAa,CAAC,IAAc;IAC1C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IACjD,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IAEtB,6BAA6B;IAC7B,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACtF,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAC3D,CAAC;IAED,wBAAwB;IACxB,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,GAAG,EAAE,CAAC;QAC3C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACtF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAC5D,CAAC;IAED,yFAAyF;IACzF,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACnD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QACpD,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IACxD,CAAC;IAED,mBAAmB;IACnB,MAAM,cAAc,GAAG;QACrB,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS;QAC/C,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS;QACnD,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO;QACnD,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,eAAe;QACnD,QAAQ,EAAE,WAAW;
|
|
1
|
+
{"version":3,"file":"router.js","sourceRoot":"","sources":["../src/router.ts"],"names":[],"mappings":";;AAsBA,sCA8CC;AAKD,0CAwFC;AAjKD,kDAAoD;AAEpD,sDAAgD;AAYhD;;;;;;;GAOG;AACH,SAAgB,aAAa,CAAC,IAAc;IAC1C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IACjD,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;IAEtB,6BAA6B;IAC7B,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACtF,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAC3D,CAAC;IAED,wBAAwB;IACxB,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,GAAG,EAAE,CAAC;QAC3C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACtF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAC5D,CAAC;IAED,yFAAyF;IACzF,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACnD,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QACpD,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IACxD,CAAC;IAED,mBAAmB;IACnB,MAAM,cAAc,GAAG;QACrB,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS;QAC/C,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS;QACnD,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO;QACnD,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,eAAe;QACnD,QAAQ,EAAE,WAAW,EAAE,QAAQ;KAChC,CAAC;IAEF,IAAI,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IACnE,CAAC;IAED,8CAA8C;IAC9C,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpB,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;IAC9D,CAAC;IAED,wCAAwC;IACxC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC;AACpD,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,eAAe,CACnC,OAAe,EACf,IAAc,EACd,gBAAqC,EAAE;IAEvC,mFAAmF;IACnF,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAC3C,OAAO,IAAA,oBAAO,EAAC;YACb,SAAS;YACT,MAAM,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;YAClC,OAAO,EAAE,aAAa,CAAC,OAAO,IAAI,KAAK;YACvC,EAAE,EAAE,aAAa,CAAC,EAAE,IAAI,KAAK;YAC7B,MAAM,EAAG,aAAa,CAAC,MAA0B,IAAI,MAAM;YAC3D,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;QACpD,OAAO,IAAI,CAAC;YACV,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,GAAG,EAAE;YACnC,EAAE,EAAE,aAAa,CAAC,EAAE,IAAI,KAAK;YAC7B,MAAM,EAAG,aAAa,CAAC,MAA0B,IAAI,MAAM;YAC3D,OAAO,EAAE,aAAa,CAAC,OAAO,IAAI,KAAK;SACxC,CAAC,CAAC;IACL,CAAC;IAED,wCAAwC;IACxC,IAAI,OAAO,KAAK,OAAO,EAAE,CAAC;QACxB,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,CAAC;QACtD,MAAM,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC;QACvC,OAAO,KAAK,CAAC;YACX,UAAU,EAAE,UAAqD;YACjE,SAAS,EAAE,OAAO,CAAC,GAAG,EAAE;YACxB,EAAE,EAAE,aAAa,CAAC,EAAE,IAAI,KAAK;YAC7B,MAAM,EAAG,aAAa,CAAC,MAA0B,IAAI,MAAM;YAC3D,OAAO,EAAE,aAAa,CAAC,OAAO,IAAI,KAAK;YACvC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;SACpB,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;QAC1D,MAAM,UAAU,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC;QACvC,OAAO,OAAO,CAAC;YACb,UAAU,EAAE,UAAkD;YAC9D,SAAS,EAAE,OAAO,CAAC,GAAG,EAAE;YACxB,EAAE,EAAE,aAAa,CAAC,EAAE,IAAI,KAAK;YAC7B,MAAM,EAAG,aAAa,CAAC,MAA0B,IAAI,MAAM;YAC3D,OAAO,EAAE,aAAa,CAAC,OAAO,IAAI,KAAK;SACxC,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,UAAU,GAA+D;QAC7E,KAAK,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE;QACnD,MAAM,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE;QACpD,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC,OAAO,CAAC,EAAE;KACzD,CAAC;IAEF,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,WAAW,GAAG,MAAM,EAAE,OAAO,IAAI,OAAO,CAAC;IAC/C,MAAM,WAAW,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAErE,MAAM,OAAO,GAAG,IAAA,wBAAa,EAAC,WAAW,CAAC,CAAC;IAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,OAAO,IAAI,CAAC,CAAC;QACtD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QACvE,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,sBAAsB,CAAC,CAAC;QACnE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,OAAO,CAAC,MAAM,CAAC,WAAW,IAAI,OAAO,CAAC,MAAM,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC;QACjI,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAC/B,IAAI,EAAE,WAAW;QACjB,GAAG,aAAa;QAChB,GAAG,EAAE,aAAa,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE;KACxC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC,QAAQ,CAAC;AACzB,CAAC"}
|