npm - skill-security-scanner - Versions diffs - 0.1.0 - Mend

skill-security-scanner 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/index.js ADDED Viewed

@@ -0,0 +1,564 @@
+#!/usr/bin/env node
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const commander_1 = require("commander");
+const chalk_1 = __importDefault(require("chalk"));
+const ora_1 = __importDefault(require("ora"));
+const js_yaml_1 = __importDefault(require("js-yaml"));
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const child_process_1 = require("child_process");
+// ──────────────────────────────────────────────
+// Risk Checks
+// ──────────────────────────────────────────────
+const DANGEROUS_BINS = ['curl', 'wget', 'nc', 'ncat', 'ssh', 'scp', 'rsync', 'python', 'python3', 'bash', 'sh'];
+const SECRET_PATTERNS = [
+    /api[_-]?key\s*[:=]\s*["']?[A-Za-z0-9_\-]{16,}/i,
+    /secret\s*[:=]\s*["']?[A-Za-z0-9_\-]{16,}/i,
+    /token\s*[:=]\s*["']?[A-Za-z0-9_\-]{20,}/i,
+    /password\s*[:=]\s*["']?[A-Za-z0-9@#$!%^&*_\-]{8,}/i,
+    /sk-[A-Za-z0-9]{32,}/, // OpenAI key
+    /ghp_[A-Za-z0-9]{36}/, // GitHub PAT
+    /AKIA[0-9A-Z]{16}/, // AWS Access Key
+];
+const EXEC_PATTERNS = /\b(eval|exec|execSync|spawn|spawnSync|child_process)\s*\(/g;
+const NETWORK_PATTERNS = /\b(fetch|axios|http\.get|http\.request|https\.get|https\.request|got\(|request\()\s*\(/g;
+function checkPermissions(fm) {
+    const findings = [];
+    const perms = fm.permissions ?? [];
+    if (perms.some(p => p.includes('file_system:*') || p === 'file_system:write')) {
+        findings.push({ level: 'med', message: 'Broad file_system write permission — verify scope is intentional' });
+    }
+    if (perms.some(p => p.includes('network:*') || p === 'network:outbound')) {
+        findings.push({ level: 'med', message: 'Outbound network permission detected — review data exfiltration risk' });
+    }
+    if (perms.some(p => p.includes('shell:execute') || p.includes('process:spawn'))) {
+        findings.push({ level: 'high', message: 'Shell/process execution permission — high privilege escalation risk' });
+    }
+    return findings;
+}
+function checkDangerousBins(fm) {
+    const bins = fm.requires?.bin ?? [];
+    return bins
+        .filter(b => DANGEROUS_BINS.includes(b.toLowerCase()))
+        .map(b => ({ level: 'high', message: `Requires dangerous binary: ${b} (network/exfil risk)` }));
+}
+function checkExposedEnv(fm) {
+    const envVars = fm.requires?.env ?? [];
+    const sensitivePatterns = /key|secret|token|password|credential|api/i;
+    return envVars
+        .filter(e => sensitivePatterns.test(e))
+        .map(e => ({ level: 'med', message: `Sensitive env var required: ${e}` }));
+}
+function collectSourceFiles(dir) {
+    const exts = ['.ts', '.js', '.py', '.sh', '.bash'];
+    const results = [];
+    function walk(current) {
+        for (const entry of fs_1.default.readdirSync(current, { withFileTypes: true })) {
+            const full = path_1.default.join(current, entry.name);
+            if (entry.isDirectory() && !['node_modules', '.git', 'dist'].includes(entry.name)) {
+                walk(full);
+            }
+            else if (entry.isFile() && exts.includes(path_1.default.extname(entry.name))) {
+                results.push(full);
+            }
+        }
+    }
+    walk(dir);
+    return results;
+}
+function checkCodeRisks(dir) {
+    const findings = [];
+    const files = collectSourceFiles(dir);
+    for (const file of files) {
+        const content = fs_1.default.readFileSync(file, 'utf8');
+        const rel = path_1.default.relative(dir, file);
+        if (EXEC_PATTERNS.test(content)) {
+            findings.push({ level: 'high', message: `eval/exec found in ${rel} — remote code execution risk` });
+        }
+        if (NETWORK_PATTERNS.test(content)) {
+            findings.push({ level: 'med', message: `Network call found in ${rel} — verify destination is safe` });
+        }
+        for (const pattern of SECRET_PATTERNS) {
+            if (pattern.test(content)) {
+                findings.push({ level: 'high', message: `Possible hardcoded secret in ${rel}` });
+                break;
+            }
+        }
+        // Reset stateful regexes
+        EXEC_PATTERNS.lastIndex = 0;
+        NETWORK_PATTERNS.lastIndex = 0;
+    }
+    return findings;
+}
+function checkDependencyVulns(dir, skipAudit = false) {
+    const findings = [];
+    const pkgPath = path_1.default.join(dir, 'package.json');
+    if (!fs_1.default.existsSync(pkgPath) || skipAudit)
+        return findings;
+    try {
+        const auditOutput = (0, child_process_1.execSync)('npm audit --json', { cwd: dir, timeout: 5_000, stdio: ['pipe', 'pipe', 'pipe'] }).toString();
+        const audit = JSON.parse(auditOutput);
+        const vulnCount = audit?.metadata?.vulnerabilities?.total ?? 0;
+        const high = (audit?.metadata?.vulnerabilities?.high ?? 0) + (audit?.metadata?.vulnerabilities?.critical ?? 0);
+        if (high > 0)
+            findings.push({ level: 'high', message: `${high} high/critical npm vulnerabilities found — run npm audit fix` });
+        else if (vulnCount > 0)
+            findings.push({ level: 'med', message: `${vulnCount} moderate npm vulnerabilities found` });
+    }
+    catch {
+        // npm not available, no lock file, or timed out — skip silently
+    }
+    return findings;
+}
+// ──────────────────────────────────────────────
+// Score Calculation
+// ──────────────────────────────────────────────
+function calculateScore(findings) {
+    if (findings.some(f => f.level === 'high'))
+        return 'high';
+    if (findings.some(f => f.level === 'med'))
+        return 'med';
+    return 'low';
+}
+// ──────────────────────────────────────────────
+// Path Resolution
+// ──────────────────────────────────────────────
+/** Walk up from `startDir` looking for a directory named `folderName`. */
+function findAncestorDir(startDir, folderName) {
+    let current = startDir;
+    for (let i = 0; i < 8; i++) {
+        const candidate = path_1.default.join(current, folderName);
+        if (fs_1.default.existsSync(candidate) && fs_1.default.statSync(candidate).isDirectory())
+            return candidate;
+        const parent = path_1.default.dirname(current);
+        if (parent === current)
+            break;
+        current = parent;
+    }
+    return null;
+}
+/**
+ * Resolve the skill directory from user input.
+ * Priority:
+ *   1. Exact path (absolute or relative) → use as-is
+ *   2. Walk up looking for `.agent/skills/<input>` or `agent/skills/<input>`
+ *   3. Walk up looking for any `skills/<input>` folder
+ */
+function resolveSkillDir(input) {
+    const exact = path_1.default.resolve(input);
+    if (fs_1.default.existsSync(exact))
+        return exact;
+    const name = path_1.default.basename(input); // support "frontend-design" or "skills/frontend-design"
+    const agentFolders = ['.agent', 'agent', '_agent', '_agents'];
+    for (const agentFolder of agentFolders) {
+        const agentDir = findAncestorDir(process.cwd(), agentFolder);
+        if (!agentDir)
+            continue;
+        const candidate = path_1.default.join(agentDir, 'skills', name);
+        if (fs_1.default.existsSync(candidate))
+            return candidate;
+        // also try the input as a sub-path inside agentDir
+        const subCandidate = path_1.default.join(agentDir, input);
+        if (fs_1.default.existsSync(subCandidate))
+            return subCandidate;
+    }
+    return null;
+}
+function scanSkill(skillDir, skipAudit = false) {
+    const skillPath = path_1.default.join(skillDir, 'SKILL.md');
+    const content = fs_1.default.existsSync(skillPath) ? fs_1.default.readFileSync(skillPath, 'utf8') : '';
+    const fmMatch = content.match(/^---\n([\s\S]*?)\n---/m);
+    let frontmatter = {};
+    try {
+        frontmatter = (js_yaml_1.default.load(fmMatch?.[1] ?? '') ?? {});
+    }
+    catch {
+        // malformed YAML — treat as unparseable, flag it
+    }
+    const findings = [
+        ...checkPermissions(frontmatter),
+        ...checkDangerousBins(frontmatter),
+        ...checkExposedEnv(frontmatter),
+        ...checkCodeRisks(skillDir),
+        ...checkDependencyVulns(skillDir, skipAudit),
+    ];
+    if (!fmMatch) {
+        findings.push({ level: 'low', message: 'No YAML frontmatter found in SKILL.md' });
+    }
+    return {
+        name: frontmatter.name ?? path_1.default.basename(skillDir),
+        dir: skillDir,
+        score: calculateScore(findings),
+        findings,
+    };
+}
+/** Find all immediate subdirectories of `skillsDir` that contain a SKILL.md */
+function discoverSkillDirs(skillsDir) {
+    if (!fs_1.default.existsSync(skillsDir))
+        return [];
+    return fs_1.default.readdirSync(skillsDir, { withFileTypes: true })
+        .filter(e => e.isDirectory())
+        .map(e => path_1.default.join(skillsDir, e.name))
+        .filter(d => fs_1.default.existsSync(path_1.default.join(d, 'SKILL.md')));
+}
+// ──────────────────────────────────────────────
+// Lint
+// ──────────────────────────────────────────────
+const SEMVER_RE = /^\d+\.\d+\.\d+(-[\w.]+)?(\+[\w.]+)?$/;
+const PERMISSION_SCOPES = [
+    'file_system:read', 'file_system:write', 'file_system:*',
+    'network:inbound', 'network:outbound', 'network:*',
+    'shell:execute', 'process:spawn', 'memory:read', 'memory:write',
+];
+function lintSkill(skillDir) {
+    const skillPath = path_1.default.join(skillDir, 'SKILL.md');
+    const issues = [];
+    const skillName = path_1.default.basename(skillDir);
+    // ── File existence ──
+    if (!fs_1.default.existsSync(skillPath)) {
+        return { skill: skillName, passed: false, issues: [{ severity: 'error', field: 'SKILL.md', message: 'File not found' }] };
+    }
+    const content = fs_1.default.readFileSync(skillPath, 'utf8');
+    const fmMatch = content.match(/^---\n([\s\S]*?)\n---/m);
+    if (!fmMatch) {
+        return { skill: skillName, passed: false, issues: [{ severity: 'error', field: 'frontmatter', message: 'No YAML frontmatter block found (expected --- ... ---)' }] };
+    }
+    let fm = {};
+    try {
+        fm = (js_yaml_1.default.load(fmMatch[1]) ?? {});
+    }
+    catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        return { skill: skillName, passed: false, issues: [{ severity: 'error', field: 'frontmatter', message: `YAML parse error: ${msg}` }] };
+    }
+    // ── Required fields ──
+    if (!fm.name) {
+        issues.push({ severity: 'error', field: 'name', message: 'Missing required field' });
+    }
+    else if (typeof fm.name !== 'string') {
+        issues.push({ severity: 'error', field: 'name', message: 'Must be a string' });
+    }
+    else if (fm.name.trim().length < 3) {
+        issues.push({ severity: 'error', field: 'name', message: 'Too short (min 3 chars)' });
+    }
+    if (!fm.description) {
+        issues.push({ severity: 'error', field: 'description', message: 'Missing required field' });
+    }
+    else if (typeof fm.description !== 'string') {
+        issues.push({ severity: 'error', field: 'description', message: 'Must be a string' });
+    }
+    else if (fm.description.trim().length < 10) {
+        issues.push({ severity: 'warn', field: 'description', message: 'Very short description (min 10 chars recommended)' });
+    }
+    if (!fm.version) {
+        issues.push({ severity: 'error', field: 'version', message: 'Missing required field' });
+    }
+    else if (!SEMVER_RE.test(String(fm.version))) {
+        issues.push({ severity: 'error', field: 'version', message: `"${fm.version}" is not valid semver (expected x.y.z)` });
+    }
+    // ── Optional field validation ──
+    if (fm.permissions !== undefined) {
+        if (!Array.isArray(fm.permissions)) {
+            issues.push({ severity: 'error', field: 'permissions', message: 'Must be an array of strings' });
+        }
+        else {
+            fm.permissions.forEach((p, i) => {
+                if (typeof p !== 'string') {
+                    issues.push({ severity: 'error', field: `permissions[${i}]`, message: 'Each permission must be a string' });
+                }
+                else if (!PERMISSION_SCOPES.includes(p)) {
+                    issues.push({ severity: 'warn', field: `permissions[${i}]`, message: `Unknown permission scope "${p}" — check OpenClaw docs` });
+                }
+            });
+        }
+    }
+    if (fm.requires !== undefined) {
+        if (typeof fm.requires !== 'object' || Array.isArray(fm.requires)) {
+            issues.push({ severity: 'error', field: 'requires', message: 'Must be an object with optional env/config/bin arrays' });
+        }
+        else {
+            for (const key of ['env', 'config', 'bin']) {
+                const val = fm.requires[key];
+                if (val !== undefined && !Array.isArray(val)) {
+                    issues.push({ severity: 'error', field: `requires.${key}`, message: 'Must be an array of strings' });
+                }
+            }
+        }
+    }
+    // ── Description quality hints ──
+    const body = content.slice(content.indexOf('---', 3) + 3).trim();
+    if (body.length < 50) {
+        issues.push({ severity: 'warn', field: 'SKILL.md body', message: 'Skill body is very short — consider adding usage examples or detailed instructions' });
+    }
+    const errors = issues.filter(i => i.severity === 'error');
+    return { skill: fm.name ?? skillName, passed: errors.length === 0, issues };
+}
+// ──────────────────────────────────────────────
+// CLI
+// ──────────────────────────────────────────────
+const program = new commander_1.Command();
+program
+    .name('skill-security-scanner')
+    .description('Static security scanner for OpenClaw skill directories')
+    .version('0.1.0');
+// ── Command: scan (single skill) ──────────────
+program
+    .command('scan [dir]', { isDefault: true })
+    .description('Scan a single skill directory (default command)')
+    .option('--json', 'Output results as JSON (for CI pipelines)')
+    .option('--badge', 'Print Markdown badge to stdout')
+    .action(async (dir, opts) => {
+    if (!dir) {
+        console.error(chalk_1.default.red('❌ Missing skill name or path.'));
+        console.error(chalk_1.default.gray('   Usage: skill-security-scanner <name>'));
+        console.error(chalk_1.default.gray('   Example: skill-security-scanner frontend-design'));
+        console.error(chalk_1.default.gray('   Scan all:  skill-security-scanner scan-all'));
+        process.exit(1);
+    }
+    const resolvedDir = resolveSkillDir(dir);
+    if (!resolvedDir) {
+        console.error(chalk_1.default.red(`❌ Skill not found: "${dir}"`));
+        console.error(chalk_1.default.gray('   Try: skill-security-scanner frontend-design'));
+        console.error(chalk_1.default.gray('   Or:  skill-security-scanner .agent/skills/frontend-design'));
+        process.exit(1);
+    }
+    if (!fs_1.default.existsSync(path_1.default.join(resolvedDir, 'SKILL.md'))) {
+        console.error(chalk_1.default.red('❌ No SKILL.md found — is this an OpenClaw skill directory?'));
+        process.exit(1);
+    }
+    const spinner = (0, ora_1.default)('Scanning skill...').start();
+    const result = scanSkill(resolvedDir);
+    spinner.stop();
+    const BADGE_COLOR_MAP = { low: 'brightgreen', med: 'yellow', high: 'red' };
+    const badgeLabel = result.score.toUpperCase();
+    const badge = `![Skill Security: ${badgeLabel}](https://img.shields.io/badge/Skill%20Security-${badgeLabel}-${BADGE_COLOR_MAP[result.score]}?style=flat-square&logo=shield)`;
+    const upgrade = 'Full dynamic analysis, GitHub Action & CI dashboards → skill-security.com (7-day free trial)';
+    const report = {
+        skill: result.name, score: result.score, findings: result.findings, badge,
+        upgrade: ''
+    };
+    if (opts.json) {
+        console.log(JSON.stringify(report, null, 2));
+        return;
+    }
+    const scoreColor = { low: chalk_1.default.green, med: chalk_1.default.yellow, high: chalk_1.default.red }[result.score];
+    const icon = { low: '✅', med: '⚠️', high: '🚨' }[result.score];
+    const printGroup = (level, label, color) => {
+        const group = result.findings.filter(f => f.level === level);
+        if (!group.length)
+            return;
+        console.log(color.bold(`${label} (${group.length})`));
+        group.forEach(f => console.log(color(`  • ${f.message}`)));
+        console.log('');
+    };
+    console.log('');
+    console.log(chalk_1.default.bold.white(`🔍 Skill Security Scanner — ${result.name}`));
+    console.log(chalk_1.default.gray('─'.repeat(50)));
+    console.log(`Risk Score: ${scoreColor(`${icon} ${result.score.toUpperCase()}`)}`);
+    console.log('');
+    if (!result.findings.length) {
+        console.log(chalk_1.default.green('✅ No issues found. Skill looks clean.'));
+    }
+    else {
+        printGroup('high', '🚨 HIGH RISK', chalk_1.default.red);
+        printGroup('med', '⚠️  MEDIUM RISK', chalk_1.default.yellow);
+        printGroup('low', '💡 LOW RISK', chalk_1.default.gray);
+    }
+    if (opts.badge) {
+        console.log(chalk_1.default.gray('Badge:\n'));
+        console.log(badge);
+        console.log('');
+    }
+    console.log(chalk_1.default.blueBright(`💡 ${upgrade}`));
+    console.log('');
+    if (result.score === 'high')
+        process.exit(1);
+});
+// ── Command: lint ────────────────────────────
+program
+    .command('lint [dir]')
+    .description('Validate SKILL.md frontmatter against the OpenClaw schema')
+    .option('--json', 'Output results as JSON')
+    .option('--strict', 'Treat warnings as errors (exit 1)')
+    .option('--all', 'Lint every skill in the project')
+    .action((dir, opts) => {
+    // ── lint --all shortcut ──
+    if (opts.all || !dir) {
+        const agentFolders = ['.agent', 'agent', '_agent', '_agents'];
+        let skillsDir = null;
+        for (const folder of agentFolders) {
+            const agentDir = findAncestorDir(process.cwd(), folder);
+            if (agentDir) {
+                const c = path_1.default.join(agentDir, 'skills');
+                if (fs_1.default.existsSync(c)) {
+                    skillsDir = c;
+                    break;
+                }
+            }
+        }
+        if (!skillsDir) {
+            console.error(chalk_1.default.red('❌ No .agent/skills directory found.'));
+            process.exit(1);
+        }
+        const dirs = discoverSkillDirs(skillsDir);
+        const results = dirs.map(d => lintSkill(d));
+        if (opts.json) {
+            console.log(JSON.stringify(results, null, 2));
+        }
+        else {
+            const passed = results.filter(r => r.passed && !(opts.strict && r.issues.some(i => i.severity === 'warn')));
+            const failed = results.filter(r => !r.passed || (opts.strict && r.issues.some(i => i.severity === 'warn')));
+            console.log('');
+            console.log(chalk_1.default.bold.white(`🔎 Lint — ${results.length} skills`));
+            console.log(chalk_1.default.gray('─'.repeat(60)));
+            for (const r of [...failed, ...passed]) {
+                const ok = !failed.includes(r);
+                console.log(ok ? chalk_1.default.green(`  ✅ ${r.skill}`) : chalk_1.default.red(`  ❌ ${r.skill}`));
+                r.issues.forEach(issue => {
+                    const c = issue.severity === 'error' ? chalk_1.default.red : chalk_1.default.yellow;
+                    console.log(c(`       [${issue.severity.toUpperCase()}] ${issue.field}: ${issue.message}`));
+                });
+            }
+            console.log(chalk_1.default.gray('─'.repeat(60)));
+            console.log(`  ${chalk_1.default.green(`✅ ${passed.length} passed`)}  ${chalk_1.default.red(`❌ ${failed.length} failed`)}`);
+            console.log('');
+        }
+        const anyFailed = results.some(r => !r.passed || (opts.strict && r.issues.some(i => i.severity === 'warn')));
+        if (anyFailed)
+            process.exit(1);
+        return;
+    }
+    // ── single skill ──
+    const resolvedDir = resolveSkillDir(dir);
+    if (!resolvedDir) {
+        console.error(chalk_1.default.red(`❌ Skill not found: "${dir}"`));
+        process.exit(1);
+    }
+    const result = lintSkill(resolvedDir);
+    const hasFail = !result.passed || (opts.strict && result.issues.some(i => i.severity === 'warn'));
+    if (opts.json) {
+        console.log(JSON.stringify(result, null, 2));
+    }
+    else {
+        const errors = result.issues.filter(i => i.severity === 'error');
+        const warns = result.issues.filter(i => i.severity === 'warn');
+        const statusIcon = hasFail ? '❌' : '✅';
+        const statusText = hasFail ? chalk_1.default.red('FAIL') : chalk_1.default.green('PASS');
+        console.log('');
+        console.log(chalk_1.default.bold.white(`🔎 Lint — ${result.skill}`));
+        console.log(chalk_1.default.gray('─'.repeat(50)));
+        console.log(`Status: ${statusIcon} ${statusText}`);
+        console.log('');
+        if (!result.issues.length) {
+            console.log(chalk_1.default.green('✅ All fields valid. Skill looks well-formed.'));
+        }
+        else {
+            if (errors.length) {
+                console.log(chalk_1.default.red.bold(`Errors (${errors.length})`));
+                errors.forEach(i => console.log(chalk_1.default.red(`  • [${i.field}] ${i.message}`)));
+                console.log('');
+            }
+            if (warns.length) {
+                console.log(chalk_1.default.yellow.bold(`Warnings (${warns.length})`));
+                warns.forEach(i => console.log(chalk_1.default.yellow(`  • [${i.field}] ${i.message}`)));
+                console.log('');
+            }
+        }
+    }
+    if (hasFail)
+        process.exit(1);
+});
+// ── Command: scan-all ─────────────────────────
+program
+    .command('scan-all')
+    .description('Scan every skill in the project and show a summary table')
+    .option('--json', 'Output results as JSON array')
+    .option('--fail-on <level>', 'Exit code 1 if any skill reaches this level (low|med|high)', 'high')
+    .option('--skip-audit', 'Skip npm audit (much faster for large projects)')
+    .action(async (opts) => {
+    const agentFolders = ['.agent', 'agent', '_agent', '_agents'];
+    let skillsDir = null;
+    for (const folder of agentFolders) {
+        const agentDir = findAncestorDir(process.cwd(), folder);
+        if (agentDir) {
+            const candidate = path_1.default.join(agentDir, 'skills');
+            if (fs_1.default.existsSync(candidate)) {
+                skillsDir = candidate;
+                break;
+            }
+        }
+    }
+    if (!skillsDir) {
+        console.error(chalk_1.default.red('❌ No .agent/skills directory found from the current location.'));
+        process.exit(1);
+    }
+    const skillDirs = discoverSkillDirs(skillsDir);
+    if (!skillDirs.length) {
+        console.error(chalk_1.default.yellow('⚠️  No skill directories with SKILL.md found.'));
+        process.exit(0);
+    }
+    // Auto-skip audit for large projects unless explicitly requested
+    const skipAudit = opts.skipAudit ?? skillDirs.length > 5;
+    const spinner = (0, ora_1.default)(`Scanning ${skillDirs.length} skills${skipAudit ? ' (audit skipped)' : ''}...`).start();
+    const results = skillDirs.map(d => scanSkill(d, skipAudit));
+    spinner.stop();
+    if (opts.json) {
+        console.log(JSON.stringify(results.map(r => ({
+            skill: r.name, score: r.score, findingCount: r.findings.length, findings: r.findings,
+        })), null, 2));
+        const hasFailure = results.some(r => r.score === opts.failOn || (opts.failOn === 'low' && true) || (opts.failOn === 'med' && r.score !== 'low'));
+        if (hasFailure)
+            process.exit(1);
+        return;
+    }
+    // ── Summary table ──
+    const counts = { high: 0, med: 0, low: 0 };
+    results.forEach(r => counts[r.score]++);
+    const SCORE_COLOR = { low: chalk_1.default.green, med: chalk_1.default.yellow, high: chalk_1.default.red };
+    const SCORE_ICON = { low: '✅', med: '⚠️ ', high: '🚨' };
+    const FIND_COLOR = { low: chalk_1.default.gray, med: chalk_1.default.yellow, high: chalk_1.default.red };
+    // Sort: high first, then med, then low
+    const sorted = [...results].sort((a, b) => {
+        const order = { high: 0, med: 1, low: 2 };
+        return order[a.score] - order[b.score];
+    });
+    console.log('');
+    console.log(chalk_1.default.bold.white(`🔍 Skill Security Scanner — Project Scan (${results.length} skills)`));
+    console.log(chalk_1.default.gray('─'.repeat(60)));
+    for (const r of sorted) {
+        const color = SCORE_COLOR[r.score];
+        const icon = SCORE_ICON[r.score];
+        if (!r.findings.length) {
+            console.log(`  ${icon} ${color(r.score.toUpperCase().padEnd(5))}  ${r.name}`);
+        }
+        else {
+            // Header row for this skill
+            console.log(`  ${icon} ${color(r.score.toUpperCase().padEnd(5))}  ${chalk_1.default.bold(r.name)}`);
+            // Print findings grouped by severity
+            for (const level of ['high', 'med', 'low']) {
+                const group = r.findings.filter(f => f.level === level);
+                group.forEach(f => {
+                    console.log(`          ${FIND_COLOR[level](`→ [${f.level.toUpperCase()}] ${f.message}`)}`);
+                });
+            }
+            console.log('');
+        }
+    }
+    console.log(chalk_1.default.gray('─'.repeat(60)));
+    console.log(`  ${chalk_1.default.red(`🚨 ${counts.high} HIGH`)}  ` +
+        `${chalk_1.default.yellow(`⚠️  ${counts.med} MED`)}  ` +
+        `${chalk_1.default.green(`✅ ${counts.low} LOW`)}`);
+    console.log('');
+    // console.log(chalk.blueBright('Full dynamic analysis, GitHub Action & CI dashboards → skill-security.com (7-day free trial)'));
+    console.log('');
+    const LEVEL_ORDER = { low: 0, med: 1, high: 2 };
+    const shouldFail = results.some(r => LEVEL_ORDER[r.score] >= LEVEL_ORDER[opts.failOn]);
+    if (shouldFail)
+        process.exit(1);
+});
+program.parse();
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;AACA,yCAAoC;AACpC,kDAA0B;AAC1B,8CAAsB;AACtB,sDAA2B;AAC3B,4CAAoB;AACpB,gDAAwB;AACxB,iDAAyC;AA+CzC,iDAAiD;AACjD,cAAc;AACd,iDAAiD;AAEjD,MAAM,cAAc,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;AAChH,MAAM,eAAe,GAAG;IACpB,gDAAgD;IAChD,2CAA2C;IAC3C,0CAA0C;IAC1C,oDAAoD;IACpD,qBAAqB,EAAW,aAAa;IAC7C,qBAAqB,EAAW,aAAa;IAC7C,kBAAkB,EAAc,iBAAiB;CACpD,CAAC;AACF,MAAM,aAAa,GAAG,4DAA4D,CAAC;AACnF,MAAM,gBAAgB,GAAG,yFAAyF,CAAC;AAEnH,SAAS,gBAAgB,CAAC,EAAe;IACrC,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,IAAI,EAAE,CAAC;IAEnC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,mBAAmB,CAAC,EAAE,CAAC;QAC5E,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,kEAAkE,EAAE,CAAC,CAAC;IACjH,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,kBAAkB,CAAC,EAAE,CAAC;QACvE,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,sEAAsE,EAAE,CAAC,CAAC;IACrH,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC;QAC9E,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,qEAAqE,EAAE,CAAC,CAAC;IACrH,CAAC;IACD,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED,SAAS,kBAAkB,CAAC,EAAe;IACvC,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC;IACpC,OAAO,IAAI;SACN,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;SACrD,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,MAAmB,EAAE,OAAO,EAAE,8BAA8B,CAAC,uBAAuB,EAAE,CAAC,CAAC,CAAC;AACrH,CAAC;AAED,SAAS,eAAe,CAAC,EAAe;IACpC,MAAM,OAAO,GAAG,EAAE,CAAC,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC;IACvC,MAAM,iBAAiB,GAAG,2CAA2C,CAAC;IACtE,OAAO,OAAO;SACT,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;SACtC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,KAAkB,EAAE,OAAO,EAAE,+BAA+B,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW;IACnC,MAAM,IAAI,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,SAAS,IAAI,CAAC,OAAe;QACzB,KAAK,MAAM,KAAK,IAAI,YAAE,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;YACnE,MAAM,IAAI,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YAC5C,IAAI,KAAK,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChF,IAAI,CAAC,IAAI,CAAC,CAAC;YACf,CAAC;iBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,cAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;gBACnE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvB,CAAC;QACL,CAAC;IACL,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,OAAO,CAAC;AACnB,CAAC;AAED,SAAS,cAAc,CAAC,GAAW;IAC/B,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAEtC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,YAAE,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC9C,MAAM,GAAG,GAAG,cAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAErC,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,sBAAsB,GAAG,+BAA+B,EAAE,CAAC,CAAC;QACxG,CAAC;QACD,IAAI,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,yBAAyB,GAAG,+BAA+B,EAAE,CAAC,CAAC;QAC1G,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACpC,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,gCAAgC,GAAG,EAAE,EAAE,CAAC,CAAC;gBACjF,MAAM;YACV,CAAC;QACL,CAAC;QAED,yBAAyB;QACzB,aAAa,CAAC,SAAS,GAAG,CAAC,CAAC;QAC5B,gBAAgB,CAAC,SAAS,GAAG,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED,SAAS,oBAAoB,CAAC,GAAW,EAAE,SAAS,GAAG,KAAK;IACxD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,OAAO,GAAG,cAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAC/C,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,SAAS;QAAE,OAAO,QAAQ,CAAC;IAE1D,IAAI,CAAC;QACD,MAAM,WAAW,GAAG,IAAA,wBAAQ,EAAC,kBAAkB,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC3H,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACtC,MAAM,SAAS,GAAW,KAAK,EAAE,QAAQ,EAAE,eAAe,EAAE,KAAK,IAAI,CAAC,CAAC;QACvE,MAAM,IAAI,GAAW,CAAC,KAAK,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,IAAI,CAAC,CAAC,CAAC;QAEvH,IAAI,IAAI,GAAG,CAAC;YAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,IAAI,8DAA8D,EAAE,CAAC,CAAC;aAC1H,IAAI,SAAS,GAAG,CAAC;YAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,SAAS,qCAAqC,EAAE,CAAC,CAAC;IACxH,CAAC;IAAC,MAAM,CAAC;QACL,gEAAgE;IACpE,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED,iDAAiD;AACjD,oBAAoB;AACpB,iDAAiD;AAEjD,SAAS,cAAc,CAAC,QAAmB;IACvC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,MAAM,CAAC;QAAE,OAAO,MAAM,CAAC;IAC1D,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACxD,OAAO,KAAK,CAAC;AACjB,CAAC;AAGD,iDAAiD;AACjD,kBAAkB;AAClB,iDAAiD;AAEjD,0EAA0E;AAC1E,SAAS,eAAe,CAAC,QAAgB,EAAE,UAAkB;IACzD,IAAI,OAAO,GAAG,QAAQ,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACzB,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QACjD,IAAI,YAAE,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,YAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE;YAAE,OAAO,SAAS,CAAC;QACvF,MAAM,MAAM,GAAG,cAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,MAAM,KAAK,OAAO;YAAE,MAAM;QAC9B,OAAO,GAAG,MAAM,CAAC;IACrB,CAAC;IACD,OAAO,IAAI,CAAC;AAChB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,eAAe,CAAC,KAAa;IAClC,MAAM,KAAK,GAAG,cAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,YAAE,CAAC,UAAU,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEvC,MAAM,IAAI,GAAG,cAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,wDAAwD;IAC3F,MAAM,YAAY,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAE9D,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,WAAW,CAAC,CAAC;QAC7D,IAAI,CAAC,QAAQ;YAAE,SAAS;QAExB,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QACtD,IAAI,YAAE,CAAC,UAAU,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAC;QAE/C,mDAAmD;QACnD,MAAM,YAAY,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAChD,IAAI,YAAE,CAAC,UAAU,CAAC,YAAY,CAAC;YAAE,OAAO,YAAY,CAAC;IACzD,CAAC;IAED,OAAO,IAAI,CAAC;AAChB,CAAC;AAaD,SAAS,SAAS,CAAC,QAAgB,EAAE,SAAS,GAAG,KAAK;IAClD,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,MAAM,OAAO,GAAG,YAAE,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,YAAE,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACnF,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAExD,IAAI,WAAW,GAAgB,EAAE,CAAC;IAClC,IAAI,CAAC;QACD,WAAW,GAAG,CAAC,iBAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAgB,CAAC;IACvE,CAAC;IAAC,MAAM,CAAC;QACL,iDAAiD;IACrD,CAAC;IAED,MAAM,QAAQ,GAAc;QACxB,GAAG,gBAAgB,CAAC,WAAW,CAAC;QAChC,GAAG,kBAAkB,CAAC,WAAW,CAAC;QAClC,GAAG,eAAe,CAAC,WAAW,CAAC;QAC/B,GAAG,cAAc,CAAC,QAAQ,CAAC;QAC3B,GAAG,oBAAoB,CAAC,QAAQ,EAAE,SAAS,CAAC;KAC/C,CAAC;IAEF,IAAI,CAAC,OAAO,EAAE,CAAC;QACX,QAAQ,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC,CAAC;IACtF,CAAC;IAED,OAAO;QACH,IAAI,EAAE,WAAW,CAAC,IAAI,IAAI,cAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACjD,GAAG,EAAE,QAAQ;QACb,KAAK,EAAE,cAAc,CAAC,QAAQ,CAAC;QAC/B,QAAQ;KACX,CAAC;AACN,CAAC;AAGD,+EAA+E;AAC/E,SAAS,iBAAiB,CAAC,SAAiB;IACxC,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,EAAE,CAAC;IACzC,OAAO,YAAE,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC;SACpD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;SAC5B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,cAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;SACtC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,iDAAiD;AACjD,OAAO;AACP,iDAAiD;AAEjD,MAAM,SAAS,GAAG,sCAAsC,CAAC;AACzD,MAAM,iBAAiB,GAAG;IACtB,kBAAkB,EAAE,mBAAmB,EAAE,eAAe;IACxD,iBAAiB,EAAE,kBAAkB,EAAE,WAAW;IAClD,eAAe,EAAE,eAAe,EAAE,aAAa,EAAE,cAAc;CAClE,CAAC;AAEF,SAAS,SAAS,CAAC,QAAgB;IAC/B,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,MAAM,MAAM,GAAgB,EAAE,CAAC;IAC/B,MAAM,SAAS,GAAG,cAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAE1C,uBAAuB;IACvB,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5B,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,EAAE,CAAC;IAC9H,CAAC;IAED,MAAM,OAAO,GAAG,YAAE,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAExD,IAAI,CAAC,OAAO,EAAE,CAAC;QACX,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,wDAAwD,EAAE,CAAC,EAAE,CAAC;IACzK,CAAC;IAED,IAAI,EAAE,GAAgB,EAAE,CAAC;IACzB,IAAI,CAAC;QACD,EAAE,GAAG,CAAC,iBAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAgB,CAAC;IACtD,CAAC;IAAC,OAAO,CAAU,EAAE,CAAC;QAClB,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,qBAAqB,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC;IAC3I,CAAC;IAED,wBAAwB;IACxB,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QACX,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,CAAC;IACzF,CAAC;SAAM,IAAI,OAAO,EAAE,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAAC;IACnF,CAAC;SAAM,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,yBAAyB,EAAE,CAAC,CAAC;IAC1F,CAAC;IAED,IAAI,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,CAAC;IAChG,CAAC;SAAM,IAAI,OAAO,EAAE,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAAC;IAC1F,CAAC;SAAM,IAAI,EAAE,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,mDAAmD,EAAE,CAAC,CAAC;IAC1H,CAAC;IAED,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC;QACd,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC,CAAC;IAC5F,CAAC;SAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAC7C,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,OAAO,wCAAwC,EAAE,CAAC,CAAC;IAC1H,CAAC;IAED,kCAAkC;IAClC,IAAI,EAAE,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;QAC/B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC;YACjC,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;QACrG,CAAC;aAAM,CAAC;YACJ,EAAE,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBAC5B,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;oBACxB,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,eAAe,CAAC,GAAG,EAAE,OAAO,EAAE,kCAAkC,EAAE,CAAC,CAAC;gBAChH,CAAC;qBAAM,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;oBACxC,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,CAAC,GAAG,EAAE,OAAO,EAAE,6BAA6B,CAAC,yBAAyB,EAAE,CAAC,CAAC;gBACpI,CAAC;YACL,CAAC,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IAED,IAAI,EAAE,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC5B,IAAI,OAAO,EAAE,CAAC,QAAQ,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChE,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,uDAAuD,EAAE,CAAC,CAAC;QAC5H,CAAC;aAAM,CAAC;YACJ,KAAK,MAAM,GAAG,IAAI,CAAC,KAAK,EAAE,QAAQ,EAAE,KAAK,CAAU,EAAE,CAAC;gBAClD,MAAM,GAAG,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;gBAC7B,IAAI,GAAG,KAAK,SAAS,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC3C,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,YAAY,GAAG,EAAE,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC,CAAC;gBACzG,CAAC;YACL,CAAC;QACL,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACjE,IAAI,IAAI,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACnB,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,oFAAoF,EAAE,CAAC,CAAC;IAC7J,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC1D,OAAO,EAAE,KAAK,EAAE,EAAE,CAAC,IAAI,IAAI,SAAS,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChF,CAAC;AAED,iDAAiD;AACjD,MAAM;AACN,iDAAiD;AAEjD,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACF,IAAI,CAAC,wBAAwB,CAAC;KAC9B,WAAW,CAAC,wDAAwD,CAAC;KACrE,OAAO,CAAC,OAAO,CAAC,CAAC;AAEtB,iDAAiD;AAEjD,OAAO;KACF,OAAO,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;KAC1C,WAAW,CAAC,iDAAiD,CAAC;KAC9D,MAAM,CAAC,QAAQ,EAAE,2CAA2C,CAAC;KAC7D,MAAM,CAAC,SAAS,EAAE,gCAAgC,CAAC;KACnD,MAAM,CAAC,KAAK,EAAE,GAAuB,EAAE,IAAyC,EAAE,EAAE;IACjF,IAAI,CAAC,GAAG,EAAE,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC,CAAC;QACrE,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC,CAAC;QAChF,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,MAAM,WAAW,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IAEzC,IAAI,CAAC,WAAW,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,uBAAuB,GAAG,GAAG,CAAC,CAAC,CAAC;QACxD,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC,CAAC;QAC5E,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC,CAAC;QAC1F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,IAAI,CAAC,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC,CAAC;QACvF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,MAAM,OAAO,GAAG,IAAA,aAAG,EAAC,mBAAmB,CAAC,CAAC,KAAK,EAAE,CAAC;IACjD,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IACtC,OAAO,CAAC,IAAI,EAAE,CAAC;IAEf,MAAM,eAAe,GAA8B,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACtG,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;IAC9C,MAAM,KAAK,GAAG,qBAAqB,UAAU,mDAAmD,UAAU,IAAI,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC;IAC7K,MAAM,OAAO,GAAG,8FAA8F,CAAC;IAE/G,MAAM,MAAM,GAAe;QACvB,KAAK,EAAE,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,KAAK;QACzE,OAAO,EAAE,EAAE;KACd,CAAC;IAEF,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAAC,OAAO;IAAC,CAAC;IAExE,MAAM,UAAU,GAAG,EAAE,GAAG,EAAE,eAAK,CAAC,KAAK,EAAE,GAAG,EAAE,eAAK,CAAC,MAAM,EAAE,IAAI,EAAE,eAAK,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1F,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC/D,MAAM,UAAU,GAAG,CAAC,KAAgB,EAAE,KAAa,EAAE,KAAgE,EAAE,EAAE;QACrH,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC;QAC7D,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,OAAO;QAC1B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACtD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC,CAAC;IAEF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,KAAK,CAAC,+BAA+B,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IAC5E,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,eAAe,UAAU,CAAC,GAAG,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;IACtE,CAAC;SAAM,CAAC;QACJ,UAAU,CAAC,MAAM,EAAE,cAAc,EAAE,eAAK,CAAC,GAAG,CAAC,CAAC;QAC9C,UAAU,CAAC,KAAK,EAAE,iBAAiB,EAAE,eAAK,CAAC,MAAM,CAAC,CAAC;QACnD,UAAU,CAAC,KAAK,EAAE,aAAa,EAAE,eAAK,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IAED,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAAC,CAAC;IAC7F,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,UAAU,CAAC,MAAM,OAAO,EAAE,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,IAAI,MAAM,CAAC,KAAK,KAAK,MAAM;QAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACjD,CAAC,CAAC,CAAC;AAEP,gDAAgD;AAEhD,OAAO;KACF,OAAO,CAAC,YAAY,CAAC;KACrB,WAAW,CAAC,2DAA2D,CAAC;KACxE,MAAM,CAAC,QAAQ,EAAE,wBAAwB,CAAC;KAC1C,MAAM,CAAC,UAAU,EAAE,mCAAmC,CAAC;KACvD,MAAM,CAAC,OAAO,EAAE,iCAAiC,CAAC;KAClD,MAAM,CAAC,CAAC,GAAuB,EAAE,IAAyD,EAAE,EAAE;IAC3F,4BAA4B;IAC5B,IAAI,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACnB,MAAM,YAAY,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;QAC9D,IAAI,SAAS,GAAkB,IAAI,CAAC;QACpC,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;YACxD,IAAI,QAAQ,EAAE,CAAC;gBACX,MAAM,CAAC,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;gBACxC,IAAI,YAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;oBAAC,SAAS,GAAG,CAAC,CAAC;oBAAC,MAAM;gBAAC,CAAC;YACnD,CAAC;QACL,CAAC;QACD,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC,CAAC;YAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;QACD,MAAM,IAAI,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QAE5C,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAAC,CAAC;aAC5D,CAAC;YACF,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC;YAC5G,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC;YAC5G,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,OAAO,CAAC,MAAM,SAAS,CAAC,CAAC,CAAC;YACpE,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACxC,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC;gBACrC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;gBAC/B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,eAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC,eAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;gBAC9E,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;oBACrB,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,eAAK,CAAC,GAAG,CAAC,CAAC,CAAC,eAAK,CAAC,MAAM,CAAC;oBAChE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAChG,CAAC,CAAC,CAAC;YACP,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YACxC,OAAO,CAAC,GAAG,CAAC,KAAK,eAAK,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,MAAM,SAAS,CAAC,KAAK,eAAK,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,MAAM,SAAS,CAAC,EAAE,CAAC,CAAC;YACxG,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACpB,CAAC;QACD,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC;QAC7G,IAAI,SAAS;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC/B,OAAO;IACX,CAAC;IAED,qBAAqB;IACrB,MAAM,WAAW,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACzC,IAAI,CAAC,WAAW,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,uBAAuB,GAAG,GAAG,CAAC,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC;IAElG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;SAC3D,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;QACjE,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAC/D,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QACvC,MAAM,UAAU,GAAG,OAAO,CAAC,CAAC,CAAC,eAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,eAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAErE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,WAAW,UAAU,IAAI,UAAU,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACJ,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;gBAChB,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBACzD,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC7E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACpB,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBAC7D,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC/E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACpB,CAAC;QACL,CAAC;IACL,CAAC;IAED,IAAI,OAAO;QAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACjC,CAAC,CAAC,CAAC;AAEP,iDAAiD;AAEjD,OAAO;KACF,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,0DAA0D,CAAC;KACvE,MAAM,CAAC,QAAQ,EAAE,8BAA8B,CAAC;KAChD,MAAM,CAAC,mBAAmB,EAAE,4DAA4D,EAAE,MAAM,CAAC;KACjG,MAAM,CAAC,cAAc,EAAE,iDAAiD,CAAC;KACzE,MAAM,CAAC,KAAK,EAAE,IAAgE,EAAE,EAAE;IAC/E,MAAM,YAAY,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAC9D,IAAI,SAAS,GAAkB,IAAI,CAAC;IAEpC,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;QACxD,IAAI,QAAQ,EAAE,CAAC;YACX,MAAM,SAAS,GAAG,cAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAChD,IAAI,YAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAAC,SAAS,GAAG,SAAS,CAAC;gBAAC,MAAM;YAAC,CAAC;QACnE,CAAC;IACL,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC,CAAC;QAC1F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,MAAM,SAAS,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAE/C,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,MAAM,CAAC,+CAA+C,CAAC,CAAC,CAAC;QAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,iEAAiE;IACjE,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC;IACzD,MAAM,OAAO,GAAG,IAAA,aAAG,EAAC,YAAY,SAAS,CAAC,MAAM,UAAU,SAAS,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC;IAC5G,MAAM,OAAO,GAAsB,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,CAAC;IAC/E,OAAO,CAAC,IAAI,EAAE,CAAC;IAEf,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACzC,KAAK,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ;SACvF,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACf,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,KAAK,IAAI,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC,CAAC;QACjJ,IAAI,UAAU;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChC,OAAO;IACX,CAAC;IAED,sBAAsB;IACtB,MAAM,MAAM,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IAC3C,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAExC,MAAM,WAAW,GAAG,EAAE,GAAG,EAAE,eAAK,CAAC,KAAK,EAAE,GAAG,EAAE,eAAK,CAAC,MAAM,EAAE,IAAI,EAAE,eAAK,CAAC,GAAG,EAAE,CAAC;IAC7E,MAAM,UAAU,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxD,MAAM,UAAU,GAAG,EAAE,GAAG,EAAE,eAAK,CAAC,IAAI,EAAE,GAAG,EAAE,eAAK,CAAC,MAAM,EAAE,IAAI,EAAE,eAAK,CAAC,GAAG,EAAE,CAAC;IAE3E,uCAAuC;IACvC,MAAM,MAAM,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACtC,MAAM,KAAK,GAA8B,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACrE,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,KAAK,CAAC,6CAA6C,OAAO,CAAC,MAAM,UAAU,CAAC,CAAC,CAAC;IACrG,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAExC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QAEjC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QAClF,CAAC;aAAM,CAAC;YACJ,4BAA4B;YAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,eAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAE1F,qCAAqC;YACrC,KAAK,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,CAAgB,EAAE,CAAC;gBACxD,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC;gBACxD,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;oBACd,OAAO,CAAC,GAAG,CAAC,aAAa,UAAU,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;gBAC/F,CAAC,CAAC,CAAC;YACP,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACpB,CAAC;IACL,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CACP,KAAK,eAAK,CAAC,GAAG,CAAC,MAAM,MAAM,CAAC,IAAI,OAAO,CAAC,IAAI;QAC5C,GAAG,eAAK,CAAC,MAAM,CAAC,OAAO,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI;QAC5C,GAAG,eAAK,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,GAAG,MAAM,CAAC,EAAE,CAC1C,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,iIAAiI;IACjI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,MAAM,WAAW,GAA8B,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAC3E,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IACvF,IAAI,UAAU;QAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACpC,CAAC,CAAC,CAAC;AAEP,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/package.json ADDED Viewed

@@ -0,0 +1,42 @@
+{
+    "name": "skill-security-scanner",
+    "version": "0.1.0",
+    "description": "Static security scanner for OpenClaw skill directories",
+    "main": "dist/index.js",
+    "bin": {
+        "skill-security-scanner": "dist/index.js"
+    },
+    "scripts": {
+        "build": "tsc",
+        "dev": "ts-node src/index.ts",
+        "start": "node dist/index.js",
+        "prepublishOnly": "npm run build"
+    },
+    "keywords": [
+        "openclaw",
+        "security",
+        "skill",
+        "scanner",
+        "ai-agent",
+        "cli"
+    ],
+    "license": "MIT",
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/yourorg/skill-security-scanner"
+    },
+    "dependencies": {
+        "chalk": "^5.3.0",
+        "commander": "^12.1.0",
+        "js-yaml": "^4.1.0",
+        "ora": "^8.1.1",
+        "semver": "^7.6.2"
+    },
+    "devDependencies": {
+        "@types/js-yaml": "^4.0.9",
+        "@types/node": "^20.14.0",
+        "@types/semver": "^7.5.8",
+        "ts-node": "^10.9.2",
+        "typescript": "^5.4.5"
+    }
+}