ship-safe 6.2.0 → 6.4.0

package/README.md

@@ -11,15 +11,16 @@
   <a href="https://nodejs.org"><img src="https://img.shields.io/node/v/ship-safe" alt="Node.js version" /></a>
   <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/License-MIT-yellow.svg" alt="License: MIT" /></a>
   <a href="https://github.com/asamassekou10/ship-safe/stargazers"><img src="https://img.shields.io/github/stars/asamassekou10/ship-safe?style=social" alt="GitHub stars" /></a>
+  <a href="https://github.com/sponsors/asamassekou10"><img src="https://img.shields.io/badge/Sponsor-%E2%9D%A4-ea4aaa?logo=github" alt="Sponsor" /></a>
 </p>
 
 ---
 
 18 security agents. 80+ attack classes. One command.
 
-**Ship Safe v6.2.0** is an AI-powered security platform that runs 18 specialized agents in parallel against your codebase, scanning for secrets, injection vulnerabilities, auth bypass, SSRF, supply chain attacks, Supabase RLS misconfigs, Docker/Terraform/Kubernetes misconfigs, CI/CD pipeline poisoning, LLM/agentic AI security, MCP server misuse, RAG poisoning, PII compliance, vibe coding patterns, exception handling, AI agent config security, and more. OWASP 2025 scoring with EPSS exploit probability. LLM-powered deep analysis verifies exploitability of critical findings. Secrets verification probes provider APIs to check if leaked keys are still active. Compliance mapping to SOC 2, ISO 27001, and NIST AI RMF. Built-in threat intelligence feed with offline-first IOC matching. CI integration with GitHub PR comments, threshold gating, and SARIF output.
+**Ship Safe v6.4.0** is an AI-powered security platform that runs 18 specialized agents in parallel against your codebase, scanning for secrets, injection vulnerabilities, auth bypass, SSRF, supply chain attacks, Supabase RLS misconfigs, Docker/Terraform/Kubernetes misconfigs, CI/CD pipeline poisoning, LLM/agentic AI security, MCP server misuse, RAG poisoning, PII compliance, vibe coding patterns, exception handling, AI agent config security, and more. OWASP 2025 scoring with EPSS exploit probability. LLM-powered deep analysis verifies exploitability of critical findings. Secrets verification probes provider APIs to check if leaked keys are still active. Compliance mapping to SOC 2, ISO 27001, and NIST AI RMF. Built-in threat intelligence feed with offline-first IOC matching. CI integration with GitHub PR comments, threshold gating, and SARIF output.
 
-**v6.2.0 highlights:** Real-time Claude Code hooks (`npx ship-safe hooks install`) block secrets before they land on disk. Universal LLM support — use Groq, Together AI, Mistral, DeepSeek, xAI, Perplexity, LM Studio, or any OpenAI-compatible endpoint for deep analysis. Supply chain IOC matching for known-compromised packages and CanisterWorm-style ICP blockchain C2 indicators.
+**v6.4.0 highlights:** MCP server scanning (`npx ship-safe scan-mcp`) vets tool manifests for prompt injection and credential harvesting before you connect. Detection support for openclaude and claw-code — the two most-starred Claude Code forks from the March 2026 source leak — with accurate config scanning based on their actual architectures. Four new CI/CD patterns flag AI agent danger modes in pipelines. Legal dataset corrected: claw-code reclassified as a clean-room rewrite, not a leaked-source derivative.
 
 [Documentation](https://shipsafecli.com/docs) | [Blog](https://shipsafecli.com/blog) | [Pricing](https://shipsafecli.com/pricing)
 
@@ -168,10 +169,10 @@ npx ship-safe audit .
 | **PIIComplianceAgent** | Compliance | PII detection — SSNs, credit cards, emails, phone numbers in source code, logs, and configs |
 | **VibeCodingAgent** | Code Vulns | AI-generated code patterns — no input validation, empty catch blocks, hardcoded secrets, disabled security features, TODO-auth patterns |
 | **ExceptionHandlerAgent** | Code Vulns | OWASP A10:2025 — empty catch blocks, unhandled promise rejections, missing React error boundaries, leaked stack traces, generic catch-all without rethrow |
-| **AgentConfigScanner** | AI/LLM | AI agent config security — prompt injection in .cursorrules/CLAUDE.md/AGENTS.md/.windsurfrules, malicious Claude Code hooks (CVE-2026), OpenClaw public binding & malicious skills, encoded/obfuscated payloads, data exfiltration instructions, agent memory poisoning |
+| **AgentConfigScanner** | AI/LLM | AI agent config security — prompt injection in .cursorrules/CLAUDE.md/AGENTS.md/.windsurfrules, malicious Claude Code hooks (CVE-2026), OpenClaw public binding & malicious skills, openclaude profile file (`OPENAI_BASE_URL` over http://), claw-code config (`danger-full-access`, disabled sandbox, shell hooks, insecure MCP transports), encoded/obfuscated payloads, data exfiltration instructions, agent memory poisoning |
 | **MobileScanner** | Mobile | OWASP Mobile Top 10 2024 — insecure storage, WebView JS injection, HTTP endpoints, excessive permissions, debug mode |
 | **GitHistoryScanner** | Secrets | Leaked secrets in git commit history (checks if still active in working tree) |
-| **CICDScanner** | CI/CD | OWASP CI/CD Top 10 — pipeline poisoning, unpinned actions, secret logging, self-hosted runners, script injection |
+| **CICDScanner** | CI/CD | OWASP CI/CD Top 10 — pipeline poisoning, unpinned actions, secret logging, self-hosted runners, script injection, AI agent danger flags (`--dangerously-skip-permissions`, insecure provider URLs in CI) |
 | **APIFuzzer** | API | Routes without auth, missing input validation, mass assignment, unrestricted file upload, GraphQL introspection, debug endpoints, missing rate limiting, OpenAPI spec security issues |
 | **ReconAgent** | Recon | Attack surface discovery — frameworks, languages, auth patterns, databases, cloud providers, IaC, CI/CD pipelines |
 
@@ -298,13 +299,13 @@ npx ship-safe audit . --verify
 npx ship-safe doctor
 ```
 
-### OpenClaw Security
+### Agent Security
 
 ```bash
 # Focused OpenClaw security scan
 npx ship-safe openclaw .
 
-# Auto-harden OpenClaw configs (0.0.0.0→127.0.0.1, add auth, ws→wss)
+# Auto-harden OpenClaw configs (0.0.0.0->127.0.0.1, add auth, ws->wss)
 npx ship-safe openclaw . --fix
 
 # Red team: simulate ClawJacked, prompt injection, data exfil attacks
@@ -318,6 +319,14 @@ npx ship-safe scan-skill https://clawhub.io/skills/some-skill
 npx ship-safe scan-skill ./local-skill.json
 npx ship-safe scan-skill --all              # Scan all skills from openclaw.json
 
+# Scan an MCP server's tool manifest before connecting
+npx ship-safe scan-mcp https://your-mcp-server/
+npx ship-safe scan-mcp ./local-manifest.json
+npx ship-safe scan-mcp https://your-mcp-server/ --json
+
+# Legal risk audit — DMCA, leaked-source derivatives (openclaude, claw-code-js), IP disputes
+npx ship-safe legal .
+
 # Generate hardened OpenClaw config
 npx ship-safe init --openclaw
 
@@ -325,6 +334,20 @@ npx ship-safe init --openclaw
 npx ship-safe abom .
 ```
 
+#### openclaude and claw-code
+
+Ship Safe detects security issues in both major Claude Code forks from the March 2026 source leak.
+
+**openclaude** (`@gitlawb/openclaude`) is a CLI tool that routes Claude Code's toolset through any OpenAI-compatible provider. Its only persistent file artifact is `.openclaude-profile.json`. Ship Safe flags:
+- `OPENAI_BASE_URL` using `http://` for non-localhost endpoints (unencrypted LLM traffic)
+- The profile file present in a project not covered by `.gitignore` (API key exposure risk)
+
+**claw-code** (`ultraworkers/claw-code`) is a clean-room Rust + Python rewrite of Claude Code's agent harness. Its config lives in `.claw.json`, `.claw/settings.json`, and `.claw/settings.local.json`. Ship Safe flags:
+- `permissionMode: danger-full-access` or `dangerouslySkipPermissions: true` (no confirmation on any tool call)
+- `sandbox.enabled: false` (filesystem isolation removed)
+- Hook commands containing shell execution or remote download patterns
+- MCP server connections over `ws://` or `http://` to non-localhost hosts
+
 ### Threat Intelligence
 
 ```bash
@@ -720,6 +743,18 @@ See [CONTRIBUTING.md](./CONTRIBUTING.md) for guidelines.
 
 ---
 
+## Sponsors
+
+Ship Safe is MIT-licensed and free forever. If it saves you time or helps you ship more securely, consider sponsoring — it helps keep the project maintained and growing.
+
+<p align="center">
+  <a href="https://github.com/sponsors/asamassekou10">
+    <img src="https://img.shields.io/badge/Sponsor%20Ship%20Safe-%E2%9D%A4-ea4aaa?style=for-the-badge&logo=github" alt="Sponsor Ship Safe" />
+  </a>
+</p>
+
+---
+
 ## License
 
 MIT - Use it, share it, secure your stuff.

package/cli/agents/agent-config-scanner.js

@@ -54,6 +54,32 @@ const OPENCLAW_GLOBS = [
   '.openclaw/**/*.json',
 ];
 
+// openclaude (github.com/Gitlawb/openclaude) — Claude Code fork with
+// OpenAI-compatible provider shim. Config is purely via environment variables
+// (CLAUDE_CODE_USE_OPENAI, OPENAI_BASE_URL, OPENAI_MODEL, OPENAI_API_KEY).
+// The only persistent file artifact is .openclaude-profile.json, which stores
+// named profiles as { name, env: { OPENAI_BASE_URL, OPENAI_API_KEY, ... } }.
+const OPENCLAUDE_PROFILE_FILES = [
+  '.openclaude-profile.json',
+];
+
+// claw-code (github.com/instructkr/claw-code, now ultraworkers/claw-code) —
+// Rust + Python clean-room rewrite of Claude Code's agent harness.
+// CLI tool (`claw` binary). NOT a server — no port binding outside tests.
+// Config files: .claw.json (project root), .claw/settings.json,
+//   .claw/settings.local.json, ~/.claw.json, ~/.claw/settings.json
+// Auth: ANTHROPIC_API_KEY, OPENAI_API_KEY, or XAI_API_KEY env vars.
+// Permission modes: read-only, workspace-write, danger-full-access, prompt, allow.
+// --dangerously-skip-permissions flag disables all permission checks.
+// Sandbox: SandboxConfig with FilesystemIsolationMode (workspace-only default).
+// Hooks: preToolUse / postToolUse arrays in settings JSON.
+// MCP: mcpServers in settings JSON (stdio, sse, http, ws transports).
+const CLAW_CODE_FILES = [
+  '.claw.json',
+  '.claw/settings.json',
+  '.claw/settings.local.json',
+];
+
 const MEMORY_GLOBS = [
   '.claude/memory/**',
   '.cursor/memory/**',
@@ -230,6 +256,18 @@ export class AgentConfigScanner extends BaseAgent {
       findings = findings.concat(this._scanOpenClawConfig(file));
     }
 
+    // ── 3b. Scan openclaude profile files ─────────────────────────────────
+    for (const file of discovered.openclaudeFiles) {
+      findings = findings.concat(this.scanFileWithPatterns(file, PATTERNS));
+      findings = findings.concat(this._scanOpenClaudeProfile(file));
+    }
+
+    // ── 3c. Scan claw-code config files ────────────────────────────────────
+    for (const file of discovered.clawCodeFiles) {
+      findings = findings.concat(this.scanFileWithPatterns(file, PATTERNS));
+      findings = findings.concat(this._scanClawCodeConfig(file));
+    }
+
     // ── 4. Scan Claude Code hooks ──────────────────────────────────────────
     for (const file of discovered.claudeSettingsFiles) {
       findings = findings.concat(this._scanClaudeHooks(file));
@@ -297,7 +335,21 @@ export class AgentConfigScanner extends BaseAgent {
       memoryFiles.push(...globbed);
     } catch { /* skip */ }
 
-    return { rulesFiles, openclawFiles, claudeSettingsFiles, memoryFiles };
+    // ── openclaude profile files ─────────────────────────────────────────────
+    const openclaudeFiles = [];
+    for (const rel of OPENCLAUDE_PROFILE_FILES) {
+      const full = path.join(rootPath, rel);
+      if (fs.existsSync(full)) openclaudeFiles.push(full);
+    }
+
+    // ── claw-code config files ────────────────────────────────────────────────
+    const clawCodeFiles = [];
+    for (const rel of CLAW_CODE_FILES) {
+      const full = path.join(rootPath, rel);
+      if (fs.existsSync(full)) clawCodeFiles.push(full);
+    }
+
+    return { rulesFiles, openclawFiles, openclaudeFiles, clawCodeFiles, claudeSettingsFiles, memoryFiles };
   }
 
   // ===========================================================================
@@ -415,6 +467,178 @@ export class AgentConfigScanner extends BaseAgent {
     return findings;
   }
 
+  /**
+   * Scan .openclaude-profile.json for security issues.
+   *
+   * openclaude (github.com/Gitlawb/openclaude) is a CLI tool, not a server.
+   * There is no config file, no host/port binding, no auth mechanism.
+   * All configuration is via environment variables:
+   *   CLAUDE_CODE_USE_OPENAI=1, OPENAI_BASE_URL, OPENAI_MODEL, OPENAI_API_KEY
+   *
+   * The only persistent file artifact is .openclaude-profile.json, which stores
+   * named profiles as { name: string, env: { OPENAI_BASE_URL, OPENAI_API_KEY, ... } }.
+   * openclaude ships with this file in its default .gitignore.
+   *
+   * Security risk: if OPENAI_BASE_URL is an http:// (non-TLS) endpoint, all
+   * LLM traffic (prompts, code context, responses) is sent unencrypted.
+   */
+  _scanOpenClaudeProfile(filePath) {
+    const content = this.readFile(filePath);
+    if (!content) return [];
+    const findings = [];
+
+    let profile;
+    try { profile = JSON.parse(content); } catch { return []; }
+
+    const env = profile.env || {};
+
+    // ── Insecure provider URL (http:// for non-localhost) ─────────────────
+    const baseUrl = env.OPENAI_BASE_URL || '';
+    if (baseUrl && /^http:\/\/(?!localhost|127\.0\.0\.1|::1)/i.test(baseUrl)) {
+      findings.push(createFinding({
+        file: filePath, line: 1,
+        severity: 'high',
+        category: this.category,
+        rule: 'OPENCLAUDE_INSECURE_PROVIDER_URL',
+        title: 'openclaude: LLM Provider URL Without TLS',
+        description:
+          `openclaude routes model calls to ${baseUrl} over plain HTTP. ` +
+          'Prompts, code context, and model responses are sent unencrypted. ' +
+          'A network attacker can read or modify all LLM interactions in transit.',
+        matched: `OPENAI_BASE_URL: "${baseUrl}"`,
+        confidence: 'high',
+        cwe: 'CWE-319',
+        owasp: 'A02:2021',
+        fix: 'Use an https:// provider URL. Never route LLM traffic over plaintext HTTP on untrusted networks.',
+      }));
+    }
+
+    return findings;
+  }
+
+  /**
+   * Scan claw-code config files (.claw.json, .claw/settings.json, .claw/settings.local.json)
+   * for insecure settings.
+   *
+   * claw-code (ultraworkers/claw-code) is a Rust + Python clean-room rewrite of Claude Code.
+   * It is a CLI tool — no server port binding. Config lives in JSON settings files.
+   *
+   * Checked settings:
+   *   - hooks.preToolUse / hooks.postToolUse: shell hook commands (RCE vector)
+   *   - permissions.dangerouslySkipPermissions / permissionMode: "danger-full-access"
+   *   - sandbox.enabled: false (filesystem isolation disabled)
+   *   - mcpServers with insecure ws:// or http:// remote URLs (MiTM risk)
+   *   - mcpServers using env vars that could expose credentials
+   */
+  _scanClawCodeConfig(filePath) {
+    const content = this.readFile(filePath);
+    if (!content) return [];
+    const findings = [];
+
+    let config;
+    try { config = JSON.parse(content); } catch { return []; }
+
+    // ── Dangerous permission mode ─────────────────────────────────────────
+    const permMode = config.permissionMode ?? config.permissions?.mode ?? '';
+    const skipPerms = config.dangerouslySkipPermissions ??
+      config.permissions?.dangerouslySkipPermissions ?? false;
+
+    if (skipPerms === true || permMode === 'danger-full-access') {
+      findings.push(createFinding({
+        file: filePath, line: 1,
+        severity: 'high',
+        category: this.category,
+        rule: 'CLAW_CODE_SKIP_PERMISSIONS',
+        title: 'claw-code: All Permission Checks Disabled',
+        description:
+          'claw-code is configured with dangerously-skip-permissions or permissionMode: danger-full-access. ' +
+          'Every tool call executes without asking for user confirmation. ' +
+          'A single prompt injection in any file the agent reads can trigger unrestricted shell execution or file writes.',
+        matched: skipPerms ? 'dangerouslySkipPermissions: true' : `permissionMode: "${permMode}"`,
+        confidence: 'high',
+        cwe: 'CWE-269',
+        owasp: 'ASI03',
+        fix: 'Set permissionMode to "workspace-write" or "prompt". Only use danger-full-access in fully isolated environments.',
+      }));
+    }
+
+    // ── Sandbox disabled ──────────────────────────────────────────────────
+    if (config.sandbox?.enabled === false) {
+      findings.push(createFinding({
+        file: filePath, line: 1,
+        severity: 'medium',
+        category: this.category,
+        rule: 'CLAW_CODE_SANDBOX_DISABLED',
+        title: 'claw-code: Filesystem Sandbox Disabled',
+        description:
+          'claw-code sandbox is explicitly disabled. By default claw-code restricts ' +
+          'filesystem access to the workspace directory. With sandbox off, tools can ' +
+          'read and write anywhere on the system.',
+        matched: 'sandbox.enabled: false',
+        confidence: 'high',
+        cwe: 'CWE-732',
+        owasp: 'ASI03',
+        fix: 'Remove sandbox.enabled: false or set filesystem-mode to workspace-only.',
+      }));
+    }
+
+    // ── Hooks with shell commands ──────────────────────────────────────────
+    const hookLists = [
+      ...(config.hooks?.preToolUse || []),
+      ...(config.hooks?.postToolUse || []),
+    ];
+    for (const hook of hookLists) {
+      const cmd = typeof hook === 'string' ? hook : (hook.command || hook.cmd || hook.run || '');
+      if (!cmd) continue;
+      if (/(?:bash\s+-c|sh\s+-c|cmd\s+\/c|powershell\s+-|pwsh\s+-)/i.test(cmd) ||
+          /\|\s*(?:bash|sh|zsh|node|python)/i.test(cmd) ||
+          /(?:curl|wget)\s+https?:\/\/(?!localhost|127\.0\.0\.1)/i.test(cmd)) {
+        findings.push(createFinding({
+          file: filePath, line: 1,
+          severity: 'critical',
+          category: this.category,
+          rule: 'CLAW_CODE_HOOK_SHELL',
+          title: 'claw-code: Dangerous Hook Command',
+          description:
+            'claw-code hook contains a shell execution or remote download command. ' +
+            'A malicious .claw.json in a repository can achieve RCE when anyone ' +
+            'opens the project with claw.',
+          matched: cmd.substring(0, 150),
+          confidence: 'high',
+          cwe: 'CWE-94',
+          owasp: 'ASI04',
+          fix: 'Remove shell execution hooks. Use only safe, scoped commands in claw hooks.',
+        }));
+      }
+    }
+
+    // ── MCP servers with insecure remote URLs ─────────────────────────────
+    const mcpServers = config.mcpServers || {};
+    for (const [name, srv] of Object.entries(mcpServers)) {
+      const url = typeof srv === 'object' ? (srv.url || '') : '';
+      if (/^(?:ws|http):\/\/(?!localhost|127\.0\.0\.1|::1)/i.test(url)) {
+        findings.push(createFinding({
+          file: filePath, line: 1,
+          severity: 'high',
+          category: this.category,
+          rule: 'CLAW_CODE_MCP_INSECURE_URL',
+          title: `claw-code: MCP Server "${name}" Uses Unencrypted Transport`,
+          description:
+            `MCP server "${name}" connects to ${url} over an unencrypted channel (ws:// or http://). ` +
+            'All MCP messages — tool calls, results, and any code context — are sent in plaintext. ' +
+            'A network attacker can intercept or inject MCP responses to hijack the agent.',
+          matched: url,
+          confidence: 'high',
+          cwe: 'CWE-319',
+          owasp: 'A02:2021',
+          fix: 'Use wss:// or https:// for all non-localhost MCP server connections.',
+        }));
+      }
+    }
+
+    return findings;
+  }
+
   /**
    * Scan .claude/settings.json for malicious hooks.
    * Based on Check Point Research disclosure: hooks in settings.json

package/cli/agents/cicd-scanner.js

@@ -199,6 +199,48 @@ const PATTERNS = [
     description: 'GitHub expression in run step. Attacker-controlled values can inject shell commands.',
     fix: 'Use environment variables: env: TITLE: ${{ github.event.issue.title }} then run: echo "$TITLE"',
   },
+
+  // ── AI Agent CLI — dangerous flags in CI ──────────────────────────────────
+  {
+    rule: 'CICD_AGENT_SKIP_PERMISSIONS',
+    title: 'CI/CD: AI Agent Running Without Permission Checks',
+    regex: /(?:--dangerously-skip-permissions|--skip-permissions|permissionMode\s*[=:]\s*["']?danger-full-access["']?)/g,
+    severity: 'critical',
+    cwe: 'CWE-269',
+    owasp: 'ASI03',
+    description: 'AI agent CLI flag disables all permission checks. In CI, this means any prompt injection in workspace files can execute arbitrary commands with no confirmation gate.',
+    fix: 'Remove --dangerously-skip-permissions. Use --permission-mode=workspace-write for CI automation or scope tool access with --allowedTools.',
+  },
+  {
+    rule: 'CICD_AGENT_INSECURE_PROVIDER',
+    title: 'CI/CD: AI Agent Routing to Non-TLS Provider',
+    regex: /(?:OPENAI_BASE_URL|ANTHROPIC_BASE_URL|XAI_BASE_URL|CLAUDE_CODE_USE_OPENAI)\s*=\s*["']?http:\/\/(?!localhost|127\.0\.0\.1|::1)/g,
+    severity: 'high',
+    cwe: 'CWE-319',
+    owasp: 'A02:2021',
+    description: 'AI agent provider URL uses plain HTTP for a non-localhost endpoint. All prompts, code context, and model responses are transmitted unencrypted in CI.',
+    fix: 'Use https:// for all non-localhost AI provider base URLs.',
+  },
+  {
+    rule: 'CICD_OPENCLAUDE_IN_CI',
+    title: 'CI/CD: openclaude Running in CI Pipeline',
+    regex: /(?:^|\s)openclaude\s/gm,
+    severity: 'medium',
+    cwe: 'CWE-1188',
+    owasp: 'ASI03',
+    description: 'openclaude (Claude Code fork with OpenAI-compatible shim) is invoked in CI. Verify OPENAI_BASE_URL is https://, OPENAI_API_KEY is stored as a secret, and .openclaude-profile.json is not committed.',
+    fix: 'Ensure OPENAI_API_KEY is a CI secret, OPENAI_BASE_URL uses https://, and .openclaude-profile.json is gitignored.',
+  },
+  {
+    rule: 'CICD_CLAW_DANGER_MODE',
+    title: 'CI/CD: claw-code Running in Danger Mode',
+    regex: /(?:^|\s)claw\s[^\n]*--dangerously-skip-permissions/gm,
+    severity: 'critical',
+    cwe: 'CWE-269',
+    owasp: 'ASI03',
+    description: 'claw-code (Rust/Python Claude Code rewrite) is invoked with --dangerously-skip-permissions in CI. Any prompt injection in the workspace executes without confirmation.',
+    fix: 'Remove --dangerously-skip-permissions. Use --permission-mode=workspace-write for CI automation.',
+  },
 ];
 
 export class CICDScanner extends BaseAgent {

package/cli/agents/index.js

@@ -26,6 +26,7 @@ export { PIIComplianceAgent } from './pii-compliance-agent.js';
 export { VibeCodingAgent } from './vibe-coding-agent.js';
 export { ExceptionHandlerAgent } from './exception-handler-agent.js';
 export { AgentConfigScanner } from './agent-config-scanner.js';
+export { LegalRiskAgent, LEGALLY_RISKY_PACKAGES } from './legal-risk-agent.js';
 export { ABOMGenerator } from './abom-generator.js';
 export { VerifierAgent } from './verifier-agent.js';
 export { DeepAnalyzer } from './deep-analyzer.js';