shieldcortex 2.4.22 → 2.4.24

package/dist/defence/skill-scanner/scan-skill.js

@@ -0,0 +1,397 @@
+/**
+ * Skill Scanner — Core Module
+ *
+ * Scans agent instruction files (skill definitions, tool configs, rules files)
+ * for threats using the full ShieldCortex defence pipeline combined with
+ * skill-specific pattern detection.
+ *
+ * Public API:
+ *  - scanSkill(filePath, options?)     — read from disc and scan
+ *  - scanSkillContent(content, options?) — scan raw content directly
+ *
+ * Never throws — returns safe defaults on errors.
+ */
+import { analyzeFirewall } from '../firewall/index.js';
+import { classifySensitivity } from '../sensitivity/index.js';
+import { DEFAULT_DEFENCE_CONFIG } from '../types.js';
+import { detectSkillThreats, detectCodeThreats } from './patterns.js';
+import { readSkillFile, parseSkillFile } from './parser.js';
+// ── Threat Description Map ───────────────────────────────────────────────────
+const THREAT_DESCRIPTIONS = {
+    // Skill-specific patterns
+    tool_injection: 'Instructions to execute shell commands or write files',
+    scope_escalation: 'Attempts to access files outside the project directory',
+    data_exfiltration: 'Instructions to send data to external services',
+    persistence: 'Attempts to modify agent configuration files',
+    supply_chain: 'Instructions to install packages or modify dependencies',
+    agent_manipulation: 'Instructions to disable safety checks or permissions',
+    stealth_instruction: 'Hidden instructions using formatting tricks',
+    // Code patterns
+    dangerous_require: 'Imports dangerous Node.js modules (child_process, net)',
+    dangerous_calls: 'Uses dangerous function calls (eval, exec, spawn)',
+    filesystem_access: 'Accesses sensitive filesystem paths',
+    network_access: 'Makes network requests to external services',
+    // Firewall threat indicators
+    instruction_injection: 'Prompt injection detected by firewall',
+    privilege_escalation: 'Privilege escalation patterns detected',
+    encoding_obfuscation: 'Obfuscated or encoded content detected',
+    credential_leak: 'Potential credential or secret exposure',
+    external_url: 'References to external URLs detected',
+    fragmented_payload: 'Fragmented payload assembly detected',
+    pipeline_error: 'Defence pipeline encountered an error',
+};
+// ── Severity Helpers ─────────────────────────────────────────────────────────
+/** Severity ranking for comparison. */
+const SEVERITY_RANK = {
+    low: 1,
+    medium: 2,
+    high: 3,
+    critical: 4,
+};
+/**
+ * Derive severity for a firewall threat indicator based on the firewall result.
+ */
+function deriveFirewallSeverity(firewallResult, indicator) {
+    if (firewallResult === 'BLOCK') {
+        if (indicator === 'instruction_injection' || indicator === 'credential_leak') {
+            return 'critical';
+        }
+        return 'high';
+    }
+    if (firewallResult === 'QUARANTINE') {
+        if (indicator === 'instruction_injection') {
+            return 'high';
+        }
+        return 'medium';
+    }
+    return 'low';
+}
+/**
+ * Derive severity for a skill/code threat based on its confidence score.
+ */
+function deriveSkillThreatSeverity(confidence) {
+    if (confidence >= 0.85)
+        return 'high';
+    if (confidence >= 0.6)
+        return 'medium';
+    return 'low';
+}
+/**
+ * Return the highest severity from an array of findings, or 'safe' if empty.
+ */
+function highestSeverity(findings) {
+    if (findings.length === 0)
+        return 'safe';
+    let maxRank = 0;
+    let maxSeverity = 'low';
+    for (const finding of findings) {
+        const rank = SEVERITY_RANK[finding.severity] ?? 0;
+        if (rank > maxRank) {
+            maxRank = rank;
+            maxSeverity = finding.severity;
+        }
+    }
+    return maxSeverity;
+}
+/**
+ * Look up a human-readable description for a threat pattern name.
+ */
+function descriptionFor(pattern) {
+    return THREAT_DESCRIPTIONS[pattern] ?? `Threat pattern detected: ${pattern}`;
+}
+/**
+ * Truncate text to a maximum length, appending an ellipsis if needed.
+ */
+function truncate(text, maxLength) {
+    if (text.length <= maxLength)
+        return text;
+    return text.slice(0, maxLength - 1) + '\u2026';
+}
+// ── Build Config ─────────────────────────────────────────────────────────────
+/**
+ * Build a DefenceConfig with the mode optionally overridden.
+ */
+function buildConfig(mode) {
+    if (!mode || mode === DEFAULT_DEFENCE_CONFIG.mode) {
+        return DEFAULT_DEFENCE_CONFIG;
+    }
+    return { ...DEFAULT_DEFENCE_CONFIG, mode };
+}
+// ── Core Scan Logic ──────────────────────────────────────────────────────────
+/**
+ * Internal scan implementation that operates on a ParsedSkill.
+ */
+function scanParsed(parsed, options) {
+    const startTime = Date.now();
+    const includeContent = options?.includeContent ?? false;
+    const config = buildConfig(options?.mode);
+    const findings = [];
+    // 1. Firewall analysis — treat skill files as untrusted (trust 0.3)
+    const source = { type: 'file', identifier: parsed.name };
+    const firewall = analyzeFirewall(parsed.content, parsed.name, source, 0.3, config);
+    // 2. Sensitivity classification
+    const sensitivity = classifySensitivity(parsed.content, parsed.name);
+    // 3. Collect findings from firewall threat indicators
+    if (firewall.result === 'BLOCK' || firewall.result === 'QUARANTINE') {
+        for (const indicator of firewall.threatIndicators) {
+            const severity = deriveFirewallSeverity(firewall.result, indicator);
+            const finding = {
+                pattern: indicator,
+                severity,
+                description: descriptionFor(indicator),
+            };
+            if (includeContent && firewall.blockedPatterns.length > 0) {
+                finding.matchedText = truncate(firewall.blockedPatterns[0], 80);
+            }
+            findings.push(finding);
+        }
+        // If firewall blocked/quarantined but reported no specific indicators
+        if (firewall.threatIndicators.length === 0) {
+            findings.push({
+                pattern: 'instruction_injection',
+                severity: firewall.result === 'BLOCK' ? 'high' : 'medium',
+                description: firewall.reason,
+            });
+        }
+    }
+    // 4. Skill-specific threat detection
+    const skillResult = detectSkillThreats(parsed.content);
+    addSkillFindings(findings, skillResult, parsed.content, includeContent);
+    // 5. Code threat detection for code-bearing formats
+    if (parsed.format === 'hook-js' || parsed.format === 'continue-json') {
+        const codeResult = detectCodeThreats(parsed.content);
+        addSkillFindings(findings, codeResult, parsed.content, includeContent);
+    }
+    // 6. Scan metadata values if present
+    if (parsed.metadata && Object.keys(parsed.metadata).length > 0) {
+        try {
+            const metadataStr = JSON.stringify(parsed.metadata);
+            const metaResult = detectSkillThreats(metadataStr);
+            addSkillFindings(findings, metaResult, metadataStr, includeContent);
+        }
+        catch {
+            // JSON.stringify failed — skip metadata scan
+        }
+    }
+    // 7. Flag RESTRICTED sensitivity content
+    if (sensitivity.level === 'RESTRICTED') {
+        findings.push({
+            pattern: 'credential_leak',
+            severity: 'high',
+            description: `RESTRICTED content detected: ${sensitivity.detectedPatterns.join(', ')}`,
+        });
+    }
+    // 8. Deduplicate findings by pattern name (keep highest severity)
+    const deduped = deduplicateFindings(findings);
+    // 9. Derive overall risk level and safety
+    const riskLevel = highestSeverity(deduped);
+    const safe = !deduped.some((f) => f.severity === 'high' || f.severity === 'critical');
+    // 10. Generate summary
+    const summary = generateSummary(parsed.name, deduped, riskLevel, safe);
+    return {
+        safe,
+        skillName: parsed.name,
+        format: parsed.format,
+        findings: deduped,
+        riskLevel,
+        summary,
+        scanDurationMs: Date.now() - startTime,
+        firewall,
+        sensitivity,
+    };
+}
+/**
+ * Add findings from a SkillThreatResult into the findings array.
+ */
+function addSkillFindings(findings, result, content, includeContent) {
+    if (!result.detected)
+        return;
+    const severity = deriveSkillThreatSeverity(result.confidence);
+    for (const threat of result.threats) {
+        const finding = {
+            pattern: threat,
+            severity,
+            description: descriptionFor(threat),
+        };
+        if (includeContent) {
+            // Try to find the first relevant line for context
+            const snippet = findSnippetForThreat(content, threat);
+            if (snippet) {
+                finding.matchedText = truncate(snippet, 80);
+            }
+        }
+        findings.push(finding);
+    }
+}
+/**
+ * Attempt to find a content snippet relevant to a named threat.
+ * Returns the first line containing a keyword associated with the threat,
+ * or null if nothing obvious is found.
+ */
+function findSnippetForThreat(content, threat) {
+    const keywords = {
+        tool_injection: ['execute', 'run', 'bash', 'shell', 'command', 'script'],
+        scope_escalation: ['.ssh', '.aws', '.env', '/etc/', 'process.env'],
+        data_exfiltration: ['send', 'post', 'curl', 'upload', 'webhook', 'fetch'],
+        persistence: ['.claude', '.cursorrules', 'crontab', 'hook', 'bashrc'],
+        supply_chain: ['npm install', 'pip install', 'package.json', 'dependency'],
+        agent_manipulation: ['ignore', 'bypass', 'disable', 'override', 'skip'],
+        stealth_instruction: ['<!--', '---'],
+        dangerous_require: ['child_process', 'require', 'import'],
+        dangerous_calls: ['eval', 'exec', 'spawn', 'Function'],
+        filesystem_access: ['readFile', 'writeFile', '.env', '.key'],
+        network_access: ['http', 'fetch', 'WebSocket', 'listen'],
+    };
+    const kws = keywords[threat];
+    if (!kws)
+        return null;
+    const lines = content.split('\n');
+    for (const line of lines) {
+        const trimmed = line.trim();
+        if (trimmed.length === 0)
+            continue;
+        for (const kw of kws) {
+            if (trimmed.toLowerCase().includes(kw.toLowerCase())) {
+                return trimmed;
+            }
+        }
+    }
+    return null;
+}
+/**
+ * Deduplicate findings by pattern name, keeping the highest severity instance.
+ */
+function deduplicateFindings(findings) {
+    const byPattern = new Map();
+    for (const finding of findings) {
+        const existing = byPattern.get(finding.pattern);
+        if (!existing) {
+            byPattern.set(finding.pattern, finding);
+        }
+        else {
+            const existingRank = SEVERITY_RANK[existing.severity] ?? 0;
+            const newRank = SEVERITY_RANK[finding.severity] ?? 0;
+            if (newRank > existingRank) {
+                byPattern.set(finding.pattern, finding);
+            }
+        }
+    }
+    return [...byPattern.values()];
+}
+/**
+ * Generate a one-line human-readable summary of the scan result.
+ */
+function generateSummary(name, findings, riskLevel, safe) {
+    if (findings.length === 0) {
+        return `${name}: no threats detected`;
+    }
+    const severityCounts = { critical: 0, high: 0, medium: 0, low: 0 };
+    for (const f of findings) {
+        severityCounts[f.severity]++;
+    }
+    const parts = [];
+    if (severityCounts.critical > 0)
+        parts.push(`${severityCounts.critical} critical`);
+    if (severityCounts.high > 0)
+        parts.push(`${severityCounts.high} high`);
+    if (severityCounts.medium > 0)
+        parts.push(`${severityCounts.medium} medium`);
+    if (severityCounts.low > 0)
+        parts.push(`${severityCounts.low} low`);
+    const riskLabel = safe ? 'review recommended' : 'unsafe';
+    return `${name}: ${findings.length} finding(s) (${parts.join(', ')}) — ${riskLabel}`;
+}
+// ── Public API ───────────────────────────────────────────────────────────────
+/**
+ * Scan a skill file from disc for threats.
+ *
+ * Reads the file, auto-detects its format, and runs the full defence pipeline
+ * plus skill-specific pattern detection.
+ *
+ * Never throws — returns safe defaults if the file cannot be read.
+ */
+export function scanSkill(filePath, options) {
+    try {
+        const parsed = readSkillFile(filePath);
+        const result = scanParsed(parsed, options);
+        return result;
+    }
+    catch {
+        // Return a safe default on any unexpected error
+        const startTime = Date.now();
+        return {
+            safe: true,
+            skillName: filePath,
+            format: 'unknown',
+            findings: [],
+            riskLevel: 'safe',
+            summary: `${filePath}: scan failed — could not read file`,
+            scanDurationMs: Date.now() - startTime,
+            firewall: {
+                result: 'ALLOW',
+                reason: 'Scan failed — file unreadable',
+                threatIndicators: [],
+                anomalyScore: 0,
+                blockedPatterns: [],
+            },
+            sensitivity: {
+                level: 'PUBLIC',
+                confidence: 0,
+                detectedPatterns: [],
+                redactionRequired: false,
+            },
+        };
+    }
+}
+/**
+ * Scan raw skill content for threats without reading from disc.
+ *
+ * Useful when the content is already in memory (e.g. received via API,
+ * read from a database, or extracted from a larger document).
+ *
+ * @param content  Raw file content to scan
+ * @param options  Scan options (mode, includeContent)
+ * @param format   Optional format hint — auto-detected as 'unknown' if omitted
+ * @param name     Optional skill name — defaults to 'inline'
+ */
+export function scanSkillContent(content, options, format, name) {
+    try {
+        const parsed = parseSkillFile(content, format);
+        // Override name if provided
+        if (name) {
+            parsed.name = name;
+        }
+        else if (parsed.name === 'unknown') {
+            parsed.name = 'inline';
+        }
+        return scanParsed(parsed, options);
+    }
+    catch {
+        // Return a safe default on any unexpected error
+        const effectiveName = name ?? 'inline';
+        const startTime = Date.now();
+        return {
+            safe: true,
+            skillName: effectiveName,
+            format: format ?? 'unknown',
+            findings: [],
+            riskLevel: 'safe',
+            summary: `${effectiveName}: scan failed — unexpected error`,
+            scanDurationMs: Date.now() - startTime,
+            firewall: {
+                result: 'ALLOW',
+                reason: 'Scan failed — unexpected error',
+                threatIndicators: [],
+                anomalyScore: 0,
+                blockedPatterns: [],
+            },
+            sensitivity: {
+                level: 'PUBLIC',
+                confidence: 0,
+                detectedPatterns: [],
+                redactionRequired: false,
+            },
+        };
+    }
+}
+//# sourceMappingURL=scan-skill.js.map

package/dist/defence/skill-scanner/scan-skill.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan-skill.js","sourceRoot":"","sources":["../../../src/defence/skill-scanner/scan-skill.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAQ9D,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAEtE,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AA8C5D,gFAAgF;AAEhF,MAAM,mBAAmB,GAA2B;IAClD,0BAA0B;IAC1B,cAAc,EAAE,uDAAuD;IACvE,gBAAgB,EAAE,wDAAwD;IAC1E,iBAAiB,EAAE,gDAAgD;IACnE,WAAW,EAAE,8CAA8C;IAC3D,YAAY,EAAE,yDAAyD;IACvE,kBAAkB,EAAE,sDAAsD;IAC1E,mBAAmB,EAAE,6CAA6C;IAElE,gBAAgB;IAChB,iBAAiB,EAAE,wDAAwD;IAC3E,eAAe,EAAE,mDAAmD;IACpE,iBAAiB,EAAE,qCAAqC;IACxD,cAAc,EAAE,6CAA6C;IAE7D,6BAA6B;IAC7B,qBAAqB,EAAE,uCAAuC;IAC9D,oBAAoB,EAAE,wCAAwC;IAC9D,oBAAoB,EAAE,wCAAwC;IAC9D,eAAe,EAAE,yCAAyC;IAC1D,YAAY,EAAE,sCAAsC;IACpD,kBAAkB,EAAE,sCAAsC;IAC1D,cAAc,EAAE,uCAAuC;CACxD,CAAC;AAEF,gFAAgF;AAEhF,uCAAuC;AACvC,MAAM,aAAa,GAA2B;IAC5C,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF;;GAEG;AACH,SAAS,sBAAsB,CAC7B,cAAsB,EACtB,SAA0B;IAE1B,IAAI,cAAc,KAAK,OAAO,EAAE,CAAC;QAC/B,IAAI,SAAS,KAAK,uBAAuB,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;YAC7E,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,cAAc,KAAK,YAAY,EAAE,CAAC;QACpC,IAAI,SAAS,KAAK,uBAAuB,EAAE,CAAC;YAC1C,OAAO,MAAM,CAAC;QAChB,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,UAAkB;IACnD,IAAI,UAAU,IAAI,IAAI;QAAE,OAAO,MAAM,CAAC;IACtC,IAAI,UAAU,IAAI,GAAG;QAAE,OAAO,QAAQ,CAAC;IACvC,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CACtB,QAA8B;IAE9B,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,MAAM,CAAC;IAEzC,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,IAAI,WAAW,GAA2C,KAAK,CAAC;IAEhE,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAClD,IAAI,IAAI,GAAG,OAAO,EAAE,CAAC;YACnB,OAAO,GAAG,IAAI,CAAC;YACf,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,CAAC;IACH,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,OAAe;IACrC,OAAO,mBAAmB,CAAC,OAAO,CAAC,IAAI,4BAA4B,OAAO,EAAE,CAAC;AAC/E,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,IAAY,EAAE,SAAiB;IAC/C,IAAI,IAAI,CAAC,MAAM,IAAI,SAAS;QAAE,OAAO,IAAI,CAAC;IAC1C,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,GAAG,QAAQ,CAAC;AACjD,CAAC;AAED,gFAAgF;AAEhF;;GAEG;AACH,SAAS,WAAW,CAAC,IAA2C;IAC9D,IAAI,CAAC,IAAI,IAAI,IAAI,KAAK,sBAAsB,CAAC,IAAI,EAAE,CAAC;QAClD,OAAO,sBAAsB,CAAC;IAChC,CAAC;IACD,OAAO,EAAE,GAAG,sBAAsB,EAAE,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,gFAAgF;AAEhF;;GAEG;AACH,SAAS,UAAU,CACjB,MAAmB,EACnB,OAA0B;IAE1B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,KAAK,CAAC;IACxD,MAAM,MAAM,GAAG,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAE1C,MAAM,QAAQ,GAAyB,EAAE,CAAC;IAE1C,oEAAoE;IACpE,MAAM,MAAM,GAAkB,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;IACxE,MAAM,QAAQ,GAAG,eAAe,CAC9B,MAAM,CAAC,OAAO,EACd,MAAM,CAAC,IAAI,EACX,MAAM,EACN,GAAG,EACH,MAAM,CACP,CAAC;IAEF,gCAAgC;IAChC,MAAM,WAAW,GAAG,mBAAmB,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;IAErE,sDAAsD;IACtD,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,IAAI,QAAQ,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;QACpE,KAAK,MAAM,SAAS,IAAI,QAAQ,CAAC,gBAAgB,EAAE,CAAC;YAClD,MAAM,QAAQ,GAAG,sBAAsB,CAAC,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YACpE,MAAM,OAAO,GAAuB;gBAClC,OAAO,EAAE,SAAS;gBAClB,QAAQ;gBACR,WAAW,EAAE,cAAc,CAAC,SAAS,CAAC;aACvC,CAAC;YAEF,IAAI,cAAc,IAAI,QAAQ,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1D,OAAO,CAAC,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAClE,CAAC;YAED,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;QAED,sEAAsE;QACtE,IAAI,QAAQ,CAAC,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,uBAAuB;gBAChC,QAAQ,EAAE,QAAQ,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBACzD,WAAW,EAAE,QAAQ,CAAC,MAAM;aAC7B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,MAAM,WAAW,GAAG,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvD,gBAAgB,CAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IAExE,oDAAoD;IACpD,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;QACrE,MAAM,UAAU,GAAG,iBAAiB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACrD,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IACzE,CAAC;IAED,qCAAqC;IACrC,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/D,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;YACnD,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC;QACtE,CAAC;QAAC,MAAM,CAAC;YACP,6CAA6C;QAC/C,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,IAAI,WAAW,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;QACvC,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,iBAAiB;YAC1B,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,gCAAgC,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;SACvF,CAAC,CAAC;IACL,CAAC;IAED,kEAAkE;IAClE,MAAM,OAAO,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAE9C,0CAA0C;IAC1C,MAAM,SAAS,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,CACxB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAC1D,CAAC;IAEF,uBAAuB;IACvB,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;IAEvE,OAAO;QACL,IAAI;QACJ,SAAS,EAAE,MAAM,CAAC,IAAI;QACtB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,OAAO;QACjB,SAAS;QACT,OAAO;QACP,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;QACtC,QAAQ;QACR,WAAW;KACZ,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CACvB,QAA8B,EAC9B,MAAyB,EACzB,OAAe,EACf,cAAuB;IAEvB,IAAI,CAAC,MAAM,CAAC,QAAQ;QAAE,OAAO;IAE7B,MAAM,QAAQ,GAAG,yBAAyB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAE9D,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACpC,MAAM,OAAO,GAAuB;YAClC,OAAO,EAAE,MAAM;YACf,QAAQ;YACR,WAAW,EAAE,cAAc,CAAC,MAAM,CAAC;SACpC,CAAC;QAEF,IAAI,cAAc,EAAE,CAAC;YACnB,kDAAkD;YAClD,MAAM,OAAO,GAAG,oBAAoB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACtD,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,WAAW,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,OAAe,EAAE,MAAc;IAC3D,MAAM,QAAQ,GAA6B;QACzC,cAAc,EAAE,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;QACxE,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,CAAC;QAClE,iBAAiB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC;QACzE,WAAW,EAAE,CAAC,SAAS,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,CAAC;QACrE,YAAY,EAAE,CAAC,aAAa,EAAE,aAAa,EAAE,cAAc,EAAE,YAAY,CAAC;QAC1E,kBAAkB,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC;QACvE,mBAAmB,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC;QACpC,iBAAiB,EAAE,CAAC,eAAe,EAAE,SAAS,EAAE,QAAQ,CAAC;QACzD,eAAe,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,CAAC;QACtD,iBAAiB,EAAE,CAAC,UAAU,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,CAAC;QAC5D,cAAc,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,CAAC;KACzD,CAAC;IAEF,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7B,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAEtB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEnC,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;YACrB,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACrD,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,QAA8B;IACzD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA8B,CAAC;IAExD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAChD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAC1C,CAAC;aAAM,CAAC;YACN,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC3D,MAAM,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACrD,IAAI,OAAO,GAAG,YAAY,EAAE,CAAC;gBAC3B,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CACtB,IAAY,EACZ,QAA8B,EAC9B,SAA0D,EAC1D,IAAa;IAEb,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,GAAG,IAAI,uBAAuB,CAAC;IACxC,CAAC;IAED,MAAM,cAAc,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IACnE,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;IAC/B,CAAC;IAED,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,cAAc,CAAC,QAAQ,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,QAAQ,WAAW,CAAC,CAAC;IACnF,IAAI,cAAc,CAAC,IAAI,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,IAAI,OAAO,CAAC,CAAC;IACvE,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,MAAM,SAAS,CAAC,CAAC;IAC7E,IAAI,cAAc,CAAC,GAAG,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,GAAG,MAAM,CAAC,CAAC;IAEpE,MAAM,SAAS,GAAG,IAAI,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,QAAQ,CAAC;IAEzD,OAAO,GAAG,IAAI,KAAK,QAAQ,CAAC,MAAM,gBAAgB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,SAAS,EAAE,CAAC;AACvF,CAAC;AAED,gFAAgF;AAEhF;;;;;;;GAOG;AACH,MAAM,UAAU,SAAS,CACvB,QAAgB,EAChB,OAA0B;IAE1B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,gDAAgD;QAChD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,OAAO;YACL,IAAI,EAAE,IAAI;YACV,SAAS,EAAE,QAAQ;YACnB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE,EAAE;YACZ,SAAS,EAAE,MAAM;YACjB,OAAO,EAAE,GAAG,QAAQ,qCAAqC;YACzD,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YACtC,QAAQ,EAAE;gBACR,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,+BAA+B;gBACvC,gBAAgB,EAAE,EAAE;gBACpB,YAAY,EAAE,CAAC;gBACf,eAAe,EAAE,EAAE;aACpB;YACD,WAAW,EAAE;gBACX,KAAK,EAAE,QAAQ;gBACf,UAAU,EAAE,CAAC;gBACb,gBAAgB,EAAE,EAAE;gBACpB,iBAAiB,EAAE,KAAK;aACzB;SACF,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,gBAAgB,CAC9B,OAAe,EACf,OAA0B,EAC1B,MAAoB,EACpB,IAAa;IAEb,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAE/C,4BAA4B;QAC5B,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC;QACrB,CAAC;aAAM,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,CAAC,IAAI,GAAG,QAAQ,CAAC;QACzB,CAAC;QAED,OAAO,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,gDAAgD;QAChD,MAAM,aAAa,GAAG,IAAI,IAAI,QAAQ,CAAC;QACvC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,OAAO;YACL,IAAI,EAAE,IAAI;YACV,SAAS,EAAE,aAAa;YACxB,MAAM,EAAE,MAAM,IAAI,SAAS;YAC3B,QAAQ,EAAE,EAAE;YACZ,SAAS,EAAE,MAAM;YACjB,OAAO,EAAE,GAAG,aAAa,kCAAkC;YAC3D,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YACtC,QAAQ,EAAE;gBACR,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,gCAAgC;gBACxC,gBAAgB,EAAE,EAAE;gBACpB,YAAY,EAAE,CAAC;gBACf,eAAe,EAAE,EAAE;aACpB;YACD,WAAW,EAAE;gBACX,KAAK,EAAE,QAAQ;gBACf,UAAU,EAAE,CAAC;gBACb,gBAAgB,EAAE,EAAE;gBACpB,iBAAiB,EAAE,KAAK;aACzB;SACF,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/embeddings/generator.d.ts

@@ -17,4 +17,9 @@ export declare function isModelLoaded(): boolean;
  * Preload the model (call during startup if desired)
  */
 export declare function preloadModel(): Promise<void>;
+/**
+ * Dispose the embedding model and release ONNX session resources.
+ * Call during shutdown to prevent SIGABRT from orphaned ONNX thread pools.
+ */
+export declare function disposeModel(): Promise<void>;
 //# sourceMappingURL=generator.d.ts.map

package/dist/embeddings/generator.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"generator.d.ts","sourceRoot":"","sources":["../../src/embeddings/generator.ts"],"names":[],"mappings":"AAoCA;;;;GAIG;AACH,wBAAsB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAgB3E;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,YAAY,GAAG,MAAM,CAmBzE;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,OAAO,CAEvC;AAED;;GAEG;AACH,wBAAsB,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC,CAElD"}
+{"version":3,"file":"generator.d.ts","sourceRoot":"","sources":["../../src/embeddings/generator.ts"],"names":[],"mappings":"AAoCA;;;;GAIG;AACH,wBAAsB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CA4B3E;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,YAAY,GAAG,MAAM,CAmBzE;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI,OAAO,CAEvC;AAED;;GAEG;AACH,wBAAsB,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC,CAElD;AAED;;;GAGG;AACH,wBAAsB,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC,CAWlD"}

package/dist/embeddings/generator.js

@@ -41,11 +41,24 @@ export async function generateEmbedding(text) {
         pooling: 'mean',
         normalize: true,
     });
-    // Handle both Tensor objects (new @huggingface/transformers) and plain objects
-    const data = typeof output.tolist === 'function'
-        ? new Float32Array(output.tolist().flat(Infinity))
-        : new Float32Array(output.data);
-    return data;
+    try {
+        // Prefer .data (direct typed array) over .tolist() to avoid intermediate allocations
+        if (output.data && output.data.length > 0) {
+            return new Float32Array(output.data);
+        }
+        // Fallback for older/different Tensor implementations
+        if (typeof output.tolist === 'function') {
+            const list = output.tolist().flat(Infinity);
+            return new Float32Array(list);
+        }
+        throw new Error('Tensor has no .data or .tolist() — cannot extract embedding');
+    }
+    finally {
+        // CRITICAL: Release ONNX native memory backing this tensor
+        if (output && typeof output.dispose === 'function') {
+            output.dispose();
+        }
+    }
 }
 /**
  * Calculate cosine similarity between two embeddings
@@ -80,4 +93,21 @@ export function isModelLoaded() {
 export async function preloadModel() {
     await getEmbeddingPipeline();
 }
+/**
+ * Dispose the embedding model and release ONNX session resources.
+ * Call during shutdown to prevent SIGABRT from orphaned ONNX thread pools.
+ */
+export async function disposeModel() {
+    if (embeddingPipeline) {
+        try {
+            await embeddingPipeline.dispose();
+        }
+        catch {
+            // Best-effort disposal — don't block shutdown
+        }
+        embeddingPipeline = null;
+    }
+    loadPromise = null;
+    isLoading = false;
+}
 //# sourceMappingURL=generator.js.map

package/dist/embeddings/generator.js.map

@@ -1 +1 @@
-{"version":3,"file":"generator.js","sourceRoot":"","sources":["../../src/embeddings/generator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,2BAA2B,CAAC;AAG1D,0BAA0B;AAC1B,GAAG,CAAC,iBAAiB,GAAG,IAAI,CAAC;AAC7B,GAAG,CAAC,gBAAgB,GAAG,IAAI,CAAC;AAE5B,IAAI,iBAAiB,GAAqC,IAAI,CAAC;AAC/D,IAAI,SAAS,GAAG,KAAK,CAAC;AACtB,IAAI,WAAW,GAA8C,IAAI,CAAC;AAElE;;;;;GAKG;AACH,KAAK,UAAU,oBAAoB;IACjC,IAAI,iBAAiB;QAAE,OAAO,iBAAiB,CAAC;IAEhD,IAAI,SAAS,IAAI,WAAW,EAAE,CAAC;QAC7B,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,SAAS,GAAG,IAAI,CAAC;IACjB,WAAW,GAAG,QAAQ,CAAC,oBAAoB,EAAE,yBAAyB,CAAkD,CAAC;IAEzH,IAAI,CAAC;QACH,iBAAiB,GAAG,MAAM,WAAW,CAAC;QACtC,OAAO,iBAAiB,CAAC;IAC3B,CAAC;YAAS,CAAC;QACT,SAAS,GAAG,KAAK,CAAC;QAClB,WAAW,GAAG,IAAI,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAAY;IAClD,MAAM,SAAS,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAE/C,+DAA+D;IAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,SAAS,EAAE;QACxC,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,IAAI;KAChB,CAAC,CAAC;IAEH,+EAA+E;IAC/E,MAAM,IAAI,GAAG,OAAO,MAAM,CAAC,MAAM,KAAK,UAAU;QAC9C,CAAC,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAa,CAAC;QAC9D,CAAC,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC,IAAyB,CAAC,CAAC;IACvD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,CAAe,EAAE,CAAe;IAC/D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,MAAM,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACrB,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtD,IAAI,SAAS,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAE9B,OAAO,UAAU,GAAG,SAAS,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,iBAAiB,KAAK,IAAI,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,MAAM,oBAAoB,EAAE,CAAC;AAC/B,CAAC"}
+{"version":3,"file":"generator.js","sourceRoot":"","sources":["../../src/embeddings/generator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,2BAA2B,CAAC;AAG1D,0BAA0B;AAC1B,GAAG,CAAC,iBAAiB,GAAG,IAAI,CAAC;AAC7B,GAAG,CAAC,gBAAgB,GAAG,IAAI,CAAC;AAE5B,IAAI,iBAAiB,GAAqC,IAAI,CAAC;AAC/D,IAAI,SAAS,GAAG,KAAK,CAAC;AACtB,IAAI,WAAW,GAA8C,IAAI,CAAC;AAElE;;;;;GAKG;AACH,KAAK,UAAU,oBAAoB;IACjC,IAAI,iBAAiB;QAAE,OAAO,iBAAiB,CAAC;IAEhD,IAAI,SAAS,IAAI,WAAW,EAAE,CAAC;QAC7B,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,SAAS,GAAG,IAAI,CAAC;IACjB,WAAW,GAAG,QAAQ,CAAC,oBAAoB,EAAE,yBAAyB,CAAkD,CAAC;IAEzH,IAAI,CAAC;QACH,iBAAiB,GAAG,MAAM,WAAW,CAAC;QACtC,OAAO,iBAAiB,CAAC;IAC3B,CAAC;YAAS,CAAC;QACT,SAAS,GAAG,KAAK,CAAC;QAClB,WAAW,GAAG,IAAI,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAAY;IAClD,MAAM,SAAS,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAE/C,+DAA+D;IAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IAEtC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,SAAS,EAAE;QACxC,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,IAAI;KAChB,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,qFAAqF;QACrF,IAAI,MAAM,CAAC,IAAI,IAAK,MAAM,CAAC,IAA0B,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjE,OAAO,IAAI,YAAY,CAAC,MAAM,CAAC,IAAyB,CAAC,CAAC;QAC5D,CAAC;QACD,sDAAsD;QACtD,IAAI,OAAO,MAAM,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YACxC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAa,CAAC;YACxD,OAAO,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC;QAChC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC;IACjF,CAAC;YAAS,CAAC;QACT,2DAA2D;QAC3D,IAAI,MAAM,IAAI,OAAQ,MAAmC,CAAC,OAAO,KAAK,UAAU,EAAE,CAAC;YAChF,MAAkC,CAAC,OAAO,EAAE,CAAC;QAChD,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,CAAe,EAAE,CAAe;IAC/D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC,MAAM,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACrB,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACvB,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtD,IAAI,SAAS,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAE9B,OAAO,UAAU,GAAG,SAAS,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,OAAO,iBAAiB,KAAK,IAAI,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,MAAM,oBAAoB,EAAE,CAAC;AAC/B,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,IAAI,iBAAiB,EAAE,CAAC;QACtB,IAAI,CAAC;YACH,MAAM,iBAAiB,CAAC,OAAO,EAAE,CAAC;QACpC,CAAC;QAAC,MAAM,CAAC;YACP,8CAA8C;QAChD,CAAC;QACD,iBAAiB,GAAG,IAAI,CAAC;IAC3B,CAAC;IACD,WAAW,GAAG,IAAI,CAAC;IACnB,SAAS,GAAG,KAAK,CAAC;AACpB,CAAC"}

package/dist/embeddings/index.d.ts

@@ -1,2 +1,2 @@
-export { generateEmbedding, cosineSimilarity, isModelLoaded, preloadModel } from './generator.js';
+export { generateEmbedding, cosineSimilarity, isModelLoaded, preloadModel, disposeModel } from './generator.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/embeddings/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/embeddings/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/embeddings/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/embeddings/index.js

@@ -1,2 +1,2 @@
-export { generateEmbedding, cosineSimilarity, isModelLoaded, preloadModel } from './generator.js';
+export { generateEmbedding, cosineSimilarity, isModelLoaded, preloadModel, disposeModel } from './generator.js';
 //# sourceMappingURL=index.js.map

package/dist/embeddings/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/embeddings/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/embeddings/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,aAAa,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC"}

package/dist/index.js

@@ -41,6 +41,8 @@ import { setupClaudeMd } from './setup/claude-md.js';
 import { handleHookCommand } from './setup/hooks.js';
 import { handleOpenClawCommand } from './setup/openclaw.js';
 import { createRequire } from 'module';
+import { disposeModel } from './embeddings/index.js';
+import { stopDefaultWorker } from './worker/brain-worker.js';
 const require = createRequire(import.meta.url);
 const pkg = require('../package.json');
 // Get the directory of this file for relative paths
@@ -77,11 +79,15 @@ async function startMcpServer(dbPath) {
     const transport = new StdioServerTransport();
     // Register signal handlers BEFORE connect so cleanup runs even if connect() throws
     process.on('SIGINT', async () => {
+        stopDefaultWorker();
         await server.close();
+        await disposeModel();
         process.exit(0);
     });
     process.on('SIGTERM', async () => {
+        stopDefaultWorker();
         await server.close();
+        await disposeModel();
         process.exit(0);
     });
     // Connect via stdio transport
@@ -294,6 +300,88 @@ async function main() {
         }
         return;
     }
+    // Handle "scan-skill" subcommand — scan a single skill/instruction file
+    if (process.argv[2] === 'scan-skill') {
+        const filePath = process.argv[3];
+        if (!filePath) {
+            console.error('Usage: npx shieldcortex scan-skill <path>');
+            console.error('  Scans an agent instruction file for threats.');
+            console.error('  Supports: SKILL.md, HOOK.md, handler.js, .cursorrules,');
+            console.error('  .windsurfrules, .clinerules, CLAUDE.md, copilot-instructions.md,');
+            console.error('  .aider.conf.yml, .continue/config.json');
+            process.exit(1);
+        }
+        const { scanSkill } = await import('./defence/skill-scanner/index.js');
+        const result = scanSkill(filePath);
+        // Coloured output
+        const severityColor = {
+            critical: '\x1b[31m', // red
+            high: '\x1b[91m', // bright red
+            medium: '\x1b[33m', // yellow
+            low: '\x1b[36m', // cyan
+        };
+        const reset = '\x1b[0m';
+        const bold = '\x1b[1m';
+        console.log(`\n${bold}Skill Scanner Report${reset}`);
+        console.log(`${'─'.repeat(50)}`);
+        console.log(`  Skill:   ${result.skillName}`);
+        console.log(`  Format:  ${result.format}`);
+        console.log(`  Risk:    ${result.safe ? '\x1b[32mSAFE\x1b[0m' : `${severityColor[result.riskLevel] ?? ''}${result.riskLevel.toUpperCase()}${reset}`}`);
+        console.log(`  Time:    ${result.scanDurationMs}ms`);
+        if (result.findings.length > 0) {
+            console.log(`\n${bold}Findings (${result.findings.length}):${reset}`);
+            for (const f of result.findings) {
+                const color = severityColor[f.severity] ?? '';
+                console.log(`  ${color}[${f.severity.toUpperCase()}]${reset} ${f.pattern}`);
+                console.log(`         ${f.description}`);
+                if (f.matchedText) {
+                    console.log(`         Match: "${f.matchedText}"`);
+                }
+            }
+        }
+        else {
+            console.log(`\n  \x1b[32mNo threats detected.\x1b[0m`);
+        }
+        console.log(`\n${result.summary}\n`);
+        process.exit(result.safe ? 0 : 1);
+    }
+    // Handle "scan-skills" subcommand — scan all installed skills/hooks
+    if (process.argv[2] === 'scan-skills') {
+        const { scanSkill, discoverSkillFiles } = await import('./defence/skill-scanner/index.js');
+        const customDir = process.argv.indexOf('--dir') !== -1
+            ? process.argv[process.argv.indexOf('--dir') + 1]
+            : undefined;
+        const filesToScan = discoverSkillFiles(customDir);
+        if (filesToScan.length === 0) {
+            console.log('\nNo agent instruction files found to scan.');
+            console.log('Checked: Claude Code skills, OpenClaw hooks, .cursorrules, CLAUDE.md, and more.');
+            console.log('Use --dir <path> to scan a custom directory.\n');
+            process.exit(0);
+        }
+        const bold = '\x1b[1m';
+        const reset = '\x1b[0m';
+        console.log(`\n${bold}Scanning ${filesToScan.length} file(s)...${reset}\n`);
+        let threatCount = 0;
+        const results = [];
+        for (const fp of filesToScan) {
+            const result = scanSkill(fp);
+            results.push({ path: fp, safe: result.safe, riskLevel: result.riskLevel, summary: result.summary });
+            if (!result.safe)
+                threatCount++;
+            const icon = result.safe ? '\x1b[32m✓\x1b[0m' : '\x1b[31m✗\x1b[0m';
+            const risk = result.safe ? '\x1b[32msafe\x1b[0m' : `\x1b[31m${result.riskLevel}\x1b[0m`;
+            console.log(`  ${icon} ${risk.padEnd(20)} ${fp}`);
+            if (!result.safe) {
+                for (const f of result.findings) {
+                    if (f.severity === 'high' || f.severity === 'critical') {
+                        console.log(`    \x1b[31m[${f.severity}]\x1b[0m ${f.description}`);
+                    }
+                }
+            }
+        }
+        console.log(`\n${bold}Summary:${reset} ${filesToScan.length} scanned, ${threatCount} with threats\n`);
+        process.exit(threatCount > 0 ? 1 : 0);
+    }
     const { dbPath, mode } = parseArgs();
     let dashboardProcess = null;
     if (mode === 'api') {