npm - solidity-argus - Versions diffs - 0.1.8 → 0.3.0 - Mend

solidity-argus 0.1.8 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (178) hide show

package/AGENTS.md +3 -3
package/README.md +229 -13
package/package.json +37 -8
package/skills/INVENTORY.md +88 -57
package/skills/README.md +72 -6
package/skills/case-studies/beanstalk-governance/SKILL.md +52 -0
package/skills/case-studies/bzx-flash-loan/SKILL.md +53 -0
package/skills/case-studies/cream-finance/SKILL.md +52 -0
package/skills/case-studies/curve-reentrancy/SKILL.md +52 -0
package/skills/case-studies/dao-hack/SKILL.md +51 -0
package/skills/case-studies/euler-finance/SKILL.md +52 -0
package/skills/case-studies/harvest-finance/SKILL.md +52 -0
package/skills/case-studies/level-finance/SKILL.md +51 -0
package/skills/case-studies/mango-markets/SKILL.md +53 -0
package/skills/case-studies/nomad-bridge/SKILL.md +51 -0
package/skills/case-studies/parity-multisig/SKILL.md +55 -0
package/skills/case-studies/poly-network/SKILL.md +51 -0
package/skills/case-studies/rari-fuse/SKILL.md +51 -0
package/skills/case-studies/ronin-bridge/SKILL.md +52 -0
package/skills/case-studies/wormhole-bridge/SKILL.md +51 -0
package/skills/checklists/cyfrin-defi-core/SKILL.md +3 -0
package/skills/manifests/cyfrin.json +16 -0
package/skills/manifests/defifofum.json +25 -0
package/skills/manifests/kadenzipfel.json +48 -0
package/skills/manifests/scvd.json +9 -0
package/skills/manifests/smartbugs.json +9 -0
package/skills/manifests/solodit.json +9 -0
package/skills/manifests/sunweb3sec.json +9 -0
package/skills/manifests/trailofbits.json +9 -0
package/skills/methodology/audit-workflow/SKILL.md +3 -0
package/skills/protocol-patterns/amm-dex/SKILL.md +3 -0
package/skills/references/exploit-reference/SKILL.md +3 -0
package/skills/vulnerability-patterns/access-control/SKILL.md +27 -0
package/skills/vulnerability-patterns/arbitrary-storage-location/SKILL.md +13 -1
package/skills/vulnerability-patterns/assert-violation/SKILL.md +8 -1
package/skills/vulnerability-patterns/asserting-contract-from-code-size/SKILL.md +12 -1
package/skills/vulnerability-patterns/authorization-txorigin/SKILL.md +8 -1
package/skills/vulnerability-patterns/cross-chain-bridge-vulnerabilities/SKILL.md +217 -0
package/skills/vulnerability-patterns/default-visibility/SKILL.md +13 -1
package/skills/vulnerability-patterns/delegatecall-untrusted-callee/SKILL.md +8 -1
package/skills/vulnerability-patterns/dos-gas-limit/SKILL.md +8 -1
package/skills/vulnerability-patterns/dos-revert/SKILL.md +14 -1
package/skills/vulnerability-patterns/erc4626-exchange-rate-manipulation/SKILL.md +64 -0
package/skills/vulnerability-patterns/fee-on-transfer-tokens/SKILL.md +93 -0
package/skills/vulnerability-patterns/flash-loan-attacks/SKILL.md +13 -0
package/skills/vulnerability-patterns/floating-pragma/SKILL.md +8 -1
package/skills/vulnerability-patterns/front-running-attacks/SKILL.md +209 -0
package/skills/vulnerability-patterns/gas-optimization-patterns/SKILL.md +203 -0
package/skills/vulnerability-patterns/governance-attacks/SKILL.md +208 -0
package/skills/vulnerability-patterns/hash-collision/SKILL.md +8 -1
package/skills/vulnerability-patterns/inadherence-to-standards/SKILL.md +12 -1
package/skills/vulnerability-patterns/incorrect-constructor/SKILL.md +8 -1
package/skills/vulnerability-patterns/incorrect-inheritance-order/SKILL.md +8 -1
package/skills/vulnerability-patterns/insufficient-gas-griefing/SKILL.md +12 -1
package/skills/vulnerability-patterns/lack-of-precision/SKILL.md +7 -1
package/skills/vulnerability-patterns/logic-errors/SKILL.md +10 -0
package/skills/vulnerability-patterns/missing-parameter-bounds/SKILL.md +44 -0
package/skills/vulnerability-patterns/missing-protection-signature-replay/SKILL.md +17 -1
package/skills/vulnerability-patterns/msgvalue-loop/SKILL.md +12 -1
package/skills/vulnerability-patterns/off-by-one/SKILL.md +7 -1
package/skills/vulnerability-patterns/oracle-manipulation/SKILL.md +22 -0
package/skills/vulnerability-patterns/outdated-compiler-version/SKILL.md +8 -1
package/skills/vulnerability-patterns/overflow-underflow/SKILL.md +11 -1
package/skills/vulnerability-patterns/proxy-vulnerabilities/SKILL.md +209 -0
package/skills/vulnerability-patterns/reentrancy/SKILL.md +22 -0
package/skills/vulnerability-patterns/shadowing-state-variables/SKILL.md +8 -1
package/skills/vulnerability-patterns/share-accounting-desynchronization/SKILL.md +44 -0
package/skills/vulnerability-patterns/signature-malleability/SKILL.md +11 -1
package/skills/vulnerability-patterns/stateful-parameter-update-drift/SKILL.md +44 -0
package/skills/vulnerability-patterns/unbounded-return-data/SKILL.md +12 -1
package/skills/vulnerability-patterns/unchecked-return-values/SKILL.md +13 -1
package/skills/vulnerability-patterns/unencrypted-private-data-on-chain/SKILL.md +8 -1
package/skills/vulnerability-patterns/unexpected-ecrecover-null-address/SKILL.md +8 -1
package/skills/vulnerability-patterns/uninitialized-storage-pointer/SKILL.md +8 -1
package/skills/vulnerability-patterns/unsafe-erc20-transfers/SKILL.md +132 -0
package/skills/vulnerability-patterns/unsafe-low-level-call/SKILL.md +12 -1
package/skills/vulnerability-patterns/unsecure-signatures/SKILL.md +12 -1
package/skills/vulnerability-patterns/unsupported-opcodes/SKILL.md +11 -1
package/skills/vulnerability-patterns/unused-variables/SKILL.md +8 -1
package/skills/vulnerability-patterns/use-of-deprecated-functions/SKILL.md +8 -1
package/skills/vulnerability-patterns/weak-sources-randomness/SKILL.md +8 -1
package/skills/vulnerability-patterns/weird-tokens/SKILL.md +10 -0
package/skills/vulnerability-patterns/zero-address-misconfiguration/SKILL.md +48 -0
package/src/agents/argus-prompt.ts +27 -10
package/src/agents/pythia-prompt.ts +7 -8
package/src/agents/scribe-prompt.ts +10 -5
package/src/agents/sentinel-prompt.ts +36 -7
package/src/cli/cli-output.ts +16 -0
package/src/cli/cli-program.ts +29 -22
package/src/cli/commands/check-skills.ts +135 -0
package/src/cli/commands/doctor.ts +303 -23
package/src/cli/commands/init.ts +8 -6
package/src/cli/commands/install.ts +10 -8
package/src/cli/commands/lint-skills.ts +118 -0
package/src/cli/index.ts +5 -5
package/src/cli/tui-prompts.ts +4 -2
package/src/cli/types.ts +3 -3
package/src/config/index.ts +1 -1
package/src/config/loader.ts +4 -6
package/src/config/schema.ts +6 -5
package/src/config/types.ts +2 -2
package/src/constants/defaults.ts +2 -0
package/src/create-hooks.ts +225 -29
package/src/create-managers.ts +10 -8
package/src/create-tools.ts +14 -8
package/src/features/background-agent/background-manager.ts +93 -87
package/src/features/background-agent/index.ts +1 -1
package/src/features/context-monitor/context-monitor.ts +3 -3
package/src/features/context-monitor/index.ts +2 -2
package/src/features/error-recovery/session-recovery.ts +2 -4
package/src/features/error-recovery/tool-error-recovery.ts +79 -19
package/src/features/index.ts +5 -5
package/src/features/persistent-state/audit-state-manager.ts +158 -52
package/src/features/persistent-state/global-run-index.ts +38 -0
package/src/features/persistent-state/index.ts +1 -1
package/src/features/persistent-state/run-journal.ts +86 -0
package/src/hooks/agent-tracker.ts +53 -0
package/src/hooks/compaction-hook.ts +46 -37
package/src/hooks/config-handler.ts +31 -11
package/src/hooks/context-budget.ts +42 -0
package/src/hooks/event-hook.ts +48 -23
package/src/hooks/hook-system.ts +4 -4
package/src/hooks/index.ts +5 -5
package/src/hooks/knowledge-sync-hook.ts +19 -21
package/src/hooks/recon-context-builder.ts +66 -0
package/src/hooks/safe-create-hook.ts +9 -11
package/src/hooks/system-prompt-hook.ts +128 -0
package/src/hooks/tool-tracking-hook.ts +162 -29
package/src/hooks/types.ts +2 -1
package/src/index.ts +23 -13
package/src/knowledge/retry.ts +53 -0
package/src/knowledge/scvd-client.ts +103 -83
package/src/knowledge/scvd-errors.ts +89 -0
package/src/knowledge/scvd-index.ts +110 -62
package/src/knowledge/scvd-sync.ts +223 -47
package/src/knowledge/source-manifest.ts +102 -0
package/src/managers/index.ts +1 -1
package/src/managers/types.ts +19 -14
package/src/plugin-interface.ts +19 -8
package/src/shared/binary-utils.ts +44 -34
package/src/shared/deep-merge.ts +55 -36
package/src/shared/file-utils.ts +21 -19
package/src/shared/index.ts +11 -5
package/src/shared/jsonc-parser.ts +123 -28
package/src/shared/logger.ts +91 -17
package/src/shared/project-utils.ts +30 -0
package/src/skills/analysis/cluster.ts +414 -0
package/src/skills/analysis/gates.ts +227 -0
package/src/skills/analysis/index.ts +33 -0
package/src/skills/analysis/normalize.ts +217 -0
package/src/skills/analysis/similarity.ts +224 -0
package/src/skills/argus-skill-resolver.ts +237 -0
package/src/skills/skill-schema.ts +99 -0
package/src/solodit-lifecycle.ts +202 -0
package/src/state/audit-state.ts +10 -8
package/src/state/finding-store.ts +68 -55
package/src/state/types.ts +96 -44
package/src/tools/argus-skill-load-tool.ts +78 -0
package/src/tools/contract-analyzer-tool.ts +60 -77
package/src/tools/forge-coverage-tool.ts +226 -0
package/src/tools/forge-fuzz-tool.ts +127 -127
package/src/tools/forge-test-tool.ts +153 -157
package/src/tools/gas-analysis-tool.ts +264 -0
package/src/tools/pattern-checker-tool.ts +206 -167
package/src/tools/pattern-loader.ts +77 -0
package/src/tools/pattern-schema.ts +51 -0
package/src/tools/proxy-detection-tool.ts +224 -0
package/src/tools/report-generator-tool.ts +333 -142
package/src/tools/slither-tool.ts +300 -210
package/src/tools/solodit-search-tool.ts +255 -80
package/src/tools/sync-knowledge-tool.ts +7 -11
package/src/utils/audit-artifact-detector.ts +118 -0
package/src/utils/dependency-scanner.ts +93 -0
package/src/utils/project-detector.ts +175 -86
package/src/utils/solidity-parser.ts +112 -67
package/src/utils/solodit-health.ts +29 -0
package/src/hooks/event-hook-v2.ts +0 -99
package/src/state/plugin-state.ts +0 -14

package/src/hooks/event-hook-v2.ts DELETED Viewed

@@ -1,99 +0,0 @@
-import type { AuditState } from "../state/types"
-import { createAuditState } from "../state/audit-state"
-import { createLogger } from "../shared/logger"
-export type AuditEventType =
-  | "session.created"
-  | "session.idle"
-  | "session.error"
-  | "session.deleted"
-  | "audit.phase-changed"
-  | "audit.finding-added"
-  | "audit.complete"
-export type EventHookV2Fn = (input: {
-  event: { type: string; sessionId?: string; properties?: Record<string, unknown> }
-}) => Promise<void>
-export type EventSubHandler = (event: {
-  type: string
-  sessionId?: string
-  auditState: AuditState | null
-  setAuditState: (state: AuditState | null) => void
-}) => Promise<void>
-export function createEventHookV2(
-  projectDir?: string,
-  subHandlers: EventSubHandler[] = [],
-): {
-  hook: EventHookV2Fn
-  getAuditState: () => AuditState | null
-  setAuditState: (state: AuditState | null) => void
-} {
-  const logger = createLogger()
-  let currentAuditState: AuditState | null = null
-  const getAuditState = (): AuditState | null => currentAuditState
-  const setAuditState = (state: AuditState | null): void => {
-    currentAuditState = state
-  }
-  const hook: EventHookV2Fn = async (input): Promise<void> => {
-    const { type, sessionId } = input.event
-    switch (type) {
-      case "session.created": {
-        const dir = projectDir ?? process.cwd()
-        const { state } = createAuditState(dir)
-        currentAuditState = state
-        break
-      }
-      case "session.idle": {
-        if (currentAuditState) {
-          logger.debug(
-            `Session idle — phase: ${currentAuditState.currentPhase}, findings: ${currentAuditState.findings.length}`,
-          )
-        }
-        break
-      }
-      case "session.error": {
-        if (currentAuditState) {
-          logger.error(
-            `Session error — state snapshot: ${JSON.stringify({
-              sessionId: currentAuditState.sessionId,
-              phase: currentAuditState.currentPhase,
-              findingsCount: currentAuditState.findings.length,
-              contractsReviewed: currentAuditState.contractsReviewed,
-            })}`,
-          )
-        }
-        break
-      }
-      case "session.deleted": {
-        currentAuditState = null
-        break
-      }
-      default:
-        break
-    }
-    for (const handler of subHandlers) {
-      try {
-        await handler({
-          type,
-          sessionId,
-          auditState: currentAuditState,
-          setAuditState,
-        })
-      } catch (error) {
-        logger.error(`Sub-handler failed for event ${type}:`, error)
-      }
-    }
-  }
-  return { hook, getAuditState, setAuditState }
-}

package/src/state/plugin-state.ts DELETED Viewed

@@ -1,14 +0,0 @@
-import type { ArgusConfig } from "../config/types";
-import type { Managers } from "../managers/types";
-/**
- * PluginState interface
- * Represents the complete state of the Argus plugin instance
- * Includes configuration, project context, and manager instances
- */
-export interface PluginState {
-  config: ArgusConfig;
-  projectDir: string;
-  managers: Managers;
-  isHookEnabled: (name: string) => boolean;
-}