opena2a-cli 0.8.10 → 0.8.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -3
- package/dist/commands/guard-harden.d.ts.map +1 -1
- package/dist/commands/guard-harden.js +27 -0
- package/dist/commands/guard-harden.js.map +1 -1
- package/dist/commands/harden-skill.d.ts +17 -0
- package/dist/commands/harden-skill.d.ts.map +1 -0
- package/dist/commands/harden-skill.js +371 -0
- package/dist/commands/harden-skill.js.map +1 -0
- package/dist/commands/identity.d.ts.map +1 -1
- package/dist/commands/identity.js +123 -20
- package/dist/commands/identity.js.map +1 -1
- package/dist/commands/init.js +2 -2
- package/dist/commands/setup.d.ts +10 -0
- package/dist/commands/setup.d.ts.map +1 -0
- package/dist/commands/setup.js +296 -0
- package/dist/commands/setup.js.map +1 -0
- package/dist/commands/soul.d.ts +1 -0
- package/dist/commands/soul.d.ts.map +1 -1
- package/dist/commands/soul.js +43 -2
- package/dist/commands/soul.js.map +1 -1
- package/dist/commands/watch.d.ts +15 -0
- package/dist/commands/watch.d.ts.map +1 -0
- package/dist/commands/watch.js +123 -0
- package/dist/commands/watch.js.map +1 -0
- package/dist/guided/wizard.js +1 -1
- package/dist/index.js +76 -14
- package/dist/index.js.map +1 -1
- package/dist/natural/llm-fallback.js +1 -1
- package/dist/report/review-html.js +1 -1
- package/dist/router.d.ts.map +1 -1
- package/dist/router.js +13 -1
- package/dist/router.js.map +1 -1
- package/dist/scanners/skillguard-checks.d.ts +43 -0
- package/dist/scanners/skillguard-checks.d.ts.map +1 -0
- package/dist/scanners/skillguard-checks.js +354 -0
- package/dist/scanners/skillguard-checks.js.map +1 -0
- package/dist/semantic/command-index.json +1 -1
- package/dist/util/aim-client.d.ts +15 -1
- package/dist/util/aim-client.d.ts.map +1 -1
- package/dist/util/aim-client.js +38 -6
- package/dist/util/aim-client.js.map +1 -1
- package/dist/util/report-submission.d.ts.map +1 -1
- package/dist/util/report-submission.js +26 -1
- package/dist/util/report-submission.js.map +1 -1
- package/package.json +2 -1
package/README.md
CHANGED
|
@@ -8,7 +8,7 @@ npx opena2a-cli review
|
|
|
8
8
|
```
|
|
9
9
|
|
|
10
10
|
```
|
|
11
|
-
OpenA2A Security Review v0.
|
|
11
|
+
OpenA2A Security Review v0.8.11
|
|
12
12
|
|
|
13
13
|
Findings
|
|
14
14
|
-----------------------------------------------
|
|
@@ -44,15 +44,19 @@ opena2a # Interactive guided wizard (no args)
|
|
|
44
44
|
|
|
45
45
|
| Command | What it does |
|
|
46
46
|
|---------|-------------|
|
|
47
|
+
| `opena2a setup` | One-command onboarding — auth, identity, MCP discovery, trust score |
|
|
47
48
|
| `opena2a review` | Full security dashboard — HTML report, 6-phase assessment |
|
|
48
49
|
| `opena2a detect` | Find shadow AI agents, MCP servers, AI configs. Governance score. |
|
|
49
50
|
| `opena2a detect --report` | Executive HTML report |
|
|
50
51
|
| `opena2a detect --export-csv` | Asset inventory for CMDB/ServiceNow |
|
|
51
52
|
| `opena2a init` | Read-only security assessment with trust score |
|
|
52
53
|
| `opena2a protect` | Fix everything — credentials, .gitignore, config signing |
|
|
54
|
+
| `opena2a watch` | Live tail of agent activity events |
|
|
53
55
|
| `opena2a identity create` | Cryptographic identity for your project |
|
|
56
|
+
| `opena2a identity mcp attach` | Auto-discover and attach MCP servers |
|
|
57
|
+
| `opena2a identity integrate` | Wire security tools to identity (audit + trust) |
|
|
54
58
|
| `opena2a harden-soul` | Generate SOUL.md governance rules |
|
|
55
|
-
| `opena2a scan` |
|
|
59
|
+
| `opena2a scan` | 204 security checks via HackMyAgent |
|
|
56
60
|
| `opena2a mcp audit` | Audit MCP server configurations with trust scores |
|
|
57
61
|
| `opena2a guard sign` | Sign config files for tamper detection |
|
|
58
62
|
| `opena2a shield init` | Full security setup — all of the above, one command |
|
|
@@ -65,7 +69,7 @@ Each command routes to a specialized tool, installed on first use:
|
|
|
65
69
|
|---------|------|-------------|
|
|
66
70
|
| `detect` | Shadow AI | Discover AI agents, MCP servers, AI configs |
|
|
67
71
|
| `identity` | [AIM](https://github.com/opena2a-org/agent-identity-management) | Cryptographic identity, audit logs, trust scoring |
|
|
68
|
-
| `scan` | [HackMyAgent](https://github.com/opena2a-org/hackmyagent) |
|
|
72
|
+
| `scan` | [HackMyAgent](https://github.com/opena2a-org/hackmyagent) | 204 security checks, attack simulation, auto-fix |
|
|
69
73
|
| `secrets` | [Secretless AI](https://github.com/opena2a-org/secretless-ai) | Credential management for AI coding tools |
|
|
70
74
|
| `mcp` | MCP Security | Audit, sign, and verify MCP server configurations |
|
|
71
75
|
| `benchmark` | [OASB](https://github.com/opena2a-org/open-agent-security-benchmark) | 222 attack scenarios, compliance scoring |
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guard-harden.d.ts","sourceRoot":"","sources":["../../src/commands/guard-harden.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"guard-harden.d.ts","sourceRoot":"","sources":["../../src/commands/guard-harden.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAQH,MAAM,WAAW,aAAa;IAC5B,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AA4BD,wBAAsB,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAgL5F"}
|
|
@@ -40,6 +40,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
40
40
|
exports.guardHarden = guardHarden;
|
|
41
41
|
const path = __importStar(require("node:path"));
|
|
42
42
|
const colors_js_1 = require("../util/colors.js");
|
|
43
|
+
const skillguard_checks_js_1 = require("../scanners/skillguard-checks.js");
|
|
43
44
|
// --- Main ---
|
|
44
45
|
async function guardHarden(targetDir, options) {
|
|
45
46
|
const resolvedDir = path.resolve(targetDir);
|
|
@@ -108,6 +109,32 @@ async function guardHarden(targetDir, options) {
|
|
|
108
109
|
}
|
|
109
110
|
return 1;
|
|
110
111
|
}
|
|
112
|
+
// Run extended skill checks (SKILL-020 through SKILL-024)
|
|
113
|
+
if (includeSkills) {
|
|
114
|
+
try {
|
|
115
|
+
const extendedFindings = (0, skillguard_checks_js_1.scanSkillDirectory)(resolvedDir);
|
|
116
|
+
for (const ef of extendedFindings) {
|
|
117
|
+
// Avoid duplicates if HMA already reported the same check ID for same file
|
|
118
|
+
const isDuplicate = (scanResult.findings ?? []).some((f) => f.checkId === ef.id && f.file === ef.filePath);
|
|
119
|
+
if (!isDuplicate) {
|
|
120
|
+
scanResult.findings = scanResult.findings ?? [];
|
|
121
|
+
scanResult.findings.push({
|
|
122
|
+
checkId: ef.id,
|
|
123
|
+
severity: ef.severity,
|
|
124
|
+
name: ef.title,
|
|
125
|
+
description: ef.description,
|
|
126
|
+
fixable: ef.autoFixable,
|
|
127
|
+
passed: false,
|
|
128
|
+
message: ef.description,
|
|
129
|
+
file: ef.filePath,
|
|
130
|
+
});
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
catch {
|
|
135
|
+
// Extended checks are best-effort; failures do not block the scan
|
|
136
|
+
}
|
|
137
|
+
}
|
|
111
138
|
// Filter findings to only SKILL-* and HEARTBEAT-* checks
|
|
112
139
|
const allFindings = (scanResult.findings ?? [])
|
|
113
140
|
.filter((f) => allowPrefixes.some(p => f.checkId?.startsWith(p)))
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guard-harden.js","sourceRoot":"","sources":["../../src/commands/guard-harden.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"guard-harden.js","sourceRoot":"","sources":["../../src/commands/guard-harden.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA4CH,kCAgLC;AA1ND,gDAAkC;AAClC,iDAAwE;AACxE,2EAAyF;AAsCzF,eAAe;AAER,KAAK,UAAU,WAAW,CAAC,SAAiB,EAAE,OAAsB;IACzE,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC5C,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,MAAM,CAAC;IACzC,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,KAAK,KAAK,CAAC;IAC/C,MAAM,iBAAiB,GAAG,OAAO,CAAC,UAAU,KAAK,KAAK,CAAC;IAEvD,gCAAgC;IAChC,IAAI,GAAQ,CAAC;IACb,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,GAAG,GAAG,qFAAqF,CAAC;QAClG,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,gFAAgF;IAChF,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,IAAI,aAAa;QAAE,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,iBAAiB;QAAE,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAExD,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,mEAAmE,CAAC;QAChF,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC,CAAC;QACpC,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,eAAe;IACf,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAE3C,6EAA6E;IAC7E,MAAM,WAAW,GAAG;QAClB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO;QAC5D,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK;QAClE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ;QAC9D,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS;QAChE,SAAS,EAAE,MAAM;KAClB,CAAC;IACF,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAC/C,CAAC;IAEF,IAAI,UAAe,CAAC;IACpB,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;YAC9B,SAAS,EAAE,WAAW;YACtB,OAAO,EAAE,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,IAAI,KAAK;YAC/C,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;YAC/B,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,SAAS;SACnB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC;QAClB,MAAM,GAAG,GAAG,gBAAgB,GAAG,EAAE,OAAO,IAAI,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC;QAC5D,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,0DAA0D;IAC1D,IAAI,aAAa,EAAE,CAAC;QAClB,IAAI,CAAC;YACH,MAAM,gBAAgB,GAAG,IAAA,yCAAkB,EAAC,WAAW,CAAC,CAAC;YACzD,KAAK,MAAM,EAAE,IAAI,gBAAgB,EAAE,CAAC;gBAClC,2EAA2E;gBAC3E,MAAM,WAAW,GAAG,CAAC,UAAU,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,IAAI,CAClD,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC,QAAQ,CAC1D,CAAC;gBACF,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,UAAU,CAAC,QAAQ,GAAG,UAAU,CAAC,QAAQ,IAAI,EAAE,CAAC;oBAChD,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;wBACvB,OAAO,EAAE,EAAE,CAAC,EAAE;wBACd,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,IAAI,EAAE,EAAE,CAAC,KAAK;wBACd,WAAW,EAAE,EAAE,CAAC,WAAW;wBAC3B,OAAO,EAAE,EAAE,CAAC,WAAW;wBACvB,MAAM,EAAE,KAAK;wBACb,OAAO,EAAE,EAAE,CAAC,WAAW;wBACvB,IAAI,EAAE,EAAE,CAAC,QAAQ;qBAClB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,kEAAkE;QACpE,CAAC;IACH,CAAC;IAED,yDAAyD;IACzD,MAAM,WAAW,GAAoB,CAAC,UAAU,CAAC,QAAQ,IAAI,EAAE,CAAC;SAC7D,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;SACrE,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;QAChB,OAAO,EAAE,CAAC,CAAC,OAAO;QAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,OAAO;QAC1C,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,KAAK;QAC3B,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,KAAK;QACvB,QAAQ,EAAE,CAAC,CAAC,QAAQ,IAAI,KAAK;QAC7B,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,WAAW,IAAI,EAAE;QACzC,IAAI,EAAE,CAAC,CAAC,IAAI;KACb,CAAC,CAAC,CAAC;IAEN,2CAA2C;IAC3C,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,4DAA4D;QAC5D,MAAM,cAAc,GAAG,CAAC,UAAU,CAAC,WAAW,IAAI,EAAE,CAAC;aAClD,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC;QAErF,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChC,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;oBAClC,QAAQ,EAAE,EAAE;oBACZ,OAAO,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE;oBAC7D,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,0CAA0C;iBACpD,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YACtB,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;YACrE,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED,oBAAoB;QACpB,MAAM,OAAO,GAAkB,EAAE,OAAO,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,MAAM,EAAE,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;QACxG,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAChG,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,gBAAI,EAAC,yBAAyB,CAAC,GAAG,MAAM,CAAC,CAAC;YAC/D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,iBAAK,EAAC,SAAS,cAAc,CAAC,MAAM,iBAAiB,CAAC,GAAG,MAAM,CAAC,CAAC;QACxF,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,sBAAsB;IACtB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;IAC9C,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACvD,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACzE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACtF,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAEvE,MAAM,OAAO,GAAkB;QAC7B,OAAO,EAAE,eAAe,CAAC,MAAM,GAAG,gBAAgB,CAAC,MAAM;QACzD,YAAY,EAAE,cAAc,CAAC,MAAM;QACnC,MAAM,EAAE,CAAC;QACT,KAAK,EAAE,aAAa,CAAC,MAAM;KAC5B,CAAC;IAEF,sDAAsD;IACtD,MAAM,WAAW,GAAG,CAAC,UAAU,CAAC,WAAW,IAAI,EAAE,CAAC;SAC/C,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;SACjF,MAAM,CAAC;IACV,OAAO,CAAC,MAAM,GAAG,WAAW,CAAC;IAE7B,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,MAAM,GAAiB;YAC3B,QAAQ,EAAE,WAAW;YACrB,OAAO;YACP,KAAK,EAAE,MAAM,IAAI,KAAK;SACvB,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,mDAAmD;IACnD,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC;IACjE,OAAO,eAAe,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACrC,CAAC;AAED,0BAA0B;AAE1B,SAAS,gBAAgB,CAAC,QAAyB,EAAE,OAAsB,EAAE,OAAsB;IACjG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,gBAAI,EAAC,yBAAyB,CAAC,GAAG,MAAM,CAAC,CAAC;IAE/D,yBAAyB;IACzB,MAAM,MAAM,GAAG,IAAI,GAAG,EAA2B,CAAC;IAClD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,IAAI,WAAW,CAAC;QAClC,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACb,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,MAAM,EAAE,CAAC;QAC1C,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAClD,MAAM,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC;QAElC,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,IAAA,iBAAK,EAAC,OAAO,CAAC,UAAU,IAAA,eAAG,EAAC,IAAI,KAAK,SAAS,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;QACnI,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,IAAA,kBAAM,EAAC,GAAG,KAAK,WAAW,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;QACxG,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;YAC7B,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,eAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,kBAAM,CAAC,CAAC,CAAC,eAAG,CAAC;YACxF,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;YAEjD,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAA,iBAAK,EAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;YACvF,CAAC;iBAAM,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;gBACtB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,IAAA,gBAAI,EAAC,aAAa,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;YAC3F,CAAC;iBAAM,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;gBACrB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,OAAO,IAAA,eAAG,EAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAC3F,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,OAAO,IAAA,eAAG,EAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;YACpG,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE3B,eAAe;IACf,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,OAAO,CAAC,KAAK,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,IAAA,iBAAK,EAAC,GAAG,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC;IACnE,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,IAAA,kBAAM,EAAC,GAAG,OAAO,CAAC,OAAO,UAAU,CAAC,CAAC,CAAC;IAC1E,IAAI,OAAO,CAAC,YAAY,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,IAAA,eAAG,EAAC,GAAG,OAAO,CAAC,YAAY,gBAAgB,CAAC,CAAC,CAAC;IACvF,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,IAAA,eAAG,EAAC,GAAG,OAAO,CAAC,MAAM,SAAS,CAAC,CAAC,CAAC;IAEpE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAExD,IAAI,OAAO,CAAC,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACxC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,mCAAmC,CAAC,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,mCAAmC,CAAC,CAAC,CAAC;IACjE,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* harden-skill -- Analyze a skill file for weaknesses and generate a hardened version.
|
|
3
|
+
*
|
|
4
|
+
* Reads a .skill.md or SKILL.md file, analyzes for missing frontmatter,
|
|
5
|
+
* overprivileged capabilities, and missing integrity pins, then generates
|
|
6
|
+
* a hardened version with complete YAML frontmatter, permission boundaries,
|
|
7
|
+
* and a SHA-256 integrity pin.
|
|
8
|
+
*/
|
|
9
|
+
export interface HardenSkillOptions {
|
|
10
|
+
file?: string;
|
|
11
|
+
dryRun?: boolean;
|
|
12
|
+
ci?: boolean;
|
|
13
|
+
format?: string;
|
|
14
|
+
verbose?: boolean;
|
|
15
|
+
}
|
|
16
|
+
export declare function hardenSkill(options: HardenSkillOptions): Promise<number>;
|
|
17
|
+
//# sourceMappingURL=harden-skill.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"harden-skill.d.ts","sourceRoot":"","sources":["../../src/commands/harden-skill.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAeH,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAoCD,wBAAsB,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,CAiE9E"}
|
|
@@ -0,0 +1,371 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* harden-skill -- Analyze a skill file for weaknesses and generate a hardened version.
|
|
4
|
+
*
|
|
5
|
+
* Reads a .skill.md or SKILL.md file, analyzes for missing frontmatter,
|
|
6
|
+
* overprivileged capabilities, and missing integrity pins, then generates
|
|
7
|
+
* a hardened version with complete YAML frontmatter, permission boundaries,
|
|
8
|
+
* and a SHA-256 integrity pin.
|
|
9
|
+
*/
|
|
10
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
11
|
+
if (k2 === undefined) k2 = k;
|
|
12
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
13
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
14
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
15
|
+
}
|
|
16
|
+
Object.defineProperty(o, k2, desc);
|
|
17
|
+
}) : (function(o, m, k, k2) {
|
|
18
|
+
if (k2 === undefined) k2 = k;
|
|
19
|
+
o[k2] = m[k];
|
|
20
|
+
}));
|
|
21
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
22
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
23
|
+
}) : function(o, v) {
|
|
24
|
+
o["default"] = v;
|
|
25
|
+
});
|
|
26
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
27
|
+
var ownKeys = function(o) {
|
|
28
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
29
|
+
var ar = [];
|
|
30
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
31
|
+
return ar;
|
|
32
|
+
};
|
|
33
|
+
return ownKeys(o);
|
|
34
|
+
};
|
|
35
|
+
return function (mod) {
|
|
36
|
+
if (mod && mod.__esModule) return mod;
|
|
37
|
+
var result = {};
|
|
38
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
39
|
+
__setModuleDefault(result, mod);
|
|
40
|
+
return result;
|
|
41
|
+
};
|
|
42
|
+
})();
|
|
43
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
44
|
+
exports.hardenSkill = hardenSkill;
|
|
45
|
+
const fs = __importStar(require("node:fs"));
|
|
46
|
+
const path = __importStar(require("node:path"));
|
|
47
|
+
const node_crypto_1 = require("node:crypto");
|
|
48
|
+
const colors_js_1 = require("../util/colors.js");
|
|
49
|
+
const skillguard_checks_js_1 = require("../scanners/skillguard-checks.js");
|
|
50
|
+
// --- Permission boundary defaults ---
|
|
51
|
+
const CAPABILITY_BOUNDARIES = {
|
|
52
|
+
'filesystem:*': {
|
|
53
|
+
filesystem: {
|
|
54
|
+
read: ['./data/**', './config/**'],
|
|
55
|
+
write: ['./output/**'],
|
|
56
|
+
},
|
|
57
|
+
},
|
|
58
|
+
'filesystem:read': {
|
|
59
|
+
filesystem: { read: ['./data/**'] },
|
|
60
|
+
},
|
|
61
|
+
'filesystem:write': {
|
|
62
|
+
filesystem: { write: ['./output/**'] },
|
|
63
|
+
},
|
|
64
|
+
'network:outbound': {
|
|
65
|
+
network: { outbound: ['https://api.example.com'] },
|
|
66
|
+
},
|
|
67
|
+
'credential:read': {
|
|
68
|
+
credential: { read: ['$APPROVED_API_KEY'] },
|
|
69
|
+
},
|
|
70
|
+
};
|
|
71
|
+
// --- Main ---
|
|
72
|
+
async function hardenSkill(options) {
|
|
73
|
+
const isJson = options.format === 'json';
|
|
74
|
+
// Find the skill file
|
|
75
|
+
let filePath;
|
|
76
|
+
let targetDir;
|
|
77
|
+
if (options.file) {
|
|
78
|
+
filePath = path.resolve(options.file);
|
|
79
|
+
targetDir = path.dirname(filePath);
|
|
80
|
+
if (!fs.existsSync(filePath)) {
|
|
81
|
+
const msg = `File not found: ${filePath}\n`;
|
|
82
|
+
if (isJson) {
|
|
83
|
+
process.stdout.write(JSON.stringify({ error: msg.trim() }, null, 2) + '\n');
|
|
84
|
+
}
|
|
85
|
+
else {
|
|
86
|
+
process.stderr.write((0, colors_js_1.red)(msg));
|
|
87
|
+
}
|
|
88
|
+
return 1;
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
else {
|
|
92
|
+
// Auto-detect skill files in current directory
|
|
93
|
+
targetDir = process.cwd();
|
|
94
|
+
const skillFiles = (0, skillguard_checks_js_1.findSkillFiles)(targetDir, 0);
|
|
95
|
+
if (skillFiles.length === 0) {
|
|
96
|
+
const msg = 'No skill files found. Specify a file with --file or create one with: opena2a skill create\n';
|
|
97
|
+
if (isJson) {
|
|
98
|
+
process.stdout.write(JSON.stringify({ error: msg.trim() }, null, 2) + '\n');
|
|
99
|
+
}
|
|
100
|
+
else {
|
|
101
|
+
process.stderr.write((0, colors_js_1.yellow)(msg));
|
|
102
|
+
}
|
|
103
|
+
return 1;
|
|
104
|
+
}
|
|
105
|
+
if (skillFiles.length > 1 && !options.ci) {
|
|
106
|
+
process.stdout.write(`Found ${skillFiles.length} skill files. Hardening all:\n`);
|
|
107
|
+
for (const f of skillFiles) {
|
|
108
|
+
process.stdout.write(` ${path.relative(targetDir, f)}\n`);
|
|
109
|
+
}
|
|
110
|
+
process.stdout.write('\n');
|
|
111
|
+
}
|
|
112
|
+
// Process all found skill files
|
|
113
|
+
const results = [];
|
|
114
|
+
let hasIssues = false;
|
|
115
|
+
for (const sf of skillFiles) {
|
|
116
|
+
const result = hardenSingleFile(sf, targetDir, options);
|
|
117
|
+
results.push(result);
|
|
118
|
+
if (result.findings.length > 0)
|
|
119
|
+
hasIssues = true;
|
|
120
|
+
}
|
|
121
|
+
if (isJson) {
|
|
122
|
+
process.stdout.write(JSON.stringify(results.length === 1 ? results[0] : results, null, 2) + '\n');
|
|
123
|
+
}
|
|
124
|
+
else {
|
|
125
|
+
for (const result of results) {
|
|
126
|
+
formatTextResult(result, options);
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
return hasIssues ? 0 : 0; // Always succeed; findings are informational
|
|
130
|
+
}
|
|
131
|
+
const result = hardenSingleFile(filePath, targetDir, options);
|
|
132
|
+
if (isJson) {
|
|
133
|
+
process.stdout.write(JSON.stringify(result, null, 2) + '\n');
|
|
134
|
+
}
|
|
135
|
+
else {
|
|
136
|
+
formatTextResult(result, options);
|
|
137
|
+
}
|
|
138
|
+
return 0;
|
|
139
|
+
}
|
|
140
|
+
// --- Core hardening logic ---
|
|
141
|
+
function hardenSingleFile(filePath, targetDir, options) {
|
|
142
|
+
const relativePath = path.relative(targetDir, filePath);
|
|
143
|
+
const content = fs.readFileSync(filePath, 'utf-8');
|
|
144
|
+
const fm = (0, skillguard_checks_js_1.parseFrontmatter)(content);
|
|
145
|
+
const findings = (0, skillguard_checks_js_1.scanSkillFile)(filePath, targetDir);
|
|
146
|
+
const changes = [];
|
|
147
|
+
// Build hardened frontmatter
|
|
148
|
+
const name = fm.fields.name ?? deriveSkillName(filePath);
|
|
149
|
+
const version = fm.fields.version ?? '1.0.0';
|
|
150
|
+
const description = fm.fields.description ?? '';
|
|
151
|
+
const capabilities = Array.isArray(fm.fields.capabilities)
|
|
152
|
+
? fm.fields.capabilities
|
|
153
|
+
: [];
|
|
154
|
+
// Track what we changed
|
|
155
|
+
if (!fm.valid) {
|
|
156
|
+
changes.push('Added YAML frontmatter');
|
|
157
|
+
}
|
|
158
|
+
else {
|
|
159
|
+
if (!fm.fields.name)
|
|
160
|
+
changes.push('Added missing name field');
|
|
161
|
+
if (!fm.fields.version)
|
|
162
|
+
changes.push('Added missing version field');
|
|
163
|
+
if (!fm.fields.capabilities)
|
|
164
|
+
changes.push('Added missing capabilities field');
|
|
165
|
+
}
|
|
166
|
+
// Build permissions with boundaries
|
|
167
|
+
let permissions = {};
|
|
168
|
+
if (fm.valid && fm.fields.permissions && typeof fm.fields.permissions === 'object') {
|
|
169
|
+
permissions = fm.fields.permissions;
|
|
170
|
+
}
|
|
171
|
+
// Add permission boundaries for overprivileged capabilities
|
|
172
|
+
for (const cap of capabilities) {
|
|
173
|
+
if (cap in CAPABILITY_BOUNDARIES && !hasExistingBoundary(permissions, cap)) {
|
|
174
|
+
const boundary = CAPABILITY_BOUNDARIES[cap];
|
|
175
|
+
for (const [domain, perms] of Object.entries(boundary)) {
|
|
176
|
+
if (!permissions[domain])
|
|
177
|
+
permissions[domain] = {};
|
|
178
|
+
for (const [action, paths] of Object.entries(perms)) {
|
|
179
|
+
if (!permissions[domain][action]) {
|
|
180
|
+
permissions[domain][action] = paths;
|
|
181
|
+
changes.push(`Added permission boundary: ${domain}.${action}`);
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
// Replace filesystem:* with scoped capabilities
|
|
188
|
+
const hardenedCapabilities = capabilities.map(cap => {
|
|
189
|
+
if (cap === 'filesystem:*') {
|
|
190
|
+
changes.push('Replaced filesystem:* with scoped filesystem:read + filesystem:write');
|
|
191
|
+
return null; // Will be replaced
|
|
192
|
+
}
|
|
193
|
+
return cap;
|
|
194
|
+
}).filter(Boolean);
|
|
195
|
+
if (capabilities.includes('filesystem:*')) {
|
|
196
|
+
if (!hardenedCapabilities.includes('filesystem:read'))
|
|
197
|
+
hardenedCapabilities.push('filesystem:read');
|
|
198
|
+
if (!hardenedCapabilities.includes('filesystem:write'))
|
|
199
|
+
hardenedCapabilities.push('filesystem:write');
|
|
200
|
+
}
|
|
201
|
+
// Add maxIterations for tool:chain if missing
|
|
202
|
+
let maxIterations;
|
|
203
|
+
if (hardenedCapabilities.some(c => c.includes('tool:chain'))) {
|
|
204
|
+
const hasLimit = fm.valid && (fm.raw.includes('maxIterations') || fm.raw.includes('iterationLimit'));
|
|
205
|
+
if (!hasLimit) {
|
|
206
|
+
maxIterations = 10;
|
|
207
|
+
changes.push('Added maxIterations: 10 for tool:chain safety');
|
|
208
|
+
}
|
|
209
|
+
}
|
|
210
|
+
// Generate hardened content
|
|
211
|
+
const hardenedContent = generateHardenedContent({
|
|
212
|
+
name,
|
|
213
|
+
version,
|
|
214
|
+
description,
|
|
215
|
+
capabilities: hardenedCapabilities,
|
|
216
|
+
permissions,
|
|
217
|
+
maxIterations,
|
|
218
|
+
body: fm.body || content.replace(/^---[\s\S]*?---\s*/, ''),
|
|
219
|
+
originalFrontmatter: fm,
|
|
220
|
+
});
|
|
221
|
+
// Compute SHA-256 hash
|
|
222
|
+
const hash = (0, node_crypto_1.createHash)('sha256').update(hardenedContent).digest('hex');
|
|
223
|
+
changes.push(`Integrity pin: SHA-256 ${hash.slice(0, 16)}...`);
|
|
224
|
+
// Write if not dry-run
|
|
225
|
+
let written = false;
|
|
226
|
+
if (!options.dryRun) {
|
|
227
|
+
fs.writeFileSync(filePath, hardenedContent, 'utf-8');
|
|
228
|
+
written = true;
|
|
229
|
+
}
|
|
230
|
+
return {
|
|
231
|
+
file: relativePath,
|
|
232
|
+
findings,
|
|
233
|
+
changes,
|
|
234
|
+
content: options.dryRun ? hardenedContent : '',
|
|
235
|
+
hash,
|
|
236
|
+
written,
|
|
237
|
+
};
|
|
238
|
+
}
|
|
239
|
+
function generateHardenedContent(opts) {
|
|
240
|
+
const lines = ['---'];
|
|
241
|
+
lines.push(`name: ${opts.name}`);
|
|
242
|
+
if (opts.description) {
|
|
243
|
+
lines.push(`description: ${opts.description}`);
|
|
244
|
+
}
|
|
245
|
+
lines.push(`version: ${opts.version}`);
|
|
246
|
+
// Capabilities
|
|
247
|
+
if (opts.capabilities.length > 0) {
|
|
248
|
+
lines.push('capabilities:');
|
|
249
|
+
for (const cap of opts.capabilities) {
|
|
250
|
+
lines.push(` - ${cap}`);
|
|
251
|
+
}
|
|
252
|
+
}
|
|
253
|
+
else {
|
|
254
|
+
lines.push('capabilities: []');
|
|
255
|
+
}
|
|
256
|
+
// Permissions
|
|
257
|
+
if (Object.keys(opts.permissions).length > 0) {
|
|
258
|
+
lines.push('permissions:');
|
|
259
|
+
for (const [domain, perms] of Object.entries(opts.permissions)) {
|
|
260
|
+
lines.push(` ${domain}:`);
|
|
261
|
+
for (const [action, paths] of Object.entries(perms)) {
|
|
262
|
+
lines.push(` ${action}:`);
|
|
263
|
+
if (Array.isArray(paths)) {
|
|
264
|
+
for (const p of paths) {
|
|
265
|
+
lines.push(` - "${p}"`);
|
|
266
|
+
}
|
|
267
|
+
}
|
|
268
|
+
}
|
|
269
|
+
}
|
|
270
|
+
}
|
|
271
|
+
else {
|
|
272
|
+
lines.push('permissions: {}');
|
|
273
|
+
}
|
|
274
|
+
// Max iterations for tool:chain
|
|
275
|
+
if (opts.maxIterations !== undefined) {
|
|
276
|
+
lines.push(`maxIterations: ${opts.maxIterations}`);
|
|
277
|
+
}
|
|
278
|
+
// Preserve extra frontmatter fields from original
|
|
279
|
+
const preserveFields = ['dependencies', 'tools', 'heartbeat', 'author', 'license', 'tags'];
|
|
280
|
+
for (const field of preserveFields) {
|
|
281
|
+
if (opts.originalFrontmatter.valid && field in opts.originalFrontmatter.fields) {
|
|
282
|
+
const val = opts.originalFrontmatter.fields[field];
|
|
283
|
+
if (Array.isArray(val)) {
|
|
284
|
+
if (val.length === 0) {
|
|
285
|
+
lines.push(`${field}: []`);
|
|
286
|
+
}
|
|
287
|
+
else {
|
|
288
|
+
lines.push(`${field}:`);
|
|
289
|
+
for (const item of val) {
|
|
290
|
+
lines.push(` - ${item}`);
|
|
291
|
+
}
|
|
292
|
+
}
|
|
293
|
+
}
|
|
294
|
+
else if (typeof val === 'object' && val !== null) {
|
|
295
|
+
lines.push(`${field}:`);
|
|
296
|
+
for (const [k, v] of Object.entries(val)) {
|
|
297
|
+
lines.push(` ${k}: ${v}`);
|
|
298
|
+
}
|
|
299
|
+
}
|
|
300
|
+
else {
|
|
301
|
+
lines.push(`${field}: ${val}`);
|
|
302
|
+
}
|
|
303
|
+
}
|
|
304
|
+
}
|
|
305
|
+
// Compute and embed integrity hash
|
|
306
|
+
const bodyContent = opts.body.trim();
|
|
307
|
+
const preHashContent = lines.join('\n') + '\n---\n\n' + bodyContent + '\n';
|
|
308
|
+
const hash = (0, node_crypto_1.createHash)('sha256').update(preHashContent).digest('hex');
|
|
309
|
+
lines.push(`integrity: sha256-${hash}`);
|
|
310
|
+
lines.push('---');
|
|
311
|
+
lines.push('');
|
|
312
|
+
lines.push(bodyContent);
|
|
313
|
+
lines.push('');
|
|
314
|
+
return lines.join('\n');
|
|
315
|
+
}
|
|
316
|
+
// --- Helpers ---
|
|
317
|
+
function deriveSkillName(filePath) {
|
|
318
|
+
const basename = path.basename(filePath);
|
|
319
|
+
if (basename === 'SKILL.md') {
|
|
320
|
+
return path.basename(path.dirname(filePath));
|
|
321
|
+
}
|
|
322
|
+
return basename.replace(/\.skill\.md$/, '');
|
|
323
|
+
}
|
|
324
|
+
function hasExistingBoundary(permissions, capability) {
|
|
325
|
+
const parts = capability.split(':');
|
|
326
|
+
if (parts.length !== 2)
|
|
327
|
+
return false;
|
|
328
|
+
const domain = parts[0];
|
|
329
|
+
return domain in permissions && Object.keys(permissions[domain]).length > 0;
|
|
330
|
+
}
|
|
331
|
+
// --- Text output formatting ---
|
|
332
|
+
function formatTextResult(result, options) {
|
|
333
|
+
process.stdout.write((0, colors_js_1.bold)(`\nHardening: ${result.file}`) + '\n');
|
|
334
|
+
// Show findings
|
|
335
|
+
if (result.findings.length > 0) {
|
|
336
|
+
process.stdout.write('\n Findings:\n');
|
|
337
|
+
for (const f of result.findings) {
|
|
338
|
+
const sevColor = f.severity === 'critical' ? colors_js_1.red : f.severity === 'high' ? colors_js_1.yellow : colors_js_1.dim;
|
|
339
|
+
const sevLabel = sevColor(f.severity.padEnd(10));
|
|
340
|
+
process.stdout.write(` ${f.id} ${sevLabel} ${f.title}\n`);
|
|
341
|
+
if (options.verbose) {
|
|
342
|
+
process.stdout.write(` ${(0, colors_js_1.dim)(f.description)}\n`);
|
|
343
|
+
}
|
|
344
|
+
}
|
|
345
|
+
}
|
|
346
|
+
// Show changes
|
|
347
|
+
if (result.changes.length > 0) {
|
|
348
|
+
process.stdout.write('\n Changes applied:\n');
|
|
349
|
+
for (const change of result.changes) {
|
|
350
|
+
process.stdout.write(` ${(0, colors_js_1.green)('+')} ${change}\n`);
|
|
351
|
+
}
|
|
352
|
+
}
|
|
353
|
+
// Show preview or confirmation
|
|
354
|
+
if (options.dryRun) {
|
|
355
|
+
process.stdout.write(`\n ${(0, colors_js_1.dim)('[dry-run] No changes written.')}\n`);
|
|
356
|
+
if (options.verbose && result.content) {
|
|
357
|
+
process.stdout.write(`\n ${(0, colors_js_1.dim)('--- Preview ---')}\n`);
|
|
358
|
+
const preview = result.content.split('\n').slice(0, 30).join('\n');
|
|
359
|
+
process.stdout.write((0, colors_js_1.dim)(preview) + '\n');
|
|
360
|
+
if (result.content.split('\n').length > 30) {
|
|
361
|
+
process.stdout.write((0, colors_js_1.dim)(' ... (truncated)') + '\n');
|
|
362
|
+
}
|
|
363
|
+
}
|
|
364
|
+
}
|
|
365
|
+
else if (result.written) {
|
|
366
|
+
process.stdout.write(`\n ${(0, colors_js_1.green)('Written:')} ${result.file}\n`);
|
|
367
|
+
process.stdout.write(` ${(0, colors_js_1.dim)('SHA-256:')} ${result.hash}\n`);
|
|
368
|
+
}
|
|
369
|
+
process.stdout.write('\n');
|
|
370
|
+
}
|
|
371
|
+
//# sourceMappingURL=harden-skill.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"harden-skill.js","sourceRoot":"","sources":["../../src/commands/harden-skill.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAyDH,kCAiEC;AAxHD,4CAA8B;AAC9B,gDAAkC;AAClC,6CAAyC;AACzC,iDAAwE;AACxE,2EAK0C;AAqB1C,uCAAuC;AAEvC,MAAM,qBAAqB,GAA6D;IACtF,cAAc,EAAE;QACd,UAAU,EAAE;YACV,IAAI,EAAE,CAAC,WAAW,EAAE,aAAa,CAAC;YAClC,KAAK,EAAE,CAAC,aAAa,CAAC;SACvB;KACF;IACD,iBAAiB,EAAE;QACjB,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,WAAW,CAAC,EAAE;KACpC;IACD,kBAAkB,EAAE;QAClB,UAAU,EAAE,EAAE,KAAK,EAAE,CAAC,aAAa,CAAC,EAAE;KACvC;IACD,kBAAkB,EAAE;QAClB,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,yBAAyB,CAAC,EAAE;KACnD;IACD,iBAAiB,EAAE;QACjB,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,mBAAmB,CAAC,EAAE;KAC5C;CACF,CAAC;AAEF,eAAe;AAER,KAAK,UAAU,WAAW,CAAC,OAA2B;IAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,KAAK,MAAM,CAAC;IAEzC,sBAAsB;IACtB,IAAI,QAAgB,CAAC;IACrB,IAAI,SAAiB,CAAC;IACtB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACtC,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,mBAAmB,QAAQ,IAAI,CAAC;YAC5C,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YAC9E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,GAAG,CAAC,CAAC,CAAC;YACjC,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;SAAM,CAAC;QACN,+CAA+C;QAC/C,SAAS,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAC1B,MAAM,UAAU,GAAG,IAAA,qCAAc,EAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAChD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,6FAA6F,CAAC;YAC1G,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YAC9E,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,kBAAM,EAAC,GAAG,CAAC,CAAC,CAAC;YACpC,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC;YACzC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,UAAU,CAAC,MAAM,gCAAgC,CAAC,CAAC;YACjF,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;gBAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;YAC7D,CAAC;YACD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,CAAC;QACD,gCAAgC;QAChC,MAAM,OAAO,GAAqB,EAAE,CAAC;QACrC,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;YAC5B,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;YACxD,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACrB,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;gBAAE,SAAS,GAAG,IAAI,CAAC;QACnD,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACpG,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,6CAA6C;IACzE,CAAC;IAED,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAE9D,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,OAAO,CAAC,CAAC;AACX,CAAC;AAED,+BAA+B;AAE/B,SAAS,gBAAgB,CAAC,QAAgB,EAAE,SAAiB,EAAE,OAA2B;IACxF,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,EAAE,GAAG,IAAA,uCAAgB,EAAC,OAAO,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,IAAA,oCAAa,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACpD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,6BAA6B;IAC7B,MAAM,IAAI,GAAI,EAAE,CAAC,MAAM,CAAC,IAAe,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC;IACrE,MAAM,OAAO,GAAI,EAAE,CAAC,MAAM,CAAC,OAAkB,IAAI,OAAO,CAAC;IACzD,MAAM,WAAW,GAAI,EAAE,CAAC,MAAM,CAAC,WAAsB,IAAI,EAAE,CAAC;IAC5D,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC;QACxD,CAAC,CAAE,EAAE,CAAC,MAAM,CAAC,YAAyB;QACtC,CAAC,CAAC,EAAE,CAAC;IAEP,wBAAwB;IACxB,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACzC,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI;YAAE,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QAC9D,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO;YAAE,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QACpE,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY;YAAE,OAAO,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAChF,CAAC;IAED,oCAAoC;IACpC,IAAI,WAAW,GAA6C,EAAE,CAAC;IAC/D,IAAI,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,MAAM,CAAC,WAAW,IAAI,OAAO,EAAE,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QACnF,WAAW,GAAG,EAAE,CAAC,MAAM,CAAC,WAAuD,CAAC;IAClF,CAAC;IAED,4DAA4D;IAC5D,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,IAAI,GAAG,IAAI,qBAAqB,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE,GAAG,CAAC,EAAE,CAAC;YAC3E,MAAM,QAAQ,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;YAC5C,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACvD,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;oBAAE,WAAW,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;gBACnD,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBACpD,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;wBACjC,WAAW,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC;wBACpC,OAAO,CAAC,IAAI,CAAC,8BAA8B,MAAM,IAAI,MAAM,EAAE,CAAC,CAAC;oBACjE,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,gDAAgD;IAChD,MAAM,oBAAoB,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;QAClD,IAAI,GAAG,KAAK,cAAc,EAAE,CAAC;YAC3B,OAAO,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;YACrF,OAAO,IAAI,CAAC,CAAC,mBAAmB;QAClC,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAa,CAAC;IAE/B,IAAI,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAC1C,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YAAE,oBAAoB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACpG,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,kBAAkB,CAAC;YAAE,oBAAoB,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACxG,CAAC;IAED,8CAA8C;IAC9C,IAAI,aAAiC,CAAC;IACtC,IAAI,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;QAC7D,MAAM,QAAQ,GAAG,EAAE,CAAC,KAAK,IAAI,CAC3B,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CACtE,CAAC;QACF,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,aAAa,GAAG,EAAE,CAAC;YACnB,OAAO,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,eAAe,GAAG,uBAAuB,CAAC;QAC9C,IAAI;QACJ,OAAO;QACP,WAAW;QACX,YAAY,EAAE,oBAAoB;QAClC,WAAW;QACX,aAAa;QACb,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,CAAC;QAC1D,mBAAmB,EAAE,EAAE;KACxB,CAAC,CAAC;IAEH,uBAAuB;IACvB,MAAM,IAAI,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACxE,OAAO,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IAE/D,uBAAuB;IACvB,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;QACrD,OAAO,GAAG,IAAI,CAAC;IACjB,CAAC;IAED,OAAO;QACL,IAAI,EAAE,YAAY;QAClB,QAAQ;QACR,OAAO;QACP,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE;QAC9C,IAAI;QACJ,OAAO;KACR,CAAC;AACJ,CAAC;AAeD,SAAS,uBAAuB,CAAC,IAA4B;IAC3D,MAAM,KAAK,GAAa,CAAC,KAAK,CAAC,CAAC;IAChC,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;IACjC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,KAAK,CAAC,IAAI,CAAC,gBAAgB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IACjD,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAEvC,eAAe;IACf,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5B,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACpC,KAAK,CAAC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACjC,CAAC;IAED,cAAc;IACd,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7C,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC3B,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAC/D,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,GAAG,CAAC,CAAC;YAC3B,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACpD,KAAK,CAAC,IAAI,CAAC,OAAO,MAAM,GAAG,CAAC,CAAC;gBAC7B,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBACzB,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;wBACtB,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;oBAC/B,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAChC,CAAC;IAED,gCAAgC;IAChC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,kDAAkD;IAClD,MAAM,cAAc,GAAG,CAAC,cAAc,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IAC3F,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE,CAAC;QACnC,IAAI,IAAI,CAAC,mBAAmB,CAAC,KAAK,IAAI,KAAK,IAAI,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,CAAC;YAC/E,MAAM,GAAG,GAAG,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACnD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACrB,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,MAAM,CAAC,CAAC;gBAC7B,CAAC;qBAAM,CAAC;oBACN,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;oBACxB,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;wBACvB,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;oBAC5B,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;gBACnD,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,CAAC;gBACxB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAA8B,CAAC,EAAE,CAAC;oBACpE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAC7B,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,KAAK,GAAG,EAAE,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;IACrC,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,WAAW,GAAG,WAAW,GAAG,IAAI,CAAC;IAC3E,MAAM,IAAI,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvE,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,EAAE,CAAC,CAAC;IAExC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACxB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,kBAAkB;AAElB,SAAS,eAAe,CAAC,QAAgB;IACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACzC,IAAI,QAAQ,KAAK,UAAU,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,QAAQ,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,mBAAmB,CAC1B,WAAqD,EACrD,UAAkB;IAElB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACrC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACxB,OAAO,MAAM,IAAI,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;AAC9E,CAAC;AAED,iCAAiC;AAEjC,SAAS,gBAAgB,CAAC,MAAsB,EAAE,OAA2B;IAC3E,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,gBAAI,EAAC,gBAAgB,MAAM,CAAC,IAAI,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IAEjE,gBAAgB;IAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QACxC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,eAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,kBAAM,CAAC,CAAC,CAAC,eAAG,CAAC;YACxF,MAAM,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;YACjD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,EAAE,KAAK,QAAQ,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;YAC9D,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACpB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,IAAA,eAAG,EAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;IACH,CAAC;IAED,eAAe;IACf,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC/C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACpC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,IAAA,iBAAK,EAAC,GAAG,CAAC,IAAI,MAAM,IAAI,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,IAAA,eAAG,EAAC,+BAA+B,CAAC,IAAI,CAAC,CAAC;QACtE,IAAI,OAAO,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACtC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,IAAA,eAAG,EAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;YACxD,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;YAC1C,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,mBAAmB,CAAC,GAAG,IAAI,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QAC1B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,IAAA,iBAAK,EAAC,UAAU,CAAC,IAAI,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC;QAClE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,IAAA,eAAG,EAAC,UAAU,CAAC,IAAI,MAAM,CAAC,IAAI,IAAI,CAAC,CAAC;IAChE,CAAC;IAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/commands/identity.ts"],"names":[],"mappings":"AA0BA,UAAU,eAAe;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,iEAAiE;IACjE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;
|
|
1
|
+
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../../src/commands/identity.ts"],"names":[],"mappings":"AA0BA,UAAU,eAAe;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,iEAAiE;IACjE,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AA+FD,wBAAsB,QAAQ,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAsExE"}
|