shieldcortex 4.9.1 → 4.10.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dashboard/.next/standalone/dashboard/.next/BUILD_ID +1 -1
- package/dashboard/.next/standalone/dashboard/.next/build-manifest.json +2 -2
- package/dashboard/.next/standalone/dashboard/.next/prerender-manifest.json +3 -3
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/admin/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/admin/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/admin/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/cloud/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/cloud/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/cloud/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/capture/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/capture/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/capture/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/graph/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/graph/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/graph/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/recall/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/recall/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/recall/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/review/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/review/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/review/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/timeline/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/timeline/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/memory/timeline/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/overview/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/overview/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/overview/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/audit/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/audit/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/audit/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/intercepts/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/intercepts/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/intercepts/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/iron-dome/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/iron-dome/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/iron-dome/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/policies/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/policies/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/policies/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/quarantine/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/quarantine/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/protection/quarantine/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/settings/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/settings/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/settings/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/supply-chain/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/supply-chain/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/supply-chain/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/supply-chain/xray/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/supply-chain/xray/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/supply-chain/xray/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/xray/page.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/xray/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/(dashboard)/xray/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.html +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_full.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_full.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_not-found/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_not-found.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.segments/!KGRhc2hib2FyZCk/admin/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.segments/!KGRhc2hib2FyZCk/admin.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/admin.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.segments/!KGRhc2hib2FyZCk/cloud/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.segments/!KGRhc2hib2FyZCk/cloud.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/cloud.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_full.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/!KGRhc2hib2FyZCk/memory/capture/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/!KGRhc2hib2FyZCk/memory/capture.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/!KGRhc2hib2FyZCk/memory.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/capture.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/!KGRhc2hib2FyZCk/memory/graph/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/!KGRhc2hib2FyZCk/memory/graph.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/!KGRhc2hib2FyZCk/memory.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/graph.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/!KGRhc2hib2FyZCk/memory/recall/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/!KGRhc2hib2FyZCk/memory/recall.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/!KGRhc2hib2FyZCk/memory.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/recall.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/!KGRhc2hib2FyZCk/memory/review/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/!KGRhc2hib2FyZCk/memory/review.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/!KGRhc2hib2FyZCk/memory.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/review.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/!KGRhc2hib2FyZCk/memory/timeline/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/!KGRhc2hib2FyZCk/memory/timeline.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/!KGRhc2hib2FyZCk/memory.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory/timeline.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.rsc +17 -16
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.segments/!KGRhc2hib2FyZCk/memory/__PAGE__.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.segments/!KGRhc2hib2FyZCk/memory.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.segments/_full.segment.rsc +17 -16
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/memory.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.rsc +17 -16
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.segments/!KGRhc2hib2FyZCk/overview/__PAGE__.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.segments/!KGRhc2hib2FyZCk/overview.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.segments/_full.segment.rsc +17 -16
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/overview.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/page.js.nft.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/!KGRhc2hib2FyZCk/protection/audit/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/!KGRhc2hib2FyZCk/protection/audit.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/!KGRhc2hib2FyZCk/protection.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/audit.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/!KGRhc2hib2FyZCk/protection/intercepts/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/!KGRhc2hib2FyZCk/protection/intercepts.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/!KGRhc2hib2FyZCk/protection.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/intercepts.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/!KGRhc2hib2FyZCk/protection/iron-dome/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/!KGRhc2hib2FyZCk/protection/iron-dome.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/!KGRhc2hib2FyZCk/protection.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/iron-dome.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/!KGRhc2hib2FyZCk/protection/policies/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/!KGRhc2hib2FyZCk/protection/policies.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/!KGRhc2hib2FyZCk/protection.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/policies.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/!KGRhc2hib2FyZCk/protection/quarantine/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/!KGRhc2hib2FyZCk/protection/quarantine.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/!KGRhc2hib2FyZCk/protection.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection/quarantine.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.segments/!KGRhc2hib2FyZCk/protection/__PAGE__.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.segments/!KGRhc2hib2FyZCk/protection.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/protection.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.segments/!KGRhc2hib2FyZCk/settings/__PAGE__.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.segments/!KGRhc2hib2FyZCk/settings.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/settings.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/!KGRhc2hib2FyZCk/supply-chain/xray/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/!KGRhc2hib2FyZCk/supply-chain/xray.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/!KGRhc2hib2FyZCk/supply-chain.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain/xray.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.segments/!KGRhc2hib2FyZCk/supply-chain/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.segments/!KGRhc2hib2FyZCk/supply-chain.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/supply-chain.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.segments/!KGRhc2hib2FyZCk/xray/__PAGE__.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.segments/!KGRhc2hib2FyZCk/xray.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.segments/!KGRhc2hib2FyZCk.segment.rsc +5 -4
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.segments/_full.segment.rsc +14 -13
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/xray.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/chunks/ssr/9f1d4_@tanstack_785e068c._.js +3 -0
- package/dashboard/.next/standalone/dashboard/.next/server/chunks/ssr/{[root-of-the-server]__453bd501._.js → [root-of-the-server]__4a575c8d._.js} +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/chunks/ssr/{dashboard_src_29acd7a4._.js → dashboard_src_564ea5ae._.js} +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/pages/404.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/pages/500.html +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/server-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/server-reference-manifest.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/static/chunks/{a18776eadc9ef21a.js → 2f92786ac35bbdb9.js} +1 -1
- package/dist/environment/fetcher.d.ts +11 -0
- package/dist/environment/fetcher.js +137 -0
- package/dist/environment/hidden-detector.d.ts +2 -0
- package/dist/environment/hidden-detector.js +134 -0
- package/dist/environment/index.d.ts +6 -0
- package/dist/environment/index.js +5 -0
- package/dist/environment/provenance.d.ts +6 -0
- package/dist/environment/provenance.js +127 -0
- package/dist/environment/report.d.ts +3 -0
- package/dist/environment/report.js +89 -0
- package/dist/environment/scanner.d.ts +2 -0
- package/dist/environment/scanner.js +119 -0
- package/dist/environment/taint.d.ts +10 -0
- package/dist/environment/taint.js +43 -0
- package/dist/environment/types.d.ts +56 -0
- package/dist/environment/types.js +1 -0
- package/dist/index.js +108 -70
- package/package.json +5 -1
- package/plugins/openclaw/dist/openclaw.plugin.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/chunks/ssr/9f1d4_@tanstack_68dcbde9._.js +0 -3
- /package/dashboard/.next/standalone/dashboard/.next/static/{iofdwl2apExjYTMl9CA5i → OpqQUbmIuKY-rfZN24CLJ}/_buildManifest.js +0 -0
- /package/dashboard/.next/standalone/dashboard/.next/static/{iofdwl2apExjYTMl9CA5i → OpqQUbmIuKY-rfZN24CLJ}/_clientMiddlewareManifest.json +0 -0
- /package/dashboard/.next/standalone/dashboard/.next/static/{iofdwl2apExjYTMl9CA5i → OpqQUbmIuKY-rfZN24CLJ}/_ssgManifest.js +0 -0
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
const SUSPICIOUS_TLDS = new Set([
|
|
2
|
+
'zip', 'mov', 'top', 'xyz', 'click', 'country', 'link', 'gq', 'ml', 'tk', 'cf', 'ga',
|
|
3
|
+
'quest', 'sbs', 'rest', 'cyou', 'bond', 'cam', 'cfd', 'trade', 'download', 'racing',
|
|
4
|
+
]);
|
|
5
|
+
const KNOWN_GOOD_DOMAINS = new Set([
|
|
6
|
+
'github.com', 'raw.githubusercontent.com', 'gitlab.com', 'bitbucket.org',
|
|
7
|
+
'npmjs.com', 'registry.npmjs.org', 'pypi.org', 'rubygems.org', 'crates.io',
|
|
8
|
+
'anthropic.com', 'openai.com', 'google.com', 'cloudflare.com',
|
|
9
|
+
'stripe.com', 'mozilla.org', 'w3.org', 'ietf.org', 'python.org',
|
|
10
|
+
'rust-lang.org', 'golang.org', 'nodejs.org', 'typescriptlang.org',
|
|
11
|
+
'arxiv.org', 'wikipedia.org', 'wikimedia.org',
|
|
12
|
+
'shieldcortex.ai', 'drakonsystems.com',
|
|
13
|
+
]);
|
|
14
|
+
const KNOWN_BAD_DOMAINS = new Set([
|
|
15
|
+
// intentionally empty — populated from threat feeds in later phases
|
|
16
|
+
]);
|
|
17
|
+
function extractRegistrableDomain(hostname) {
|
|
18
|
+
const parts = hostname.toLowerCase().split('.');
|
|
19
|
+
if (parts.length <= 2)
|
|
20
|
+
return hostname.toLowerCase();
|
|
21
|
+
return parts.slice(-2).join('.');
|
|
22
|
+
}
|
|
23
|
+
function isIpAddress(hostname) {
|
|
24
|
+
return /^\d{1,3}(\.\d{1,3}){3}$/.test(hostname) || /:/.test(hostname);
|
|
25
|
+
}
|
|
26
|
+
function hasPunycode(hostname) {
|
|
27
|
+
return /xn--/i.test(hostname);
|
|
28
|
+
}
|
|
29
|
+
export function scoreProvenance(args) {
|
|
30
|
+
const reasons = [];
|
|
31
|
+
let score = 0.5;
|
|
32
|
+
let finalParsed;
|
|
33
|
+
try {
|
|
34
|
+
finalParsed = new URL(args.finalUrl);
|
|
35
|
+
}
|
|
36
|
+
catch {
|
|
37
|
+
return {
|
|
38
|
+
score: 0,
|
|
39
|
+
signals: {
|
|
40
|
+
tls: false,
|
|
41
|
+
redirectCount: args.redirectChain.length,
|
|
42
|
+
redirectChain: args.redirectChain,
|
|
43
|
+
finalDomain: '',
|
|
44
|
+
suspiciousTld: false,
|
|
45
|
+
allowlisted: false,
|
|
46
|
+
denylisted: false,
|
|
47
|
+
isIpAddress: false,
|
|
48
|
+
hasUserInfo: false,
|
|
49
|
+
hasPunycode: false,
|
|
50
|
+
},
|
|
51
|
+
reasons: ['Unparseable final URL'],
|
|
52
|
+
};
|
|
53
|
+
}
|
|
54
|
+
const tls = finalParsed.protocol === 'https:';
|
|
55
|
+
const finalDomain = extractRegistrableDomain(finalParsed.hostname);
|
|
56
|
+
const tld = finalDomain.split('.').pop() || '';
|
|
57
|
+
const suspiciousTld = SUSPICIOUS_TLDS.has(tld);
|
|
58
|
+
const allowlisted = KNOWN_GOOD_DOMAINS.has(finalDomain) || KNOWN_GOOD_DOMAINS.has(finalParsed.hostname);
|
|
59
|
+
const denylisted = KNOWN_BAD_DOMAINS.has(finalDomain) || KNOWN_BAD_DOMAINS.has(finalParsed.hostname);
|
|
60
|
+
const ipHost = isIpAddress(finalParsed.hostname);
|
|
61
|
+
const userInfo = Boolean(finalParsed.username || finalParsed.password);
|
|
62
|
+
const punycode = hasPunycode(finalParsed.hostname);
|
|
63
|
+
if (tls) {
|
|
64
|
+
score += 0.1;
|
|
65
|
+
reasons.push('TLS connection');
|
|
66
|
+
}
|
|
67
|
+
else {
|
|
68
|
+
score -= 0.25;
|
|
69
|
+
reasons.push('Plain HTTP (no TLS)');
|
|
70
|
+
}
|
|
71
|
+
if (allowlisted) {
|
|
72
|
+
score += 0.3;
|
|
73
|
+
reasons.push(`Allowlisted domain: ${finalDomain}`);
|
|
74
|
+
}
|
|
75
|
+
if (denylisted) {
|
|
76
|
+
score -= 0.8;
|
|
77
|
+
reasons.push(`Denylisted domain: ${finalDomain}`);
|
|
78
|
+
}
|
|
79
|
+
if (suspiciousTld) {
|
|
80
|
+
score -= 0.2;
|
|
81
|
+
reasons.push(`Suspicious TLD: .${tld}`);
|
|
82
|
+
}
|
|
83
|
+
if (ipHost) {
|
|
84
|
+
score -= 0.15;
|
|
85
|
+
reasons.push('Host is raw IP address');
|
|
86
|
+
}
|
|
87
|
+
if (userInfo) {
|
|
88
|
+
score -= 0.3;
|
|
89
|
+
reasons.push('URL contains embedded credentials');
|
|
90
|
+
}
|
|
91
|
+
if (punycode) {
|
|
92
|
+
score -= 0.1;
|
|
93
|
+
reasons.push('Host uses Punycode (possible homograph attack)');
|
|
94
|
+
}
|
|
95
|
+
if (args.redirectChain.length > 0) {
|
|
96
|
+
const originalDomain = (() => {
|
|
97
|
+
try {
|
|
98
|
+
return extractRegistrableDomain(new URL(args.originalUrl).hostname);
|
|
99
|
+
}
|
|
100
|
+
catch {
|
|
101
|
+
return '';
|
|
102
|
+
}
|
|
103
|
+
})();
|
|
104
|
+
if (originalDomain && originalDomain !== finalDomain) {
|
|
105
|
+
score -= 0.1;
|
|
106
|
+
reasons.push(`Cross-domain redirect: ${originalDomain} → ${finalDomain}`);
|
|
107
|
+
}
|
|
108
|
+
if (args.redirectChain.length >= 3) {
|
|
109
|
+
score -= 0.1;
|
|
110
|
+
reasons.push(`${args.redirectChain.length} redirects before final response`);
|
|
111
|
+
}
|
|
112
|
+
}
|
|
113
|
+
score = Math.max(0, Math.min(1, score));
|
|
114
|
+
const signals = {
|
|
115
|
+
tls,
|
|
116
|
+
redirectCount: args.redirectChain.length,
|
|
117
|
+
redirectChain: args.redirectChain,
|
|
118
|
+
finalDomain,
|
|
119
|
+
suspiciousTld,
|
|
120
|
+
allowlisted,
|
|
121
|
+
denylisted,
|
|
122
|
+
isIpAddress: ipHost,
|
|
123
|
+
hasUserInfo: userInfo,
|
|
124
|
+
hasPunycode: punycode,
|
|
125
|
+
};
|
|
126
|
+
return { score, signals, reasons };
|
|
127
|
+
}
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
const TAINT_COLOURS = {
|
|
2
|
+
trusted: '\x1b[32m',
|
|
3
|
+
untrusted: '\x1b[33m',
|
|
4
|
+
suspicious: '\x1b[91m',
|
|
5
|
+
hostile: '\x1b[31m',
|
|
6
|
+
};
|
|
7
|
+
const BOLD = '\x1b[1m';
|
|
8
|
+
const DIM = '\x1b[2m';
|
|
9
|
+
const RESET = '\x1b[0m';
|
|
10
|
+
export function formatEnvScanReport(result) {
|
|
11
|
+
const lines = [];
|
|
12
|
+
const colour = TAINT_COLOURS[result.taint.label];
|
|
13
|
+
lines.push('');
|
|
14
|
+
lines.push(`${BOLD}Environment Firewall Report${RESET}`);
|
|
15
|
+
lines.push('─'.repeat(60));
|
|
16
|
+
lines.push(` URL: ${result.url}`);
|
|
17
|
+
if (result.finalUrl !== result.url)
|
|
18
|
+
lines.push(` Final URL: ${result.finalUrl}`);
|
|
19
|
+
lines.push(` Status: ${result.statusCode ?? 'n/a'} (${result.bytesReceived} bytes, ${result.fetchDurationMs}ms)`);
|
|
20
|
+
lines.push(` Taint: ${colour}${result.taint.label.toUpperCase()}${RESET} — ${result.taint.reason}`);
|
|
21
|
+
lines.push(` Provenance: ${result.provenance.score.toFixed(2)} (${result.provenance.signals.finalDomain})`);
|
|
22
|
+
if (result.provenance.reasons.length > 0) {
|
|
23
|
+
lines.push(`\n${BOLD}Provenance signals:${RESET}`);
|
|
24
|
+
for (const r of result.provenance.reasons)
|
|
25
|
+
lines.push(` - ${r}`);
|
|
26
|
+
}
|
|
27
|
+
if (result.hidden.hits.length > 0) {
|
|
28
|
+
lines.push(`\n${BOLD}Hidden content (${result.hidden.hits.length}):${RESET}`);
|
|
29
|
+
const grouped = new Map();
|
|
30
|
+
for (const h of result.hidden.hits)
|
|
31
|
+
grouped.set(h.technique, (grouped.get(h.technique) ?? 0) + 1);
|
|
32
|
+
for (const [technique, count] of grouped)
|
|
33
|
+
lines.push(` - ${technique}: ${count}`);
|
|
34
|
+
}
|
|
35
|
+
if (result.injection.visibleHits.length > 0 || result.injection.hiddenHits.length > 0) {
|
|
36
|
+
lines.push(`\n${BOLD}Injection patterns:${RESET}`);
|
|
37
|
+
for (const hit of [...result.injection.hiddenHits, ...result.injection.visibleHits]) {
|
|
38
|
+
const surfaceTag = hit.surface === 'hidden' ? `${TAINT_COLOURS.hostile}[HIDDEN]${RESET}` : `${DIM}[visible]${RESET}`;
|
|
39
|
+
lines.push(` ${surfaceTag} ${hit.pattern}: "${hit.snippet.slice(0, 80)}"`);
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
if (result.risks.length > 0) {
|
|
43
|
+
lines.push(`\n${BOLD}Risks:${RESET}`);
|
|
44
|
+
for (const r of result.risks)
|
|
45
|
+
lines.push(` - ${r}`);
|
|
46
|
+
}
|
|
47
|
+
lines.push('');
|
|
48
|
+
lines.push(result.summary);
|
|
49
|
+
lines.push('');
|
|
50
|
+
return lines.join('\n');
|
|
51
|
+
}
|
|
52
|
+
export function formatEnvScanMarkdown(result) {
|
|
53
|
+
const lines = [];
|
|
54
|
+
lines.push(`# Environment Firewall Report`);
|
|
55
|
+
lines.push('');
|
|
56
|
+
lines.push(`- **URL**: ${result.url}`);
|
|
57
|
+
if (result.finalUrl !== result.url)
|
|
58
|
+
lines.push(`- **Final URL**: ${result.finalUrl}`);
|
|
59
|
+
lines.push(`- **Status**: ${result.statusCode ?? 'n/a'} (${result.bytesReceived} bytes, ${result.fetchDurationMs}ms)`);
|
|
60
|
+
lines.push(`- **Taint**: \`${result.taint.label.toUpperCase()}\` — ${result.taint.reason}`);
|
|
61
|
+
lines.push(`- **Provenance score**: ${result.provenance.score.toFixed(2)} (${result.provenance.signals.finalDomain})`);
|
|
62
|
+
if (result.provenance.reasons.length > 0) {
|
|
63
|
+
lines.push('');
|
|
64
|
+
lines.push('## Provenance signals');
|
|
65
|
+
for (const r of result.provenance.reasons)
|
|
66
|
+
lines.push(`- ${r}`);
|
|
67
|
+
}
|
|
68
|
+
if (result.hidden.hits.length > 0) {
|
|
69
|
+
lines.push('');
|
|
70
|
+
lines.push('## Hidden content');
|
|
71
|
+
for (const h of result.hidden.hits) {
|
|
72
|
+
lines.push(`- \`${h.technique}\` (${h.charCount} chars): ${h.sample}`);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
if (result.injection.visibleHits.length > 0 || result.injection.hiddenHits.length > 0) {
|
|
76
|
+
lines.push('');
|
|
77
|
+
lines.push('## Injection patterns');
|
|
78
|
+
for (const hit of [...result.injection.hiddenHits, ...result.injection.visibleHits]) {
|
|
79
|
+
lines.push(`- **[${hit.surface}]** \`${hit.pattern}\`: "${hit.snippet.slice(0, 120)}"`);
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
if (result.risks.length > 0) {
|
|
83
|
+
lines.push('');
|
|
84
|
+
lines.push('## Risks');
|
|
85
|
+
for (const r of result.risks)
|
|
86
|
+
lines.push(`- ${r}`);
|
|
87
|
+
}
|
|
88
|
+
return lines.join('\n');
|
|
89
|
+
}
|
|
@@ -0,0 +1,119 @@
|
|
|
1
|
+
import { scanForInjection } from '../defence/iron-dome/injection-scanner.js';
|
|
2
|
+
import { fetchWithProvenance } from './fetcher.js';
|
|
3
|
+
import { scoreProvenance } from './provenance.js';
|
|
4
|
+
import { analyseHidden } from './hidden-detector.js';
|
|
5
|
+
import { deriveTaint } from './taint.js';
|
|
6
|
+
function toHits(detections, surface) {
|
|
7
|
+
return detections.map((d) => ({
|
|
8
|
+
surface,
|
|
9
|
+
pattern: `${d.category}/${d.pattern}`,
|
|
10
|
+
snippet: d.match,
|
|
11
|
+
}));
|
|
12
|
+
}
|
|
13
|
+
function buildRisks(args) {
|
|
14
|
+
const risks = [];
|
|
15
|
+
if (args.hiddenHits.length > 0) {
|
|
16
|
+
risks.push(`${args.hiddenHits.length} injection pattern${args.hiddenHits.length === 1 ? '' : 's'} found in HIDDEN content — humans will never see this.`);
|
|
17
|
+
}
|
|
18
|
+
if (args.visibleHits.length > 0) {
|
|
19
|
+
risks.push(`${args.visibleHits.length} injection pattern${args.visibleHits.length === 1 ? '' : 's'} found in visible content.`);
|
|
20
|
+
}
|
|
21
|
+
const htmlComments = args.hidden.hits.filter((h) => h.technique === 'html_comment');
|
|
22
|
+
if (htmlComments.length > 0) {
|
|
23
|
+
risks.push(`${htmlComments.length} substantial HTML comment${htmlComments.length === 1 ? '' : 's'} — review for hidden agent instructions.`);
|
|
24
|
+
}
|
|
25
|
+
const layoutHides = args.hidden.hits.filter((h) => ['display_none', 'visibility_hidden', 'zero_font_size', 'offscreen_position', 'same_colour_text'].includes(h.technique));
|
|
26
|
+
if (layoutHides.length > 0) {
|
|
27
|
+
risks.push(`${layoutHides.length} CSS-hidden text region${layoutHides.length === 1 ? '' : 's'} — content visible to an agent parser but not a human reader.`);
|
|
28
|
+
}
|
|
29
|
+
if (args.hidden.hits.some((h) => h.technique === 'bidi_override')) {
|
|
30
|
+
risks.push('Unicode bidi override characters found — possible rendering-vs-parsing deception.');
|
|
31
|
+
}
|
|
32
|
+
if (args.hidden.hits.some((h) => h.technique === 'meta_refresh')) {
|
|
33
|
+
risks.push('Meta refresh redirect in document — agent may be steered to a different page.');
|
|
34
|
+
}
|
|
35
|
+
if (args.hidden.hits.some((h) => h.technique === 'zero_width_text')) {
|
|
36
|
+
risks.push('Zero-width characters in document — possible obfuscation or watermark.');
|
|
37
|
+
}
|
|
38
|
+
if (!args.provenance.signals.tls)
|
|
39
|
+
risks.push('Fetched over plain HTTP — content integrity not verified.');
|
|
40
|
+
if (args.provenance.signals.denylisted)
|
|
41
|
+
risks.push(`Final domain is denylisted: ${args.provenance.signals.finalDomain}.`);
|
|
42
|
+
if (args.provenance.signals.suspiciousTld)
|
|
43
|
+
risks.push(`Final domain uses a suspicious TLD (.${args.provenance.signals.finalDomain.split('.').pop()}).`);
|
|
44
|
+
if (args.provenance.signals.hasPunycode)
|
|
45
|
+
risks.push('Domain uses Punycode — possible homograph attack against a known brand.');
|
|
46
|
+
if (args.provenance.signals.isIpAddress)
|
|
47
|
+
risks.push('Request went to a raw IP address rather than a domain name.');
|
|
48
|
+
if (args.statusCode && args.statusCode >= 400)
|
|
49
|
+
risks.push(`HTTP ${args.statusCode} — response may be an error page rather than the intended content.`);
|
|
50
|
+
return risks;
|
|
51
|
+
}
|
|
52
|
+
function buildSummary(result) {
|
|
53
|
+
const lines = [];
|
|
54
|
+
lines.push(`Taint: ${result.taint.label.toUpperCase()} — ${result.taint.reason}`);
|
|
55
|
+
lines.push(`Provenance score: ${result.provenance.score.toFixed(2)} (${result.provenance.signals.finalDomain})`);
|
|
56
|
+
lines.push(`Visible injection hits: ${result.injection.visibleHits.length}`);
|
|
57
|
+
lines.push(`Hidden injection hits: ${result.injection.hiddenHits.length}`);
|
|
58
|
+
lines.push(`Hidden content techniques: ${result.hidden.hits.length > 0 ? Array.from(new Set(result.hidden.hits.map((h) => h.technique))).join(', ') : 'none'}`);
|
|
59
|
+
return lines.join('\n');
|
|
60
|
+
}
|
|
61
|
+
export async function scanUrl(url) {
|
|
62
|
+
const fetched = await fetchWithProvenance(url);
|
|
63
|
+
const provenance = scoreProvenance({
|
|
64
|
+
originalUrl: url,
|
|
65
|
+
finalUrl: fetched.finalUrl,
|
|
66
|
+
redirectChain: fetched.redirectChain,
|
|
67
|
+
});
|
|
68
|
+
if (fetched.error || !fetched.body) {
|
|
69
|
+
const hidden = { hits: [], hiddenCharCount: 0, visibleText: '', hiddenText: '' };
|
|
70
|
+
const injection = { visibleHits: [], hiddenHits: [] };
|
|
71
|
+
const taint = deriveTaint({ provenance, hidden, visibleHits: [], hiddenHits: [] });
|
|
72
|
+
const risks = buildRisks({ provenance, hidden, visibleHits: [], hiddenHits: [], statusCode: fetched.statusCode });
|
|
73
|
+
if (fetched.error)
|
|
74
|
+
risks.unshift(`Fetch failed: ${fetched.error}`);
|
|
75
|
+
const partial = { taint, provenance, injection, hidden, finalUrl: fetched.finalUrl };
|
|
76
|
+
return {
|
|
77
|
+
url,
|
|
78
|
+
finalUrl: fetched.finalUrl,
|
|
79
|
+
statusCode: fetched.statusCode,
|
|
80
|
+
contentType: fetched.contentType,
|
|
81
|
+
fetchedAt: new Date().toISOString(),
|
|
82
|
+
fetchDurationMs: fetched.durationMs,
|
|
83
|
+
bytesReceived: fetched.bytesReceived,
|
|
84
|
+
error: fetched.error,
|
|
85
|
+
provenance,
|
|
86
|
+
hidden,
|
|
87
|
+
injection,
|
|
88
|
+
taint,
|
|
89
|
+
risks,
|
|
90
|
+
summary: buildSummary(partial),
|
|
91
|
+
};
|
|
92
|
+
}
|
|
93
|
+
const hidden = analyseHidden(fetched.body);
|
|
94
|
+
const visibleScan = scanForInjection(hidden.visibleText);
|
|
95
|
+
const hiddenScan = scanForInjection(hidden.hiddenText);
|
|
96
|
+
const injection = {
|
|
97
|
+
visibleHits: toHits(visibleScan.detections, 'visible'),
|
|
98
|
+
hiddenHits: toHits(hiddenScan.detections, 'hidden'),
|
|
99
|
+
};
|
|
100
|
+
const taint = deriveTaint({ provenance, hidden, visibleHits: injection.visibleHits, hiddenHits: injection.hiddenHits });
|
|
101
|
+
const risks = buildRisks({ provenance, hidden, visibleHits: injection.visibleHits, hiddenHits: injection.hiddenHits, statusCode: fetched.statusCode });
|
|
102
|
+
const partial = { taint, provenance, injection, hidden, finalUrl: fetched.finalUrl };
|
|
103
|
+
return {
|
|
104
|
+
url,
|
|
105
|
+
finalUrl: fetched.finalUrl,
|
|
106
|
+
statusCode: fetched.statusCode,
|
|
107
|
+
contentType: fetched.contentType,
|
|
108
|
+
fetchedAt: new Date().toISOString(),
|
|
109
|
+
fetchDurationMs: fetched.durationMs,
|
|
110
|
+
bytesReceived: fetched.bytesReceived,
|
|
111
|
+
error: null,
|
|
112
|
+
provenance,
|
|
113
|
+
hidden,
|
|
114
|
+
injection,
|
|
115
|
+
taint,
|
|
116
|
+
risks,
|
|
117
|
+
summary: buildSummary(partial),
|
|
118
|
+
};
|
|
119
|
+
}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { HiddenAnalysis, InjectionHit, ProvenanceResult, TaintLabel } from './types.js';
|
|
2
|
+
export declare function deriveTaint(args: {
|
|
3
|
+
provenance: ProvenanceResult;
|
|
4
|
+
hidden: HiddenAnalysis;
|
|
5
|
+
visibleHits: InjectionHit[];
|
|
6
|
+
hiddenHits: InjectionHit[];
|
|
7
|
+
}): {
|
|
8
|
+
label: TaintLabel;
|
|
9
|
+
reason: string;
|
|
10
|
+
};
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
export function deriveTaint(args) {
|
|
2
|
+
const { provenance, hidden, visibleHits, hiddenHits } = args;
|
|
3
|
+
if (provenance.signals.denylisted) {
|
|
4
|
+
return { label: 'hostile', reason: `Denylisted domain (${provenance.signals.finalDomain})` };
|
|
5
|
+
}
|
|
6
|
+
if (hiddenHits.length > 0) {
|
|
7
|
+
return {
|
|
8
|
+
label: 'hostile',
|
|
9
|
+
reason: `Injection pattern found inside hidden content (${hiddenHits.length} hit${hiddenHits.length === 1 ? '' : 's'})`,
|
|
10
|
+
};
|
|
11
|
+
}
|
|
12
|
+
if (hidden.hits.some((h) => h.technique === 'bidi_override')) {
|
|
13
|
+
return { label: 'suspicious', reason: 'Unicode bidi override characters detected (render vs parse mismatch risk)' };
|
|
14
|
+
}
|
|
15
|
+
const highRiskHidden = hidden.hits.filter((h) => h.technique === 'display_none' ||
|
|
16
|
+
h.technique === 'zero_font_size' ||
|
|
17
|
+
h.technique === 'same_colour_text' ||
|
|
18
|
+
h.technique === 'offscreen_position' ||
|
|
19
|
+
h.technique === 'visibility_hidden');
|
|
20
|
+
const highRiskHiddenChars = highRiskHidden.reduce((acc, h) => acc + h.charCount, 0);
|
|
21
|
+
if (highRiskHidden.length >= 3 || highRiskHiddenChars >= 150) {
|
|
22
|
+
return {
|
|
23
|
+
label: 'suspicious',
|
|
24
|
+
reason: `Hidden content via ${highRiskHidden[0]?.technique ?? 'layout tricks'} (${highRiskHidden.length} region${highRiskHidden.length === 1 ? '' : 's'}, ${highRiskHiddenChars} chars)`,
|
|
25
|
+
};
|
|
26
|
+
}
|
|
27
|
+
if (visibleHits.length > 0) {
|
|
28
|
+
return {
|
|
29
|
+
label: 'suspicious',
|
|
30
|
+
reason: `Injection pattern in visible content (${visibleHits.length} hit${visibleHits.length === 1 ? '' : 's'})`,
|
|
31
|
+
};
|
|
32
|
+
}
|
|
33
|
+
if (provenance.signals.allowlisted && provenance.score >= 0.7) {
|
|
34
|
+
return { label: 'trusted', reason: `Allowlisted domain (${provenance.signals.finalDomain})` };
|
|
35
|
+
}
|
|
36
|
+
if (provenance.score >= 0.6) {
|
|
37
|
+
return { label: 'untrusted', reason: `No hostile signals, provenance score ${provenance.score.toFixed(2)}` };
|
|
38
|
+
}
|
|
39
|
+
return {
|
|
40
|
+
label: 'suspicious',
|
|
41
|
+
reason: `Low provenance score (${provenance.score.toFixed(2)}): ${provenance.reasons.slice(0, 2).join('; ')}`,
|
|
42
|
+
};
|
|
43
|
+
}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
export type TaintLabel = 'trusted' | 'untrusted' | 'suspicious' | 'hostile';
|
|
2
|
+
export interface ProvenanceSignals {
|
|
3
|
+
tls: boolean;
|
|
4
|
+
redirectCount: number;
|
|
5
|
+
redirectChain: string[];
|
|
6
|
+
finalDomain: string;
|
|
7
|
+
suspiciousTld: boolean;
|
|
8
|
+
allowlisted: boolean;
|
|
9
|
+
denylisted: boolean;
|
|
10
|
+
isIpAddress: boolean;
|
|
11
|
+
hasUserInfo: boolean;
|
|
12
|
+
hasPunycode: boolean;
|
|
13
|
+
}
|
|
14
|
+
export interface ProvenanceResult {
|
|
15
|
+
score: number;
|
|
16
|
+
signals: ProvenanceSignals;
|
|
17
|
+
reasons: string[];
|
|
18
|
+
}
|
|
19
|
+
export interface HiddenInstructionHit {
|
|
20
|
+
technique: 'display_none' | 'visibility_hidden' | 'zero_font_size' | 'same_colour_text' | 'offscreen_position' | 'aria_hidden' | 'html_comment' | 'script_tag' | 'bidi_override' | 'zero_width_text' | 'data_attribute' | 'meta_refresh';
|
|
21
|
+
sample: string;
|
|
22
|
+
charCount: number;
|
|
23
|
+
}
|
|
24
|
+
export interface HiddenAnalysis {
|
|
25
|
+
hits: HiddenInstructionHit[];
|
|
26
|
+
hiddenCharCount: number;
|
|
27
|
+
visibleText: string;
|
|
28
|
+
hiddenText: string;
|
|
29
|
+
}
|
|
30
|
+
export interface InjectionHit {
|
|
31
|
+
surface: 'visible' | 'hidden';
|
|
32
|
+
pattern: string;
|
|
33
|
+
snippet: string;
|
|
34
|
+
}
|
|
35
|
+
export interface EnvironmentScanResult {
|
|
36
|
+
url: string;
|
|
37
|
+
finalUrl: string;
|
|
38
|
+
statusCode: number | null;
|
|
39
|
+
contentType: string | null;
|
|
40
|
+
fetchedAt: string;
|
|
41
|
+
fetchDurationMs: number;
|
|
42
|
+
bytesReceived: number;
|
|
43
|
+
error: string | null;
|
|
44
|
+
provenance: ProvenanceResult;
|
|
45
|
+
hidden: HiddenAnalysis;
|
|
46
|
+
injection: {
|
|
47
|
+
visibleHits: InjectionHit[];
|
|
48
|
+
hiddenHits: InjectionHit[];
|
|
49
|
+
};
|
|
50
|
+
taint: {
|
|
51
|
+
label: TaintLabel;
|
|
52
|
+
reason: string;
|
|
53
|
+
};
|
|
54
|
+
risks: string[];
|
|
55
|
+
summary: string;
|
|
56
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|