sapper-ai 0.7.0 → 0.8.1

package/dist/guard/WarningStore.js

@@ -0,0 +1,305 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WarningStore = void 0;
+const promises_1 = require("node:fs/promises");
+const node_os_1 = require("node:os");
+const node_path_1 = require("node:path");
+const fs_1 = require("../utils/fs");
+const WARNING_STORE_VERSION = 1;
+const WARNING_DIR = '.sapper-ai';
+const WARNING_FILE = 'warnings.json';
+const PRIVATE_FILE_MODE = 0o600;
+function cloneWarning(warning) {
+    return {
+        skillName: warning.skillName,
+        skillPath: warning.skillPath,
+        contentHash: warning.contentHash,
+        risk: warning.risk,
+        reasons: [...warning.reasons],
+        detectedAt: warning.detectedAt,
+    };
+}
+function cloneDismissed(dismissed) {
+    return {
+        skillName: dismissed.skillName,
+        contentHash: dismissed.contentHash,
+        dismissedAt: dismissed.dismissedAt,
+    };
+}
+function normalizeWarning(value) {
+    if (!value || typeof value !== 'object' || Array.isArray(value)) {
+        return null;
+    }
+    const warning = value;
+    if (typeof warning.skillName !== 'string' || warning.skillName.length === 0) {
+        return null;
+    }
+    if (typeof warning.skillPath !== 'string' || warning.skillPath.length === 0) {
+        return null;
+    }
+    if (typeof warning.contentHash !== 'string' || warning.contentHash.length === 0) {
+        return null;
+    }
+    if (typeof warning.risk !== 'number' || !Number.isFinite(warning.risk)) {
+        return null;
+    }
+    if (!Array.isArray(warning.reasons) || warning.reasons.some((reason) => typeof reason !== 'string')) {
+        return null;
+    }
+    if (typeof warning.detectedAt !== 'string' || warning.detectedAt.length === 0) {
+        return null;
+    }
+    return {
+        skillName: warning.skillName,
+        skillPath: warning.skillPath,
+        contentHash: warning.contentHash,
+        risk: warning.risk,
+        reasons: [...warning.reasons],
+        detectedAt: warning.detectedAt,
+    };
+}
+function normalizeDismissed(value) {
+    if (!value || typeof value !== 'object' || Array.isArray(value)) {
+        return null;
+    }
+    const dismissed = value;
+    if (typeof dismissed.skillName !== 'string' || dismissed.skillName.length === 0) {
+        return null;
+    }
+    if (dismissed.contentHash !== undefined && typeof dismissed.contentHash !== 'string') {
+        return null;
+    }
+    if (typeof dismissed.dismissedAt !== 'string' || dismissed.dismissedAt.length === 0) {
+        return null;
+    }
+    return {
+        skillName: dismissed.skillName,
+        contentHash: dismissed.contentHash,
+        dismissedAt: dismissed.dismissedAt,
+    };
+}
+function normalizeWarningList(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    const warnings = [];
+    for (const warning of value) {
+        const normalized = normalizeWarning(warning);
+        if (!normalized) {
+            continue;
+        }
+        warnings.push(normalized);
+    }
+    return warnings;
+}
+function normalizeDismissedList(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    const dismissedList = [];
+    for (const dismissed of value) {
+        const normalized = normalizeDismissed(dismissed);
+        if (!normalized) {
+            continue;
+        }
+        dismissedList.push(normalized);
+    }
+    return dismissedList;
+}
+function isSameWarning(left, right) {
+    return (left.skillName === right.skillName &&
+        left.skillPath === right.skillPath &&
+        left.contentHash === right.contentHash);
+}
+function hasDismissedMatch(dismissed, skillName, contentHash) {
+    if (dismissed.skillName !== skillName) {
+        return false;
+    }
+    if (!dismissed.contentHash) {
+        return true;
+    }
+    return dismissed.contentHash === contentHash;
+}
+class WarningStore {
+    constructor(options = {}) {
+        this.state = null;
+        this.filePath = options.filePath ?? (0, node_path_1.join)(options.homeDir ?? (0, node_os_1.homedir)(), WARNING_DIR, WARNING_FILE);
+        this.now = options.now ?? Date.now;
+        this.readFileFn = options.readFileFn ?? promises_1.readFile;
+        this.writeFileFn =
+            options.writeFileFn ??
+                ((filePath, content) => (0, fs_1.atomicWriteFile)(filePath, content, { mode: PRIVATE_FILE_MODE }));
+    }
+    async addPending(warning) {
+        const state = await this.loadState();
+        const normalized = this.normalizeInputWarning(warning);
+        if (this.isDismissedInState(state, normalized.skillName, normalized.contentHash)) {
+            return;
+        }
+        const existingIndex = state.pending.findIndex((entry) => entry.skillName === normalized.skillName && entry.skillPath === normalized.skillPath);
+        if (existingIndex >= 0) {
+            state.pending[existingIndex] = normalized;
+        }
+        else {
+            state.pending.push(normalized);
+        }
+        await this.persist(state);
+    }
+    async getPending() {
+        const state = await this.loadState();
+        return state.pending.map(cloneWarning);
+    }
+    async getAcknowledged() {
+        const state = await this.loadState();
+        return state.acknowledged.map(cloneWarning);
+    }
+    async getDismissed() {
+        const state = await this.loadState();
+        return state.dismissed.map(cloneDismissed);
+    }
+    async isDismissed(skillName, contentHash) {
+        const state = await this.loadState();
+        return this.isDismissedInState(state, skillName, contentHash);
+    }
+    async acknowledge(skillName, skillPath) {
+        const state = await this.loadState();
+        const matched = state.pending.filter((entry) => skillPath ? entry.skillName === skillName && entry.skillPath === skillPath : entry.skillName === skillName);
+        if (matched.length === 0) {
+            return 0;
+        }
+        state.pending = state.pending.filter((entry) => skillPath ? !(entry.skillName === skillName && entry.skillPath === skillPath) : entry.skillName !== skillName);
+        for (const warning of matched) {
+            const alreadyAcknowledged = state.acknowledged.some((entry) => isSameWarning(entry, warning));
+            if (!alreadyAcknowledged) {
+                state.acknowledged.push(cloneWarning(warning));
+            }
+        }
+        await this.persist(state);
+        return matched.length;
+    }
+    async acknowledgeAll(warnings) {
+        if (warnings.length === 0) {
+            return 0;
+        }
+        const state = await this.loadState();
+        const targetKeys = new Set(warnings.map((warning) => `${warning.skillName}\u0000${warning.skillPath}`));
+        let movedCount = 0;
+        const nextPending = [];
+        for (const warning of state.pending) {
+            const key = `${warning.skillName}\u0000${warning.skillPath}`;
+            if (!targetKeys.has(key)) {
+                nextPending.push(warning);
+                continue;
+            }
+            movedCount += 1;
+            const alreadyAcknowledged = state.acknowledged.some((entry) => isSameWarning(entry, warning));
+            if (!alreadyAcknowledged) {
+                state.acknowledged.push(cloneWarning(warning));
+            }
+        }
+        if (movedCount === 0) {
+            return 0;
+        }
+        state.pending = nextPending;
+        await this.persist(state);
+        return movedCount;
+    }
+    async dismiss(skillName) {
+        const state = await this.loadState();
+        const matchedWarnings = [
+            ...state.pending.filter((entry) => entry.skillName === skillName),
+            ...state.acknowledged.filter((entry) => entry.skillName === skillName),
+        ];
+        state.pending = state.pending.filter((entry) => entry.skillName !== skillName);
+        state.acknowledged = state.acknowledged.filter((entry) => entry.skillName !== skillName);
+        state.dismissed = state.dismissed.filter((entry) => entry.skillName !== skillName);
+        state.dismissed.push({
+            skillName,
+            dismissedAt: new Date(this.now()).toISOString(),
+        });
+        await this.persist(state);
+        return matchedWarnings.length;
+    }
+    async clearPending() {
+        const state = await this.loadState();
+        state.pending = [];
+        await this.persist(state);
+    }
+    async replacePending(warnings) {
+        const state = await this.loadState();
+        const nextPending = [];
+        for (const warning of warnings) {
+            const normalized = this.normalizeInputWarning(warning);
+            if (this.isDismissedInState(state, normalized.skillName, normalized.contentHash)) {
+                continue;
+            }
+            const duplicate = nextPending.some((entry) => entry.skillName === normalized.skillName &&
+                entry.skillPath === normalized.skillPath &&
+                entry.contentHash === normalized.contentHash);
+            if (!duplicate) {
+                nextPending.push(normalized);
+            }
+        }
+        state.pending = nextPending;
+        await this.persist(state);
+    }
+    normalizeInputWarning(warning) {
+        const normalized = normalizeWarning(warning);
+        if (!normalized) {
+            throw new Error('Invalid warning payload');
+        }
+        return normalized;
+    }
+    isDismissedInState(state, skillName, contentHash) {
+        return state.dismissed.some((entry) => hasDismissedMatch(entry, skillName, contentHash));
+    }
+    async loadState() {
+        if (this.state) {
+            return this.state;
+        }
+        try {
+            const raw = await this.readFileFn(this.filePath, 'utf8');
+            const parsed = JSON.parse(raw);
+            const normalized = this.normalizeState(parsed);
+            this.state = normalized;
+            return normalized;
+        }
+        catch {
+            const empty = this.createEmptyState();
+            this.state = empty;
+            return empty;
+        }
+    }
+    normalizeState(raw) {
+        if (!raw || typeof raw !== 'object' || Array.isArray(raw)) {
+            return this.createEmptyState();
+        }
+        const record = raw;
+        const version = typeof record.version === 'number' ? record.version : WARNING_STORE_VERSION;
+        return {
+            version,
+            pending: normalizeWarningList(record.pending),
+            acknowledged: normalizeWarningList(record.acknowledged),
+            dismissed: normalizeDismissedList(record.dismissed),
+        };
+    }
+    createEmptyState() {
+        return {
+            version: WARNING_STORE_VERSION,
+            pending: [],
+            acknowledged: [],
+            dismissed: [],
+        };
+    }
+    async persist(state) {
+        state.version = WARNING_STORE_VERSION;
+        const payload = JSON.stringify({
+            version: state.version,
+            pending: state.pending,
+            acknowledged: state.acknowledged,
+            dismissed: state.dismissed,
+        }, null, 2);
+        await this.writeFileFn(this.filePath, `${payload}\n`);
+    }
+}
+exports.WarningStore = WarningStore;

package/dist/guard/getDefaultPolicy.d.ts

@@ -0,0 +1,3 @@
+import type { Policy } from '@sapper-ai/types';
+export declare function getDefaultPolicy(): Policy;
+//# sourceMappingURL=getDefaultPolicy.d.ts.map

package/dist/guard/getDefaultPolicy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"getDefaultPolicy.d.ts","sourceRoot":"","sources":["../../src/guard/getDefaultPolicy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAa9C,wBAAgB,gBAAgB,IAAI,MAAM,CASzC"}

package/dist/guard/getDefaultPolicy.js

@@ -0,0 +1,23 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getDefaultPolicy = getDefaultPolicy;
+const DEFAULT_POLICY = {
+    mode: 'enforce',
+    defaultAction: 'allow',
+    failOpen: true,
+    detectors: ['rules'],
+    thresholds: {
+        riskThreshold: 0.7,
+        blockMinConfidence: 0.5,
+    },
+};
+function getDefaultPolicy() {
+    return {
+        ...DEFAULT_POLICY,
+        detectors: [...(DEFAULT_POLICY.detectors ?? ['rules'])],
+        thresholds: {
+            riskThreshold: DEFAULT_POLICY.thresholds?.riskThreshold ?? 0.7,
+            blockMinConfidence: DEFAULT_POLICY.thresholds?.blockMinConfidence ?? 0.5,
+        },
+    };
+}

package/dist/guard/hooks/guardCheck.d.ts

@@ -0,0 +1,12 @@
+import { WarningStore } from '../WarningStore';
+import type { GuardHookOutput, OutputWriter, SingleSkillScanResult } from '../types';
+export interface GuardCheckOptions {
+    warningStore?: WarningStore;
+    scanSkillFn?: (filePath: string) => Promise<SingleSkillScanResult>;
+    stdout?: OutputWriter;
+    stderr?: OutputWriter;
+    readFileFn?: (filePath: string, encoding: BufferEncoding) => Promise<string>;
+    now?: () => number;
+}
+export declare function guardCheck(options?: GuardCheckOptions): Promise<GuardHookOutput>;
+//# sourceMappingURL=guardCheck.d.ts.map

package/dist/guard/hooks/guardCheck.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardCheck.d.ts","sourceRoot":"","sources":["../../../src/guard/hooks/guardCheck.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAE9C,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,qBAAqB,EAAgB,MAAM,UAAU,CAAA;AAElG,MAAM,WAAW,iBAAiB;IAChC,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,WAAW,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,qBAAqB,CAAC,CAAA;IAClE,MAAM,CAAC,EAAE,YAAY,CAAA;IACrB,MAAM,CAAC,EAAE,YAAY,CAAA;IACrB,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,cAAc,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IAC5E,GAAG,CAAC,EAAE,MAAM,MAAM,CAAA;CACnB;AAoCD,wBAAsB,UAAU,CAAC,OAAO,GAAE,iBAAsB,GAAG,OAAO,CAAC,eAAe,CAAC,CA4H1F"}

package/dist/guard/hooks/guardCheck.js

@@ -0,0 +1,137 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.guardCheck = guardCheck;
+const promises_1 = require("node:fs/promises");
+const node_crypto_1 = require("node:crypto");
+const WarningStore_1 = require("../WarningStore");
+const scanSingleSkill_1 = require("../scanSingleSkill");
+function sha256(content) {
+    return (0, node_crypto_1.createHash)('sha256').update(content).digest('hex');
+}
+function writeJson(writer, payload) {
+    writer.write(`${JSON.stringify(payload)}\n`);
+}
+function writeError(stderr, message) {
+    stderr.write(`[sapper-ai] ${message}\n`);
+}
+function toWarningMessage(warnings) {
+    const lines = ['⚠ SapperAI: suspicious skills detected'];
+    for (const warning of warnings) {
+        lines.push(`- ${warning.skillName} (risk: ${warning.risk.toFixed(2)})`);
+        for (const reason of warning.reasons.slice(0, 3)) {
+            lines.push(`  -> ${reason}`);
+        }
+        lines.push(`  path: ${warning.skillPath}`);
+    }
+    return lines.join('\n');
+}
+async function guardCheck(options = {}) {
+    const stdout = options.stdout ?? process.stdout;
+    const stderr = options.stderr ?? process.stderr;
+    const warningStore = options.warningStore ?? new WarningStore_1.WarningStore();
+    const scanSkill = options.scanSkillFn ?? ((path) => (0, scanSingleSkill_1.scanSingleSkill)(path));
+    const read = options.readFileFn ?? promises_1.readFile;
+    const now = options.now ?? Date.now;
+    const summary = {
+        pending: 0,
+        delivered: 0,
+        acknowledged: 0,
+        removed: 0,
+        errors: 0,
+    };
+    try {
+        const pendingWarnings = await warningStore.getPending();
+        summary.pending = pendingWarnings.length;
+        if (pendingWarnings.length === 0) {
+            const payload = {
+                suppressPrompt: false,
+                message: '',
+                warnings: [],
+                summary: { ...summary },
+            };
+            writeJson(stdout, payload);
+            return payload;
+        }
+        const nextPending = [];
+        const deliverWarnings = [];
+        for (const warning of pendingWarnings) {
+            if (await warningStore.isDismissed(warning.skillName, warning.contentHash)) {
+                summary.removed += 1;
+                continue;
+            }
+            try {
+                const content = await read(warning.skillPath, 'utf8');
+                const currentHash = sha256(content);
+                if (currentHash === warning.contentHash) {
+                    deliverWarnings.push(warning);
+                    continue;
+                }
+                const rescanned = await scanSkill(warning.skillPath);
+                const postScanContent = await read(warning.skillPath, 'utf8');
+                const postScanHash = sha256(postScanContent);
+                if (postScanHash !== rescanned.contentHash) {
+                    deliverWarnings.push({
+                        ...warning,
+                        contentHash: postScanHash,
+                        risk: Math.max(warning.risk, rescanned.risk),
+                        reasons: [...warning.reasons, 'File changed during re-scan (possible TOCTOU)'],
+                        detectedAt: new Date(now()).toISOString(),
+                    });
+                    continue;
+                }
+                if (rescanned.decision === 'suspicious') {
+                    const rescannedWarning = {
+                        skillName: rescanned.skillName,
+                        skillPath: rescanned.skillPath,
+                        contentHash: rescanned.contentHash,
+                        risk: rescanned.risk,
+                        reasons: [...rescanned.reasons],
+                        detectedAt: new Date(now()).toISOString(),
+                    };
+                    if (await warningStore.isDismissed(rescannedWarning.skillName, rescannedWarning.contentHash)) {
+                        summary.removed += 1;
+                        continue;
+                    }
+                    deliverWarnings.push(rescannedWarning);
+                    continue;
+                }
+                summary.removed += 1;
+            }
+            catch (error) {
+                const nodeError = error;
+                if (nodeError?.code === 'ENOENT') {
+                    summary.removed += 1;
+                    continue;
+                }
+                summary.errors += 1;
+                const reason = error instanceof Error ? error.message : String(error);
+                writeError(stderr, `guard check failed for ${warning.skillPath}: ${reason}`);
+                nextPending.push(warning);
+            }
+        }
+        await warningStore.replacePending([...nextPending, ...deliverWarnings]);
+        summary.acknowledged = await warningStore.acknowledgeAll(deliverWarnings);
+        summary.delivered = deliverWarnings.length;
+        const payload = {
+            suppressPrompt: false,
+            message: deliverWarnings.length > 0 ? toWarningMessage(deliverWarnings) : '',
+            warnings: deliverWarnings,
+            summary: { ...summary },
+        };
+        writeJson(stdout, payload);
+        return payload;
+    }
+    catch (error) {
+        summary.errors += 1;
+        const reason = error instanceof Error ? error.message : String(error);
+        writeError(stderr, `guard check failed: ${reason}`);
+        const payload = {
+            suppressPrompt: false,
+            message: '',
+            warnings: [],
+            summary: { ...summary },
+        };
+        writeJson(stdout, payload);
+        return payload;
+    }
+}

package/dist/guard/hooks/guardScan.d.ts

@@ -0,0 +1,27 @@
+import { type Dirent } from 'node:fs';
+import { stat } from 'node:fs/promises';
+import { ScanCache } from '../ScanCache';
+import { WarningStore } from '../WarningStore';
+import type { GuardHookOutput, OutputWriter, SingleSkillScanResult } from '../types';
+type ReaddirWithFileTypes = (filePath: string, options: {
+    withFileTypes: true;
+    encoding: BufferEncoding;
+}) => Promise<Dirent[]>;
+export interface GuardScanOptions {
+    watchPaths?: string[];
+    currentWorkingDirectory?: string;
+    homeDir?: string;
+    stdout?: OutputWriter;
+    stderr?: OutputWriter;
+    scanCache?: ScanCache;
+    warningStore?: WarningStore;
+    scanSkillFn?: (filePath: string) => Promise<SingleSkillScanResult>;
+    readFileFn?: (filePath: string, encoding: BufferEncoding) => Promise<string>;
+    realpathFn?: (filePath: string) => Promise<string>;
+    readdirFn?: ReaddirWithFileTypes;
+    statFn?: typeof stat;
+    now?: () => number;
+}
+export declare function guardScan(options?: GuardScanOptions): Promise<GuardHookOutput>;
+export {};
+//# sourceMappingURL=guardScan.d.ts.map

package/dist/guard/hooks/guardScan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardScan.d.ts","sourceRoot":"","sources":["../../../src/guard/hooks/guardScan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,MAAM,EAAE,MAAM,SAAS,CAAA;AACrC,OAAO,EAA+B,IAAI,EAAE,MAAM,kBAAkB,CAAA;AAMpE,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAE9C,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAA;AAYpF,KAAK,oBAAoB,GAAG,CAC1B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE;IACP,aAAa,EAAE,IAAI,CAAA;IACnB,QAAQ,EAAE,cAAc,CAAA;CACzB,KACE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;AAEtB,MAAM,WAAW,gBAAgB;IAC/B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;IACrB,uBAAuB,CAAC,EAAE,MAAM,CAAA;IAChC,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,MAAM,CAAC,EAAE,YAAY,CAAA;IACrB,MAAM,CAAC,EAAE,YAAY,CAAA;IACrB,SAAS,CAAC,EAAE,SAAS,CAAA;IACrB,YAAY,CAAC,EAAE,YAAY,CAAA;IAC3B,WAAW,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,qBAAqB,CAAC,CAAA;IAClE,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,cAAc,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IAC5E,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAA;IAClD,SAAS,CAAC,EAAE,oBAAoB,CAAA;IAChC,MAAM,CAAC,EAAE,OAAO,IAAI,CAAA;IACpB,GAAG,CAAC,EAAE,MAAM,MAAM,CAAA;CACnB;AAyJD,wBAAsB,SAAS,CAAC,OAAO,GAAE,gBAAqB,GAAG,OAAO,CAAC,eAAe,CAAC,CAmHxF"}