pwnkit-cli 0.3.2 → 0.3.4

package/dist/package.json

@@ -0,0 +1,40 @@
+{
+  "name": "pwnkit-cli",
+  "version": "0.3.4",
+  "type": "module",
+  "description": "AI-powered agentic security scanner. Scan endpoints, audit packages, review source code. Autonomous agents discover, attack, verify, and report.",
+  "bin": {
+    "pwnkit-cli": "./index.js"
+  },
+  "files": [
+    "index.js",
+    "attacks"
+  ],
+  "keywords": [
+    "ai",
+    "application-security",
+    "mcp",
+    "owasp",
+    "security",
+    "red-team",
+    "llm",
+    "prompt-injection"
+  ],
+  "author": "Peak Twilight",
+  "homepage": "https://pwnkit.com",
+  "bugs": {
+    "url": "https://github.com/peaktwilight/pwnkit/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/peaktwilight/pwnkit.git"
+  },
+  "license": "Apache-2.0",
+  "engines": {
+    "node": ">=20"
+  },
+  "dependencies": {
+    "better-sqlite3": "^12.8.0",
+    "drizzle-orm": "^0.44.0"
+  }
+}

package/package.json

@@ -1,35 +1,62 @@
 {
   "name": "pwnkit-cli",
-  "version": "0.3.2",
   "type": "module",
+  "version": "0.3.4",
+  "description": "AI-powered agentic security scanner. Scan endpoints, audit packages, review source code. Autonomous agents discover, attack, verify, and report.",
   "bin": {
     "pwnkit-cli": "dist/index.js"
   },
   "files": [
+    "LICENSE",
+    "README.md",
+    "package.json",
     "dist"
   ],
   "scripts": {
-    "build": "tsc",
-    "dev": "tsc --watch",
-    "clean": "rm -rf dist"
+    "build": "pnpm -r build && pnpm run build:bundle",
+    "build:bundle": "node ./scripts/bundle-cli.mjs",
+    "dev": "pnpm -r --parallel dev",
+    "lint": "pnpm -r exec tsc --noEmit",
+    "test": "pnpm --filter @pwnkit/test-targets test",
+    "clean": "pnpm -r clean",
+    "vulnerable": "PORT=43100 pnpm --filter @pwnkit/test-targets vulnerable",
+    "safe": "PORT=43101 pnpm --filter @pwnkit/test-targets safe"
+  },
+  "keywords": [
+    "ai",
+    "application-security",
+    "mcp",
+    "owasp",
+    "security",
+    "red-team",
+    "llm",
+    "prompt-injection"
+  ],
+  "author": "Peak Twilight",
+  "homepage": "https://pwnkit.com",
+  "bugs": {
+    "url": "https://github.com/peaktwilight/pwnkit/issues"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/peaktwilight/pwnkit.git"
+  },
+  "license": "Apache-2.0",
+  "engines": {
+    "node": ">=20",
+    "pnpm": ">=8"
   },
   "dependencies": {
-    "@clack/prompts": "^1.1.0",
-    "@pwnkit/core": "workspace:*",
-    "@pwnkit/db": "workspace:*",
-    "@pwnkit/shared": "workspace:*",
-    "@pwnkit/templates": "workspace:*",
-    "@pwnkit/test-targets": "workspace:*",
-    "cfonts": "^3.3.1",
-    "chalk": "^5.3.0",
-    "commander": "^12.1.0",
-    "ink": "^6.8.0",
-    "ink-spinner": "^5.0.0",
-    "ora": "^8.0.0",
-    "react": "^19.2.4"
+    "better-sqlite3": "^12.8.0",
+    "drizzle-orm": "^0.44.0"
   },
   "devDependencies": {
-    "@types/react": "^19.2.14",
-    "typescript": "^5.4.0"
+    "@types/node": "^25.5.0",
+    "esbuild": "^0.27.4"
+  },
+  "pnpm": {
+    "overrides": {
+      "esbuild": "^0.27.4"
+    }
   }
 }

package/dist/commands/audit.d.ts

@@ -1,3 +0,0 @@
-import type { Command } from "commander";
-export declare function registerAuditCommand(program: Command): void;
-//# sourceMappingURL=audit.d.ts.map

package/dist/commands/audit.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIzC,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA6B3D"}

package/dist/commands/audit.js

@@ -1,32 +0,0 @@
-import { runUnified } from "./run.js";
-export function registerAuditCommand(program) {
-    program
-        .command("audit")
-        .description("Audit an npm package for security vulnerabilities")
-        .argument("<package>", "npm package name (e.g. lodash, express)")
-        .option("--version <version>", "Specific version to audit (default: latest)")
-        .option("--depth <depth>", "Audit depth: quick, default, deep", "default")
-        .option("--format <format>", "Output format: terminal, json, md", "terminal")
-        .option("--runtime <runtime>", "Runtime: auto, claude, codex, gemini, api", "auto")
-        .option("--db-path <path>", "Path to SQLite database")
-        .option("--api-key <key>", "API key for LLM provider")
-        .option("--model <model>", "LLM model to use")
-        .option("--verbose", "Show detailed output", false)
-        .option("--timeout <ms>", "AI agent timeout in milliseconds", "600000")
-        .action(async (packageName, opts) => {
-        await runUnified({
-            target: packageName,
-            targetType: "npm-package",
-            depth: opts.depth ?? "default",
-            format: (opts.format === "md" ? "markdown" : opts.format),
-            runtime: opts.runtime ?? "auto",
-            timeout: parseInt(opts.timeout, 10),
-            verbose: opts.verbose,
-            dbPath: opts.dbPath,
-            apiKey: opts.apiKey,
-            model: opts.model,
-            packageVersion: opts.version,
-        });
-    });
-}
-//# sourceMappingURL=audit.js.map

package/dist/commands/audit.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAEtC,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,OAAO,CAAC;SAChB,WAAW,CAAC,mDAAmD,CAAC;SAChE,QAAQ,CAAC,WAAW,EAAE,yCAAyC,CAAC;SAChE,MAAM,CAAC,qBAAqB,EAAE,6CAA6C,CAAC;SAC5E,MAAM,CAAC,iBAAiB,EAAE,mCAAmC,EAAE,SAAS,CAAC;SACzE,MAAM,CAAC,mBAAmB,EAAE,mCAAmC,EAAE,UAAU,CAAC;SAC5E,MAAM,CAAC,qBAAqB,EAAE,2CAA2C,EAAE,MAAM,CAAC;SAClF,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;SACrD,MAAM,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;SACrD,MAAM,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;SAC7C,MAAM,CAAC,WAAW,EAAE,sBAAsB,EAAE,KAAK,CAAC;SAClD,MAAM,CAAC,gBAAgB,EAAE,kCAAkC,EAAE,QAAQ,CAAC;SACtE,MAAM,CAAC,KAAK,EAAE,WAAmB,EAAE,IAAsC,EAAE,EAAE;QAC5E,MAAM,UAAU,CAAC;YACf,MAAM,EAAE,WAAW;YACnB,UAAU,EAAE,aAAa;YACzB,KAAK,EAAG,IAAI,CAAC,KAAmB,IAAI,SAAS;YAC7C,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAiB;YACzE,OAAO,EAAG,IAAI,CAAC,OAAuB,IAAI,MAAM;YAChD,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,OAAiB,EAAE,EAAE,CAAC;YAC7C,OAAO,EAAE,IAAI,CAAC,OAAkB;YAChC,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,KAAK,EAAE,IAAI,CAAC,KAA2B;YACvC,cAAc,EAAE,IAAI,CAAC,OAA6B;SACnD,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/findings.d.ts

@@ -1,3 +0,0 @@
-import type { Command } from "commander";
-export declare function registerFindingsCommand(program: Command): void;
-//# sourceMappingURL=findings.d.ts.map

package/dist/commands/findings.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"findings.d.ts","sourceRoot":"","sources":["../../src/commands/findings.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAoEzC,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA4E9D"}

package/dist/commands/findings.js

@@ -1,110 +0,0 @@
-import chalk from "chalk";
-function withFindingsListOptions(command) {
-    return command
-        .option("--db-path <path>", "Path to SQLite database")
-        .option("--scan <scanId>", "Filter by scan ID")
-        .option("--severity <severity>", "Filter by severity: critical, high, medium, low, info")
-        .option("--category <category>", "Filter by attack category")
-        .option("--status <status>", "Filter by status: discovered, verified, confirmed, scored, reported, false-positive")
-        .option("--limit <n>", "Max findings to show", "50");
-}
-async function renderFindingsList(opts) {
-    const { pwnkitDB } = await import("@pwnkit/db");
-    const db = new pwnkitDB(opts.dbPath);
-    const rows = db.listFindings({
-        scanId: opts.scan,
-        severity: opts.severity,
-        category: opts.category,
-        status: opts.status,
-        limit: parseInt(opts.limit ?? "50", 10),
-    });
-    db.close();
-    if (rows.length === 0) {
-        console.log(chalk.gray("No findings found."));
-        return;
-    }
-    console.log("");
-    console.log(chalk.red.bold("  \u25C6 pwnkit") + chalk.gray(` findings (${rows.length})`));
-    console.log("");
-    for (const f of rows) {
-        const sevColor = f.severity === "critical" ? chalk.red.bold :
-            f.severity === "high" ? chalk.redBright :
-                f.severity === "medium" ? chalk.yellow :
-                    f.severity === "low" ? chalk.blue :
-                        chalk.gray;
-        const statusColor = f.status === "reported" ? chalk.green :
-            f.status === "scored" ? chalk.cyan :
-                f.status === "verified" ? chalk.yellow :
-                    f.status === "false-positive" ? chalk.strikethrough.gray :
-                        chalk.white;
-        console.log(`  ${sevColor(f.severity.padEnd(8))} ${statusColor(f.status.padEnd(14))} ${chalk.white(f.title)}`);
-        console.log(`  ${chalk.gray(f.id.slice(0, 8))}  ${chalk.gray(f.category)}  ${chalk.gray(`scan:${f.scanId.slice(0, 8)}`)}`);
-        console.log("");
-    }
-}
-export function registerFindingsCommand(program) {
-    const findingsCmd = withFindingsListOptions(program
-        .command("findings")
-        .description("Browse and manage persisted findings")).action(async (opts) => {
-        await renderFindingsList(opts);
-    });
-    withFindingsListOptions(findingsCmd
-        .command("list")
-        .description("List findings from the database")).action(async (opts) => {
-        await renderFindingsList(opts);
-    });
-    findingsCmd
-        .command("show")
-        .description("Show detailed information about a finding")
-        .argument("<id>", "Finding ID (full or prefix)")
-        .option("--db-path <path>", "Path to SQLite database")
-        .action(async (id, opts) => {
-        const { pwnkitDB } = await import("@pwnkit/db");
-        const db = new pwnkitDB(opts.dbPath);
-        // Support prefix matching
-        let finding = db.getFinding(id);
-        if (!finding) {
-            const all = db.listFindings({ limit: 1000 });
-            finding = all.find((f) => f.id.startsWith(id));
-        }
-        db.close();
-        if (!finding) {
-            console.error(chalk.red(`Finding '${id}' not found.`));
-            process.exit(1);
-        }
-        console.log("");
-        console.log(chalk.red.bold("  \u25C6 pwnkit") + chalk.gray(" finding detail"));
-        console.log("");
-        const sevColor = finding.severity === "critical" ? chalk.red.bold :
-            finding.severity === "high" ? chalk.redBright :
-                finding.severity === "medium" ? chalk.yellow :
-                    finding.severity === "low" ? chalk.blue :
-                        chalk.gray;
-        console.log(`  ${chalk.white.bold(finding.title)}`);
-        console.log(`  ${sevColor(finding.severity.toUpperCase())} ${chalk.gray("\u2502")} ${chalk.white(finding.status)} ${chalk.gray("\u2502")} ${chalk.gray(finding.category)}`);
-        if (finding.score != null) {
-            console.log(`  ${chalk.gray("Score:")} ${chalk.cyan(String(finding.score) + "/100")}`);
-        }
-        console.log("");
-        console.log(`  ${chalk.gray("ID:")}       ${finding.id}`);
-        console.log(`  ${chalk.gray("Scan:")}     ${finding.scanId}`);
-        console.log(`  ${chalk.gray("Template:")} ${finding.templateId}`);
-        console.log(`  ${chalk.gray("Time:")}     ${new Date(finding.timestamp).toISOString()}`);
-        console.log("");
-        console.log(`  ${chalk.gray("Description:")}`);
-        console.log(`  ${finding.description}`);
-        console.log("");
-        console.log(`  ${chalk.gray("Evidence \u2014 Request:")}`);
-        console.log(`  ${chalk.dim(finding.evidenceRequest)}`);
-        console.log("");
-        console.log(`  ${chalk.gray("Evidence \u2014 Response:")}`);
-        console.log(`  ${chalk.dim(finding.evidenceResponse)}`);
-        if (finding.evidenceAnalysis) {
-            console.log("");
-            console.log(`  ${chalk.gray("Evidence \u2014 Analysis:")}`);
-            console.log(`  ${chalk.dim(finding.evidenceAnalysis)}`);
-        }
-        console.log("");
-    });
-}
-//# sourceMappingURL=findings.js.map

package/dist/commands/findings.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"findings.js","sourceRoot":"","sources":["../../src/commands/findings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,OAAO,CAAC;AAW1B,SAAS,uBAAuB,CAAC,OAAgB;IAC/C,OAAO,OAAO;SACX,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;SACrD,MAAM,CAAC,iBAAiB,EAAE,mBAAmB,CAAC;SAC9C,MAAM,CAAC,uBAAuB,EAAE,uDAAuD,CAAC;SACxF,MAAM,CAAC,uBAAuB,EAAE,2BAA2B,CAAC;SAC5D,MAAM,CAAC,mBAAmB,EAAE,qFAAqF,CAAC;SAClH,MAAM,CAAC,aAAa,EAAE,sBAAsB,EAAE,IAAI,CAAC,CAAC;AACzD,CAAC;AAED,KAAK,UAAU,kBAAkB,CAAC,IAAyB;IACzD,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;IAChD,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC;QAC3B,MAAM,EAAE,IAAI,CAAC,IAAI;QACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,IAAI,IAAI,EAAE,EAAE,CAAC;KACxC,CAAC,CAAC;IACH,EAAE,CAAC,KAAK,EAAE,CAAC;IAEX,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC1F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,MAAM,QAAQ,GACZ,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC5C,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBACzC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBACxC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;wBACnC,KAAK,CAAC,IAAI,CAAC;QAEb,MAAM,WAAW,GACf,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YACvC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBACpC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBACxC,CAAC,CAAC,MAAM,KAAK,gBAAgB,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;wBAC1D,KAAK,CAAC,KAAK,CAAC;QAEd,OAAO,CAAC,GAAG,CACT,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAClG,CAAC;QACF,OAAO,CAAC,GAAG,CACT,KAAK,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAC9G,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,OAAgB;IACtD,MAAM,WAAW,GAAG,uBAAuB,CACzC,OAAO;SACJ,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,sCAAsC,CAAC,CACvD,CAAC,MAAM,CAAC,KAAK,EAAE,IAAyB,EAAE,EAAE;QAC3C,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,uBAAuB,CACrB,WAAW;SACR,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,iCAAiC,CAAC,CAClD,CAAC,MAAM,CAAC,KAAK,EAAE,IAAyB,EAAE,EAAE;QAC3C,MAAM,kBAAkB,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,WAAW;SACR,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,2CAA2C,CAAC;SACxD,QAAQ,CAAC,MAAM,EAAE,6BAA6B,CAAC;SAC/C,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;SACrD,MAAM,CAAC,KAAK,EAAE,EAAU,EAAE,IAAI,EAAE,EAAE;QACjC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAErC,0BAA0B;QAC1B,IAAI,OAAO,GAAG,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAChC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;QACjE,CAAC;QACD,EAAE,CAAC,KAAK,EAAE,CAAC;QAEX,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC,CAAC;YACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;QAC/E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAClD,OAAO,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBAC/C,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;oBAC9C,OAAO,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;wBACzC,KAAK,CAAC,IAAI,CAAC;QAEb,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,GAAG,CAAC,KAAK,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC5K,IAAI,OAAO,CAAC,KAAK,IAAI,IAAI,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;QACzF,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;QAClE,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;QACzF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,EAAE,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACxD,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC;YAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/history.d.ts

@@ -1,3 +0,0 @@
-import type { Command } from "commander";
-export declare function registerHistoryCommand(program: Command): void;
-//# sourceMappingURL=history.d.ts.map

package/dist/commands/history.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"history.d.ts","sourceRoot":"","sources":["../../src/commands/history.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAGzC,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAsC7D"}

package/dist/commands/history.js

@@ -1,34 +0,0 @@
-import chalk from "chalk";
-export function registerHistoryCommand(program) {
-    program
-        .command("history")
-        .description("Show past scan history from the SQLite database")
-        .option("--db-path <path>", "Path to SQLite database")
-        .option("--limit <n>", "Number of scans to show", "10")
-        .action(async (opts) => {
-        const { pwnkitDB } = await import("@pwnkit/db");
-        const db = new pwnkitDB(opts.dbPath);
-        const scans = db.listScans(parseInt(opts.limit, 10));
-        db.close();
-        if (scans.length === 0) {
-            console.log(chalk.gray("No scan history found."));
-            return;
-        }
-        console.log("");
-        console.log(chalk.red.bold("  \u25C6 pwnkit") + chalk.gray(" scan history"));
-        console.log("");
-        for (const s of scans) {
-            const status = s.status === "completed"
-                ? chalk.green("done")
-                : s.status === "failed"
-                    ? chalk.red("fail")
-                    : chalk.yellow("run");
-            const summary = s.summary ? JSON.parse(s.summary) : null;
-            const findings = summary?.totalFindings ?? "?";
-            const duration = s.durationMs ? `${(s.durationMs / 1000).toFixed(1)}s` : "-";
-            console.log(`  ${status} ${chalk.white(s.target)} ${chalk.gray(`[${s.depth}]`)} ${chalk.gray(duration)} ${chalk.yellow(`${findings} findings`)} ${chalk.gray(s.startedAt)}`);
-        }
-        console.log("");
-    });
-}
-//# sourceMappingURL=history.js.map

package/dist/commands/history.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"history.js","sourceRoot":"","sources":["../../src/commands/history.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,MAAM,UAAU,sBAAsB,CAAC,OAAgB;IACrD,OAAO;SACJ,OAAO,CAAC,SAAS,CAAC;SAClB,WAAW,CAAC,iDAAiD,CAAC;SAC9D,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;SACrD,MAAM,CAAC,aAAa,EAAE,yBAAyB,EAAE,IAAI,CAAC;SACtD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QACrB,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,KAAK,GAAG,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC;QACrD,EAAE,CAAC,KAAK,EAAE,CAAC;QAEX,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC;YAClD,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;QAC7E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,MAAM,GACV,CAAC,CAAC,MAAM,KAAK,WAAW;gBACtB,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC;gBACrB,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ;oBACrB,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC;oBACnB,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC5B,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACzD,MAAM,QAAQ,GAAG,OAAO,EAAE,aAAa,IAAI,GAAG,CAAC;YAC/C,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YAE7E,OAAO,CAAC,GAAG,CACT,KAAK,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,QAAQ,WAAW,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,EAAE,CAChK,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/index.d.ts

@@ -1,7 +0,0 @@
-export { registerScanCommand } from "./scan.js";
-export { registerReplayCommand } from "./replay.js";
-export { registerHistoryCommand } from "./history.js";
-export { registerFindingsCommand } from "./findings.js";
-export { registerReviewCommand } from "./review.js";
-export { registerAuditCommand } from "./audit.js";
-//# sourceMappingURL=index.d.ts.map

package/dist/commands/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC"}

package/dist/commands/index.js

@@ -1,7 +0,0 @@
-export { registerScanCommand } from "./scan.js";
-export { registerReplayCommand } from "./replay.js";
-export { registerHistoryCommand } from "./history.js";
-export { registerFindingsCommand } from "./findings.js";
-export { registerReviewCommand } from "./review.js";
-export { registerAuditCommand } from "./audit.js";
-//# sourceMappingURL=index.js.map

package/dist/commands/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/commands/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC"}

package/dist/commands/replay.d.ts

@@ -1,3 +0,0 @@
-import type { Command } from "commander";
-export declare function registerReplayCommand(program: Command): void;
-//# sourceMappingURL=replay.d.ts.map

package/dist/commands/replay.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"replay.d.ts","sourceRoot":"","sources":["../../src/commands/replay.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIzC,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAqF5D"}

package/dist/commands/replay.js

@@ -1,83 +0,0 @@
-import chalk from "chalk";
-import { renderReplay } from "../formatters/replay.js";
-export function registerReplayCommand(program) {
-    program
-        .command("replay")
-        .description("Replay the last scan's attack chain as an animated terminal sequence")
-        .option("--db-path <path>", "Path to SQLite database")
-        .option("--scan <scanId>", "Replay a specific scan by ID (default: last scan)")
-        .action(async (opts) => {
-        try {
-            const { pwnkitDB } = await import("@pwnkit/db");
-            const db = new pwnkitDB(opts.dbPath);
-            let scanRecord;
-            if (opts.scan) {
-                scanRecord = db.getScan(opts.scan);
-                if (!scanRecord) {
-                    // Try prefix match
-                    const all = db.listScans(100);
-                    scanRecord = all.find((s) => s.id.startsWith(opts.scan));
-                }
-                if (!scanRecord) {
-                    console.error(chalk.red(`Scan '${opts.scan}' not found.`));
-                    db.close();
-                    process.exit(2);
-                }
-            }
-            else {
-                const scans = db.listScans(1);
-                if (scans.length === 0) {
-                    console.error(chalk.red("No scan history found. Run a scan first."));
-                    db.close();
-                    process.exit(2);
-                }
-                scanRecord = scans[0];
-            }
-            const dbFindings = db.getFindings(scanRecord.id);
-            const target = db.getTarget(scanRecord.target);
-            db.close();
-            const summary = scanRecord.summary ? JSON.parse(scanRecord.summary) : {
-                totalAttacks: 0, totalFindings: 0,
-                critical: 0, high: 0, medium: 0, low: 0, info: 0,
-            };
-            const findings = dbFindings.map((f) => ({
-                id: f.id,
-                templateId: f.templateId,
-                title: f.title,
-                description: f.description,
-                severity: f.severity,
-                category: f.category,
-                status: f.status,
-                evidence: {
-                    request: f.evidenceRequest,
-                    response: f.evidenceResponse,
-                    analysis: f.evidenceAnalysis ?? undefined,
-                },
-                timestamp: f.timestamp,
-            }));
-            const targetInfo = target
-                ? {
-                    url: target.url,
-                    type: target.type,
-                    systemPrompt: target.systemPrompt ?? undefined,
-                    detectedFeatures: target.detectedFeatures
-                        ? JSON.parse(target.detectedFeatures)
-                        : undefined,
-                    endpoints: target.endpoints ? JSON.parse(target.endpoints) : undefined,
-                }
-                : undefined;
-            await renderReplay({
-                target: scanRecord.target,
-                targetInfo,
-                findings,
-                summary,
-                durationMs: scanRecord.durationMs ?? 0,
-            });
-        }
-        catch (err) {
-            console.error(chalk.red("Failed to replay: " + (err instanceof Error ? err.message : String(err))));
-            process.exit(2);
-        }
-    });
-}
-//# sourceMappingURL=replay.js.map

package/dist/commands/replay.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"replay.js","sourceRoot":"","sources":["../../src/commands/replay.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEvD,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACpD,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,sEAAsE,CAAC;SACnF,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;SACrD,MAAM,CAAC,iBAAiB,EAAE,mDAAmD,CAAC;SAC9E,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QACrB,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;YAChD,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAErC,IAAI,UAAU,CAAC;YACf,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,UAAU,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACnC,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,mBAAmB;oBACnB,MAAM,GAAG,GAAG,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;oBAC9B,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,CAAiB,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;gBAC3E,CAAC;gBACD,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,IAAI,CAAC,IAAI,cAAc,CAAC,CAAC,CAAC;oBAC3D,EAAE,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC9B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACvB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC,CAAC;oBACrE,EAAE,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC;gBACD,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACxB,CAAC;YAED,MAAM,UAAU,GAAG,EAAE,CAAC,WAAW,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,EAAE,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC/C,EAAE,CAAC,KAAK,EAAE,CAAC;YAEX,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;gBACpE,YAAY,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC;gBACjC,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC;aACjD,CAAC;YAEF,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACtC,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,QAAQ,EAAE,CAAC,CAAC,QAA6C;gBACzD,QAAQ,EAAE,CAAC,CAAC,QAAmD;gBAC/D,MAAM,EAAE,CAAC,CAAC,MAAgD;gBAC1D,QAAQ,EAAE;oBACR,OAAO,EAAE,CAAC,CAAC,eAAe;oBAC1B,QAAQ,EAAE,CAAC,CAAC,gBAAgB;oBAC5B,QAAQ,EAAE,CAAC,CAAC,gBAAgB,IAAI,SAAS;iBAC1C;gBACD,SAAS,EAAE,CAAC,CAAC,SAAS;aACvB,CAAC,CAAC,CAAC;YAEJ,MAAM,UAAU,GAAG,MAAM;gBACvB,CAAC,CAAC;oBACE,GAAG,EAAE,MAAM,CAAC,GAAG;oBACf,IAAI,EAAE,MAAM,CAAC,IAAmD;oBAChE,YAAY,EAAE,MAAM,CAAC,YAAY,IAAI,SAAS;oBAC9C,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;wBACvC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC;wBACrC,CAAC,CAAC,SAAS;oBACb,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;iBACvE;gBACH,CAAC,CAAC,SAAS,CAAC;YAEd,MAAM,YAAY,CAAC;gBACjB,MAAM,EAAE,UAAU,CAAC,MAAM;gBACzB,UAAU;gBACV,QAAQ;gBACR,OAAO;gBACP,UAAU,EAAE,UAAU,CAAC,UAAU,IAAI,CAAC;aACvC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,GAAG,CAAC,oBAAoB,GAAG,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CACrF,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/review.d.ts

@@ -1,3 +0,0 @@
-import type { Command } from "commander";
-export declare function registerReviewCommand(program: Command): void;
-//# sourceMappingURL=review.d.ts.map

package/dist/commands/review.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"review.d.ts","sourceRoot":"","sources":["../../src/commands/review.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAIzC,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA2B5D"}

package/dist/commands/review.js

@@ -1,30 +0,0 @@
-import { runUnified } from "./run.js";
-export function registerReviewCommand(program) {
-    program
-        .command("review")
-        .description("Deep source code security review of a repository")
-        .argument("<repo>", "Local path or git URL to review")
-        .option("--depth <depth>", "Review depth: quick, default, deep", "default")
-        .option("--format <format>", "Output format: terminal, json, md", "terminal")
-        .option("--runtime <runtime>", "Runtime: auto, claude, codex, gemini, api", "auto")
-        .option("--db-path <path>", "Path to SQLite database")
-        .option("--api-key <key>", "API key for LLM provider")
-        .option("--model <model>", "LLM model to use")
-        .option("--verbose", "Show detailed output", false)
-        .option("--timeout <ms>", "AI agent timeout in milliseconds", "600000")
-        .action(async (repo, opts) => {
-        await runUnified({
-            target: repo,
-            targetType: "source-code",
-            depth: opts.depth ?? "default",
-            format: (opts.format === "md" ? "markdown" : opts.format),
-            runtime: opts.runtime ?? "auto",
-            timeout: parseInt(opts.timeout, 10),
-            verbose: opts.verbose,
-            dbPath: opts.dbPath,
-            apiKey: opts.apiKey,
-            model: opts.model,
-        });
-    });
-}
-//# sourceMappingURL=review.js.map

package/dist/commands/review.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"review.js","sourceRoot":"","sources":["../../src/commands/review.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAEtC,MAAM,UAAU,qBAAqB,CAAC,OAAgB;IACpD,OAAO;SACJ,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,kDAAkD,CAAC;SAC/D,QAAQ,CAAC,QAAQ,EAAE,iCAAiC,CAAC;SACrD,MAAM,CAAC,iBAAiB,EAAE,oCAAoC,EAAE,SAAS,CAAC;SAC1E,MAAM,CAAC,mBAAmB,EAAE,mCAAmC,EAAE,UAAU,CAAC;SAC5E,MAAM,CAAC,qBAAqB,EAAE,2CAA2C,EAAE,MAAM,CAAC;SAClF,MAAM,CAAC,kBAAkB,EAAE,yBAAyB,CAAC;SACrD,MAAM,CAAC,iBAAiB,EAAE,0BAA0B,CAAC;SACrD,MAAM,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;SAC7C,MAAM,CAAC,WAAW,EAAE,sBAAsB,EAAE,KAAK,CAAC;SAClD,MAAM,CAAC,gBAAgB,EAAE,kCAAkC,EAAE,QAAQ,CAAC;SACtE,MAAM,CAAC,KAAK,EAAE,IAAY,EAAE,IAAsC,EAAE,EAAE;QACrE,MAAM,UAAU,CAAC;YACf,MAAM,EAAE,IAAI;YACZ,UAAU,EAAE,aAAa;YACzB,KAAK,EAAG,IAAI,CAAC,KAAmB,IAAI,SAAS;YAC7C,MAAM,EAAE,CAAC,IAAI,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAiB;YACzE,OAAO,EAAG,IAAI,CAAC,OAAuB,IAAI,MAAM;YAChD,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,OAAiB,EAAE,EAAE,CAAC;YAC7C,OAAO,EAAE,IAAI,CAAC,OAAkB;YAChC,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,MAAM,EAAE,IAAI,CAAC,MAA4B;YACzC,KAAK,EAAE,IAAI,CAAC,KAA2B;SACxC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACP,CAAC"}

package/dist/commands/run.d.ts

@@ -1,16 +0,0 @@
-import type { ScanDepth, OutputFormat, RuntimeMode } from "@pwnkit/shared";
-export interface RunOptions {
-    target: string;
-    targetType?: "npm-package" | "source-code" | "url" | "web-app";
-    depth: ScanDepth;
-    format: OutputFormat;
-    runtime: RuntimeMode;
-    timeout: number;
-    verbose: boolean;
-    dbPath?: string;
-    apiKey?: string;
-    model?: string;
-    packageVersion?: string;
-}
-export declare function runUnified(opts: RunOptions): Promise<void>;
-//# sourceMappingURL=run.d.ts.map

package/dist/commands/run.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"run.d.ts","sourceRoot":"","sources":["../../src/commands/run.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAO3E,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,aAAa,GAAG,aAAa,GAAG,KAAK,GAAG,SAAS,CAAC;IAC/D,KAAK,EAAE,SAAS,CAAC;IACjB,MAAM,EAAE,YAAY,CAAC;IACrB,OAAO,EAAE,WAAW,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,wBAAsB,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CA+EhE"}

package/dist/commands/run.js

@@ -1,83 +0,0 @@
-import chalk from "chalk";
-import { VERSION } from "@pwnkit/shared";
-import { runPipeline, createRuntime } from "@pwnkit/core";
-import { formatAuditReport, formatReviewReport, formatReport } from "../formatters/index.js";
-import { createpwnkitSpinner } from "../spinner.js";
-import { createEventHandler } from "../event-handler.js";
-import { buildShareUrl, checkRuntimeAvailability } from "../utils.js";
-export async function runUnified(opts) {
-    const { target, depth, format, runtime, timeout } = opts;
-    const validRuntimes = ["api", "claude", "codex", "gemini", "auto"];
-    if (!validRuntimes.includes(runtime)) {
-        console.error(chalk.red(`Unknown runtime '${runtime}'. Valid: ${validRuntimes.join(", ")}`));
-        process.exit(2);
-    }
-    // Check non-auto runtime availability
-    if (runtime !== "api" && runtime !== "auto") {
-        const rt = createRuntime({ type: runtime, timeout });
-        const available = await rt.isAvailable();
-        if (!available) {
-            console.error(chalk.red(`Runtime '${runtime}' not available. Is ${runtime} installed?`));
-            process.exit(2);
-        }
-    }
-    if (format === "terminal")
-        checkRuntimeAvailability();
-    // Ink TUI for terminal, plain text for json/md
-    const useInkUI = format === "terminal";
-    let inkUI = null;
-    let eventHandler;
-    if (useInkUI) {
-        const { renderScanUI } = await import("../ui/renderScan.js");
-        const mode = opts.targetType === "npm-package" ? "audit"
-            : opts.targetType === "source-code" ? "review"
-                : "scan";
-        inkUI = renderScanUI({ version: VERSION, target, depth, mode });
-        eventHandler = inkUI.onEvent;
-    }
-    else {
-        const spinner = createpwnkitSpinner("Initializing...");
-        eventHandler = createEventHandler({ format, spinner });
-    }
-    try {
-        const report = await runPipeline({
-            target,
-            targetType: opts.targetType,
-            depth,
-            format,
-            runtime,
-            onEvent: eventHandler,
-            dbPath: opts.dbPath,
-            apiKey: opts.apiKey,
-            model: opts.model,
-            timeout,
-            packageVersion: opts.packageVersion,
-        });
-        if (inkUI) {
-            inkUI.setReport(report);
-            await inkUI.waitForExit();
-        }
-        else {
-            // Pick the right formatter based on target type
-            const reportAny = report;
-            const output = reportAny.targetType === "npm-package"
-                ? formatAuditReport(reportAny, format)
-                : reportAny.targetType === "source-code"
-                    ? formatReviewReport(reportAny, format)
-                    : formatReport(reportAny, format);
-            console.log(output);
-            if (format === "terminal") {
-                console.log(`\n  ${chalk.gray("Share this report:")} ${chalk.cyan(buildShareUrl(reportAny))}\n`);
-            }
-        }
-        // Exit with non-zero if critical/high findings
-        if (report.summary.critical > 0 || report.summary.high > 0) {
-            process.exit(1);
-        }
-    }
-    catch (err) {
-        console.error(chalk.red(err instanceof Error ? err.message : String(err)));
-        process.exit(2);
-    }
-}
-//# sourceMappingURL=run.js.map