transskill 0.2.0 → 0.2.2

package/dist/audit/index.js

@@ -0,0 +1,155 @@
+import { computeScore, SEVERITY_ORDER } from './auditor.interface.js';
+import { getAuditors } from './auditor-registry.js';
+import { renderConsoleReport } from './reporter/console-reporter.js';
+import { DirectoryScanner } from './scanner/directory-scanner.js';
+/**
+ * AuditEngine — the main entry point for security auditing.
+ *
+ * Flow:
+ *   1. Get all registered auditors
+ *   2. Filter by options (minSeverity, specific auditors)
+ *   3. Run each applicable auditor against the parsed skill
+ *   4. Aggregate findings
+ *   5. Compute score + generate report
+ */
+export class AuditEngine {
+    options;
+    constructor(options = {}) {
+        this.options = {
+            minSeverity: options.minSeverity ?? 'info',
+            auditors: options.auditors ?? [],
+            noDirectory: options.noDirectory ?? false,
+        };
+    }
+    /**
+     * Audit a single parsed skill file.
+     */
+    auditSkill(skill, filePath, target) {
+        const auditors = this.resolveAuditors(skill.metadata.sourceFormat);
+        const findings = [];
+        for (const auditor of auditors) {
+            try {
+                const result = auditor.audit(skill, filePath);
+                findings.push(...result);
+            }
+            catch (err) {
+                findings.push({
+                    id: 'ERR',
+                    severity: 'info',
+                    title: `Auditor "${auditor.id}" 执行出错`,
+                    description: String(err),
+                    filePath,
+                    recommendation: '检查 auditor 实现是否正确',
+                });
+            }
+        }
+        return this.buildReport(findings, target ?? filePath, skill.metadata.sourceFormat, false);
+    }
+    /**
+     * Audit a skill directory, including file-level and directory-level checks.
+     */
+    auditDirectory(skill, rootPath, skillFilePath, target) {
+        const auditors = this.resolveAuditors(skill.metadata.sourceFormat);
+        const findings = [];
+        // Run all applicable auditors on the parsed skill
+        for (const auditor of auditors) {
+            try {
+                const result = auditor.audit(skill, skillFilePath);
+                findings.push(...result);
+            }
+            catch (err) {
+                findings.push({
+                    id: 'ERR',
+                    severity: 'info',
+                    title: `Auditor "${auditor.id}" 执行出错`,
+                    description: String(err),
+                    filePath: skillFilePath,
+                    recommendation: '检查 auditor 实现是否正确',
+                });
+            }
+        }
+        // Run directory-specific scanner
+        const dirScanner = new DirectoryScanner();
+        try {
+            const dirFindings = dirScanner.auditDirectory(rootPath, skillFilePath);
+            findings.push(...dirFindings);
+        }
+        catch (err) {
+            // Directory scan is best-effort
+        }
+        return this.buildReport(findings, target ?? rootPath, skill.metadata.sourceFormat, true);
+    }
+    /**
+     * Run all auditors and return the report object.
+     */
+    run(skill, filePath, isDirectory) {
+        return this.auditSkill(skill, filePath, filePath);
+    }
+    /**
+     * Generate console-friendly report string.
+     */
+    reportToString(report) {
+        return renderConsoleReport(report);
+    }
+    /**
+     * Generate JSON report string.
+     */
+    reportToJson(report, pretty = true) {
+        return JSON.stringify(report, null, pretty ? 2 : undefined);
+    }
+    resolveAuditors(format) {
+        const all = getAuditors();
+        let filtered = all;
+        // Filter by format support
+        filtered = filtered.filter((a) => !a.supportedFormats ||
+            a.supportedFormats.length === 0 ||
+            a.supportedFormats.includes(format));
+        // Filter by specific auditors if requested
+        if (this.options.auditors.length > 0) {
+            filtered = filtered.filter((a) => this.options.auditors.includes(a.id));
+        }
+        return filtered;
+    }
+    buildReport(findings, target, format, isDirectory) {
+        // Apply severity filter
+        const minIdx = SEVERITY_ORDER.indexOf(this.options.minSeverity);
+        const filtered = findings.filter((f) => {
+            const idx = SEVERITY_ORDER.indexOf(f.severity);
+            return idx <= minIdx; // higher severity = lower index
+        });
+        // Count by severity
+        const counts = { critical: 0, high: 0, medium: 0, low: 0, info: 0 };
+        for (const f of filtered) {
+            counts[f.severity]++;
+        }
+        const score = computeScore(counts.critical, counts.high, counts.medium, counts.low, counts.info);
+        // Generate summary
+        const parts = [];
+        if (filtered.length === 0) {
+            parts.push('未发现安全问题，请继续保持');
+        }
+        else {
+            if (counts.critical > 0)
+                parts.push(`发现 ${counts.critical} 个严重问题`);
+            if (counts.high > 0)
+                parts.push(`发现 ${counts.high} 个高危问题`);
+            if (counts.medium > 0)
+                parts.push(`发现 ${counts.medium} 个中危问题`);
+            if (filtered.length > 0)
+                parts.push(`共 ${filtered.length} 项发现`);
+        }
+        const hasIssues = counts.critical > 0 || counts.high > 0 || counts.medium > 0;
+        return {
+            target,
+            format,
+            isDirectory,
+            findings: filtered,
+            score,
+            summary: hasIssues
+                ? `存在安全风险 (${score.level}级/${score.total}分) — ${parts.join('; ')}`
+                : `安全 (${score.level}级/${score.total}分) — ${parts.join('; ')}`,
+            timestamp: new Date().toISOString(),
+        };
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/audit/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/audit/index.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,gCAAgC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAElE;;;;;;;;;GASG;AACH,MAAM,OAAO,WAAW;IACL,OAAO,CAAyB;IAEjD,YAAY,UAAwB,EAAE;QACpC,IAAI,CAAC,OAAO,GAAG;YACb,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,MAAM;YAC1C,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,KAAK;SAC1C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,UAAU,CACR,KAAwB,EACxB,QAAgB,EAChB,MAAe;QAEf,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QACnE,MAAM,QAAQ,GAAmB,EAAE,CAAC;QAEpC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;gBAC9C,QAAQ,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,KAAK;oBACT,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,YAAY,OAAO,CAAC,EAAE,QAAQ;oBACrC,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC;oBACxB,QAAQ;oBACR,cAAc,EAAE,mBAAmB;iBACpC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,IAAI,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;IAC5F,CAAC;IAED;;OAEG;IACH,cAAc,CACZ,KAAwB,EACxB,QAAgB,EAChB,aAAqB,EACrB,MAAe;QAEf,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QACnE,MAAM,QAAQ,GAAmB,EAAE,CAAC;QAEpC,kDAAkD;QAClD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;gBACnD,QAAQ,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,KAAK;oBACT,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,YAAY,OAAO,CAAC,EAAE,QAAQ;oBACrC,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC;oBACxB,QAAQ,EAAE,aAAa;oBACvB,cAAc,EAAE,mBAAmB;iBACpC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,iCAAiC;QACjC,MAAM,UAAU,GAAG,IAAI,gBAAgB,EAAE,CAAC;QAC1C,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,UAAU,CAAC,cAAc,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;YACvE,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;QAChC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,gCAAgC;QAClC,CAAC;QAED,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,IAAI,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;IAC3F,CAAC;IAED;;OAEG;IACH,GAAG,CACD,KAAwB,EACxB,QAAgB,EAChB,WAAoB;QAEpB,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,MAAmB;QAChC,OAAO,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAmB,EAAE,MAAM,GAAG,IAAI;QAC7C,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAC9D,CAAC;IAEO,eAAe,CAAC,MAAkB;QACxC,MAAM,GAAG,GAAG,WAAW,EAAE,CAAC;QAC1B,IAAI,QAAQ,GAAG,GAAG,CAAC;QAEnB,2BAA2B;QAC3B,QAAQ,GAAG,QAAQ,CAAC,MAAM,CACxB,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,CAAC,gBAAgB;YACnB,CAAC,CAAC,gBAAgB,CAAC,MAAM,KAAK,CAAC;YAC/B,CAAC,CAAC,gBAAgB,CAAC,QAAQ,CAAC,MAAM,CAAC,CACtC,CAAC;QAEF,2CAA2C;QAC3C,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAC1E,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,WAAW,CACjB,QAAwB,EACxB,MAAc,EACd,MAAkB,EAClB,WAAoB;QAEpB,wBAAwB;QACxB,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAChE,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACrC,MAAM,GAAG,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC/C,OAAO,GAAG,IAAI,MAAM,CAAC,CAAC,gCAAgC;QACxD,CAAC,CAAC,CAAC;QAEH,oBAAoB;QACpB,MAAM,MAAM,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACpE,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvB,CAAC;QAED,MAAM,KAAK,GAAG,YAAY,CACxB,MAAM,CAAC,QAAQ,EACf,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,GAAG,EACV,MAAM,CAAC,IAAI,CACZ,CAAC;QAEF,mBAAmB;QACnB,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC9B,CAAC;aAAM,CAAC;YACN,IAAI,MAAM,CAAC,QAAQ,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,MAAM,MAAM,CAAC,QAAQ,QAAQ,CAAC,CAAC;YACnE,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,MAAM,MAAM,CAAC,IAAI,QAAQ,CAAC,CAAC;YAC3D,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,MAAM,MAAM,CAAC,MAAM,QAAQ,CAAC,CAAC;YAC/D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,KAAK,QAAQ,CAAC,MAAM,MAAM,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,GAAG,CAAC,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;QAE9E,OAAO;YACL,MAAM;YACN,MAAM;YACN,WAAW;YACX,QAAQ,EAAE,QAAQ;YAClB,KAAK;YACL,OAAO,EAAE,SAAS;gBAChB,CAAC,CAAC,WAAW,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,QAAQ,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;gBAClE,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,KAAK,QAAQ,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAChE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;IACJ,CAAC;CACF"}

package/dist/audit/reporter/console-reporter.d.ts

@@ -0,0 +1,4 @@
+import type { AuditReport } from '../auditor.interface.js';
+/** Render findings grouped by file, with severity coloring */
+export declare function renderConsoleReport(report: AuditReport): string;
+//# sourceMappingURL=console-reporter.d.ts.map

package/dist/audit/reporter/console-reporter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"console-reporter.d.ts","sourceRoot":"","sources":["../../../src/audit/reporter/console-reporter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAA0B,MAAM,yBAAyB,CAAC;AAqBnF,8DAA8D;AAC9D,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,WAAW,GAAG,MAAM,CA2E/D"}

package/dist/audit/reporter/console-reporter.js

@@ -0,0 +1,107 @@
+import { SEVERITY_LABELS } from '../auditor.interface.js';
+const COLORS = {
+    critical: '\x1b[1;31m', // bold red
+    high: '\x1b[33m', // yellow/orange
+    medium: '\x1b[93m', // bright yellow
+    low: '\x1b[32m', // green
+    info: '\x1b[36m', // cyan
+};
+const RESET = '\x1b[0m';
+const BOLD = '\x1b[1m';
+const DIM = '\x1b[2m';
+const GRAY = '\x1b[90m';
+const HEADER_BG = '\x1b[44m'; // blue bg
+const HEADER_FG = '\x1b[37m'; // white fg
+const RED_BG = '\x1b[41m';
+const YELLOW_BG = '\x1b[43m';
+const GREEN_BG = '\x1b[42m';
+/** Render findings grouped by file, with severity coloring */
+export function renderConsoleReport(report) {
+    const lines = [];
+    // ── Header box ──
+    const width = 50;
+    lines.push('');
+    lines.push(formatSeparator('═', width, HEADER_BG, HEADER_FG));
+    lines.push(padCenter('  🔍 TransSkill Security Audit', width));
+    lines.push(formatSeparator('─', width, DIM));
+    lines.push(padCenter(`  Target: ${report.target}`, width));
+    lines.push(padCenter(`  Format: ${report.format}${report.isDirectory ? ' (directory)' : ''}`, width));
+    lines.push(formatSeparator('═', width, HEADER_BG, HEADER_FG));
+    lines.push('');
+    // ── Group findings by filePath ──
+    const grouped = groupBy(report.findings, (f) => f.filePath);
+    for (const [filePath, findings] of Object.entries(grouped)) {
+        lines.push(`  ${BOLD}📄 ${filePath}${RESET}`);
+        lines.push('');
+        for (const finding of findings) {
+            const color = COLORS[finding.severity];
+            const label = SEVERITY_LABELS[finding.severity];
+            const loc = finding.lineNumber ? ` (line ${finding.lineNumber})` : '';
+            lines.push(`    ${color}${finding.id}${RESET}  ${BOLD}${finding.title}${RESET}${loc}`);
+            if (finding.snippet) {
+                lines.push(`       ${GRAY}→ ${finding.snippet}${RESET}`);
+            }
+            if (finding.recommendation) {
+                lines.push(`       ${GRAY}💡 ${finding.recommendation}${RESET}`);
+            }
+            lines.push('');
+        }
+    }
+    // ── Score box ──
+    const score = report.score;
+    const totalWidth = 50;
+    lines.push(formatSeparator('━', totalWidth, DIM));
+    lines.push('');
+    // Score badge
+    const scoreColor = score.level === 'A' || score.level === 'B'
+        ? GREEN_BG
+        : score.level === 'C'
+            ? YELLOW_BG
+            : RED_BG;
+    const scoreStr = `  ${BOLD}📊 安全评分: ${score.total}/100 (${score.level}级)${RESET}`;
+    lines.push(`  ${scoreColor}${scoreStr}${RESET}`);
+    lines.push('');
+    lines.push(formatLine('🔴 Critical', score.critical, totalWidth));
+    lines.push(formatLine('🟠 High', score.high, totalWidth));
+    lines.push(formatLine('🟡 Medium', score.medium, totalWidth));
+    lines.push(formatLine('🟢 Low', score.low, totalWidth));
+    lines.push(formatLine('ℹ️ Info', score.info, totalWidth));
+    // Summary
+    if (score.level === 'A' || score.level === 'B') {
+        lines.push('');
+        lines.push(`  ${GREEN_BG}  ✅ ${report.summary}  ${RESET}`);
+    }
+    else {
+        lines.push('');
+        lines.push(`  ${RED_BG}  ⚠️  ${report.summary}  ${RESET}`);
+    }
+    lines.push(formatSeparator('━', totalWidth, DIM));
+    lines.push('');
+    return lines.join('\n');
+}
+// ── Helpers ──
+function formatLine(label, count, totalWidth) {
+    const countStr = `${count}`;
+    const padding = totalWidth - label.length - countStr.length - 4;
+    return `  ${label}${' '.repeat(Math.max(1, padding))}${countStr}`;
+}
+function padCenter(text, width) {
+    if (text.length >= width)
+        return text;
+    const pad = Math.floor((width - text.length) / 2);
+    return ' '.repeat(Math.max(0, pad)) + text;
+}
+function formatSeparator(char, width, ...styles) {
+    return styles.join('') + char.repeat(width) + RESET;
+}
+function groupBy(items, keyFn) {
+    const result = {};
+    for (const item of items) {
+        const key = keyFn(item);
+        if (!result[key])
+            result[key] = [];
+        result[key].push(item);
+    }
+    return result;
+}
+//# sourceMappingURL=console-reporter.js.map

package/dist/audit/reporter/console-reporter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"console-reporter.js","sourceRoot":"","sources":["../../../src/audit/reporter/console-reporter.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAE1D,MAAM,MAAM,GAA6B;IACvC,QAAQ,EAAE,YAAY,EAAE,WAAW;IACnC,IAAI,EAAE,UAAU,EAAQ,gBAAgB;IACxC,MAAM,EAAE,UAAU,EAAM,gBAAgB;IACxC,GAAG,EAAE,UAAU,EAAS,QAAQ;IAChC,IAAI,EAAE,UAAU,EAAQ,OAAO;CAChC,CAAC;AACF,MAAM,KAAK,GAAG,SAAS,CAAC;AACxB,MAAM,IAAI,GAAG,SAAS,CAAC;AACvB,MAAM,GAAG,GAAG,SAAS,CAAC;AACtB,MAAM,IAAI,GAAG,UAAU,CAAC;AAExB,MAAM,SAAS,GAAG,UAAU,CAAC,CAAE,UAAU;AACzC,MAAM,SAAS,GAAG,UAAU,CAAC,CAAE,WAAW;AAC1C,MAAM,MAAM,GAAG,UAAU,CAAC;AAC1B,MAAM,SAAS,GAAG,UAAU,CAAC;AAC7B,MAAM,QAAQ,GAAG,UAAU,CAAC;AAE5B,8DAA8D;AAC9D,MAAM,UAAU,mBAAmB,CAAC,MAAmB;IACrD,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,mBAAmB;IACnB,MAAM,KAAK,GAAG,EAAE,CAAC;IACjB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9D,KAAK,CAAC,IAAI,CACR,SAAS,CAAC,gCAAgC,EAAE,KAAK,CAAC,CACnD,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;IAC7C,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,MAAM,CAAC,MAAM,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;IAC3D,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;IACtG,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;IAC9D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,mCAAmC;IACnC,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAE5D,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,MAAM,QAAQ,GAAG,KAAK,EAAE,CAAC,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACvC,MAAM,KAAK,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,OAAO,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAEtE,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,GAAG,OAAO,CAAC,EAAE,GAAG,KAAK,KAAK,IAAI,GAAG,OAAO,CAAC,KAAK,GAAG,KAAK,GAAG,GAAG,EAAE,CAAC,CAAC;YAEvF,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACpB,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,KAAK,OAAO,CAAC,OAAO,GAAG,KAAK,EAAE,CAAC,CAAC;YAC3D,CAAC;YACD,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;gBAC3B,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,MAAM,OAAO,CAAC,cAAc,GAAG,KAAK,EAAE,CAAC,CAAC;YACnE,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,kBAAkB;IAClB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;IAC3B,MAAM,UAAU,GAAG,EAAE,CAAC;IAEtB,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC;IAClD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,cAAc;IACd,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,KAAK,GAAG,IAAI,KAAK,CAAC,KAAK,KAAK,GAAG;QAC3D,CAAC,CAAC,QAAQ;QACV,CAAC,CAAC,KAAK,CAAC,KAAK,KAAK,GAAG;YACnB,CAAC,CAAC,SAAS;YACX,CAAC,CAAC,MAAM,CAAC;IACb,MAAM,QAAQ,GAAG,KAAK,IAAI,YAAY,KAAK,CAAC,KAAK,SAAS,KAAK,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;IAClF,KAAK,CAAC,IAAI,CAAC,KAAK,UAAU,GAAG,QAAQ,GAAG,KAAK,EAAE,CAAC,CAAC;IACjD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,aAAa,EAAE,KAAK,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC;IAClE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;IAC9D,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,KAAK,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;IAE1D,UAAU;IACV,IAAI,KAAK,CAAC,KAAK,KAAK,GAAG,IAAI,KAAK,CAAC,KAAK,KAAK,GAAG,EAAE,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,QAAQ,OAAO,MAAM,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC,CAAC;IAC7D,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,SAAS,MAAM,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC,CAAC;IAC7D,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC,CAAC;IAClD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,gBAAgB;AAEhB,SAAS,UAAU,CAAC,KAAa,EAAE,KAAa,EAAE,UAAkB;IAClE,MAAM,QAAQ,GAAG,GAAG,KAAK,EAAE,CAAC;IAC5B,MAAM,OAAO,GAAG,UAAU,GAAG,KAAK,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;IAChE,OAAO,KAAK,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,GAAG,QAAQ,EAAE,CAAC;AACpE,CAAC;AAED,SAAS,SAAS,CAAC,IAAY,EAAE,KAAa;IAC5C,IAAI,IAAI,CAAC,MAAM,IAAI,KAAK;QAAE,OAAO,IAAI,CAAC;IACtC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;IAClD,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC;AAC7C,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,KAAa,EAAE,GAAG,MAAgB;IACvE,OAAO,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC;AACtD,CAAC;AAED,SAAS,OAAO,CAAI,KAAU,EAAE,KAA0B;IACxD,MAAM,MAAM,GAAwB,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;QACxB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/audit/rules/dangerous-commands.d.ts

@@ -0,0 +1,15 @@
+import type { Severity } from '../auditor.interface.js';
+export interface CommandRule {
+    id: string;
+    pattern: RegExp;
+    severity: Severity;
+    description: string;
+    recommendation: string;
+    cwe?: string;
+}
+/**
+ * Rules for detecting dangerous shell commands and patterns
+ * in agent skill instructions.
+ */
+export declare const DANGEROUS_COMMAND_RULES: CommandRule[];
+//# sourceMappingURL=dangerous-commands.d.ts.map

package/dist/audit/rules/dangerous-commands.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dangerous-commands.d.ts","sourceRoot":"","sources":["../../../src/audit/rules/dangerous-commands.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAExD,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,eAAO,MAAM,uBAAuB,EAAE,WAAW,EA8LhD,CAAC"}

package/dist/audit/rules/dangerous-commands.js

@@ -0,0 +1,189 @@
+/**
+ * Rules for detecting dangerous shell commands and patterns
+ * in agent skill instructions.
+ */
+export const DANGEROUS_COMMAND_RULES = [
+    // ── System destruction ──
+    {
+        id: 'L1-001a',
+        pattern: /rm\s+-rf\s+(\/|\/\*|~\/?\*?)/i,
+        severity: 'critical',
+        description: '递归强制删除系统根目录或 home 目录，可能导致系统崩溃',
+        recommendation: '移除 rm -rf 指令，使用更安全的临时目录清理方式',
+        cwe: 'CWE-22',
+    },
+    {
+        id: 'L1-001b',
+        pattern: /\b(?:mkfs|format)\s+/i,
+        severity: 'critical',
+        description: '格式化磁盘指令，可能导致数据永久丢失',
+        recommendation: '不要在 skill 中包含格式化磁盘的指令',
+        cwe: 'CWE-22',
+    },
+    {
+        id: 'L1-001c',
+        pattern: /\bshutdown\b|\bpoweroff\b|\breboot\b|:\(\)\s*\{[^}]*\}:\s*;/i,
+        severity: 'critical',
+        description: '关机/重启命令或 fork bomb，可导致拒绝服务',
+        recommendation: '移除所有关机/重启/fork bomb 指令',
+        cwe: 'CWE-835',
+    },
+    // ── Privilege escalation ──
+    {
+        id: 'L1-001d',
+        pattern: /\bsudo\s+(?!apt\b|-u\s+\w+\s+(?:echo|printf|true)\b)/i,
+        severity: 'critical',
+        description: '使用 sudo 提权执行操作',
+        recommendation: '避免在 skill 中使用 sudo，如需安装依赖应提示用户手动操作',
+        cwe: 'CWE-269',
+    },
+    {
+        id: 'L1-001e',
+        pattern: /\bchmod\s+777\b/i,
+        severity: 'high',
+        description: '将文件权限设为 777（任何人可读写执行）',
+        recommendation: '使用最小必要权限，如 chmod 755 或 chmod 644',
+        cwe: 'CWE-732',
+    },
+    {
+        id: 'L1-001f',
+        pattern: /\bchown\s+(?!\$\w+)/i,
+        severity: 'high',
+        description: '修改文件所有者，可能存在权限提升风险',
+        recommendation: '避免在 skill 中自动修改文件所有者',
+        cwe: 'CWE-732',
+    },
+    // ── Remote code execution ──
+    {
+        id: 'L1-002a',
+        pattern: /(?:curl|wget)\s+(?:-s\s*|-q\s*|--silent\s*|--quiet\s*)?['"]?(?:https?:\/\/)?[^\s'"]+?\s*[|;`]\s*(?:sh|bash|zsh|python|node)\b/i,
+        severity: 'critical',
+        description: '从网络下载脚本并直接执行（管道到 shell），典型的远程代码执行模式',
+        recommendation: '不要从不可信来源下载并执行脚本，建议使用包管理器安装',
+        cwe: 'CWE-494',
+    },
+    {
+        id: 'L1-002b',
+        pattern: /\b(?:eval|exec)\s*\(/i,
+        severity: 'critical',
+        description: '动态代码执行函数调用，可能被用于执行任意代码',
+        recommendation: '避免使用 eval/exec，使用更安全的替代方案',
+        cwe: 'CWE-95',
+    },
+    {
+        id: 'L1-002c',
+        pattern: /\b(?:subprocess|Popen|execSync|execFile)\b/i,
+        severity: 'high',
+        description: '子进程创建/代码执行调用',
+        recommendation: '审查子进程调用的参数，确保没有注入风险',
+        cwe: 'CWE-78',
+    },
+    {
+        id: 'L1-002d',
+        pattern: /\b(?:Invoke-Expression|iex)\b/i,
+        severity: 'critical',
+        description: 'PowerShell 动态代码执行',
+        recommendation: '避免使用 Invoke-Expression，使用安全的替代方案',
+        cwe: 'CWE-95',
+    },
+    {
+        id: 'L1-002e',
+        pattern: /spawn\s*\(/i,
+        severity: 'high',
+        description: '子进程创建（spawn），可能执行任意命令',
+        recommendation: '审查 spawn 调用的参数是否安全',
+        cwe: 'CWE-78',
+    },
+    // ── Network exfiltration ──
+    {
+        id: 'L1-003a',
+        pattern: /(?:curl|wget)\s+.*?(?:-d\b|--data\b|--data-raw\b|--post-file\b|--upload-file\b)/i,
+        severity: 'critical',
+        description: '通过 HTTP 请求向外发送数据，可能用于数据窃取',
+        recommendation: '审查数据发送操作，确保不包含敏感信息',
+        cwe: 'CWE-201',
+    },
+    {
+        id: 'L1-003b',
+        pattern: /\b(?:nc|ncat)\s+/i,
+        severity: 'high',
+        description: '使用 netcat 建立网络连接，可被用于反向 shell 或数据窃取',
+        recommendation: '避免在 skill 中使用 nc/ncat',
+        cwe: 'CWE-201',
+    },
+    // ── SSH / key compromise ──
+    {
+        id: 'L1-004a',
+        pattern: /(?:cat|type)\s+.*(?:id_rsa|id_ed25519|\.ssh|\.pem|secret|token|\.env)/i,
+        severity: 'high',
+        description: '读取 SSH 私钥、令牌或环境变量文件，可能导致凭证泄露',
+        recommendation: '不要读取或共享敏感凭证文件',
+        cwe: 'CWE-522',
+    },
+    {
+        id: 'L1-004b',
+        pattern: /(?:>>?)\s*.*(?:id_rsa|authorized_keys|\.ssh)/i,
+        severity: 'critical',
+        description: '向 SSH 配置目录写入内容，可能安装后门持久化',
+        recommendation: '禁止向 SSH 配置目录写入内容',
+        cwe: 'CWE-276',
+    },
+    // ── Dangerous git operations ──
+    {
+        id: 'L1-005a',
+        pattern: /git\s+push\s+.*--force/i,
+        severity: 'medium',
+        description: '强制推送 git 历史，可能覆盖远程分支',
+        recommendation: '避免使用 --force 推送，使用 --force-with-lease 替代',
+        cwe: 'CWE-348',
+    },
+    {
+        id: 'L1-005b',
+        pattern: /git\s+.*--config\s+(?:credential|user\.(?:email|name))/i,
+        severity: 'low',
+        description: '修改 git 凭证或用户配置',
+        recommendation: '不要在 skill 中修改 git 配置',
+    },
+    // ── Environment / secrets ──
+    {
+        id: 'L1-006a',
+        pattern: /\$(?:SECRET|TOKEN|API_KEY|PASSWORD|PASSWD|CREDENTIALS|AUTH)\b/i,
+        severity: 'medium',
+        description: '引用环境变量中的敏感信息（API Key、Token、密码）',
+        recommendation: '避免在 skill 中暴露敏感环境变量名',
+        cwe: 'CWE-200',
+    },
+    {
+        id: 'L1-006b',
+        pattern: /export\s+\w+=(?:(?!["']\w).)*[A-Za-z0-9+/=]{40,}/i,
+        severity: 'high',
+        description: 'export 命令中包含疑似 Token/Key 的长字符串',
+        recommendation: '不要在 skill 中硬编码密钥，使用环境变量引用',
+        cwe: 'CWE-798',
+    },
+    // ── Misc dangerous patterns ──
+    {
+        id: 'L1-007a',
+        pattern: /\bnpm\s+publish\b/i,
+        severity: 'medium',
+        description: '自动发布 npm 包，可能导致意外发布',
+        recommendation: '避免自动发布命令，使用手动确认',
+    },
+    {
+        id: 'L1-007b',
+        pattern: /\bdangerouslySetInnerHTML\b/i,
+        severity: 'medium',
+        description: 'React 危险 HTML 渲染，可能导致 XSS',
+        recommendation: '避免使用 dangerouslySetInnerHTML，使用安全渲染',
+        cwe: 'CWE-79',
+    },
+    {
+        id: 'L1-007c',
+        pattern: /(?:innerHTML|outerHTML)\s*=.*(?:document|cookie|localStorage)/i,
+        severity: 'high',
+        description: '直接操作 DOM 可能导致 XSS 攻击',
+        recommendation: '使用安全的 DOM 操作方式',
+        cwe: 'CWE-79',
+    },
+];
+//# sourceMappingURL=dangerous-commands.js.map

package/dist/audit/rules/dangerous-commands.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dangerous-commands.js","sourceRoot":"","sources":["../../../src/audit/rules/dangerous-commands.ts"],"names":[],"mappings":"AAWA;;;GAGG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAkB;IACpD,2BAA2B;IAC3B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,+BAA+B;QAC5C,cAAc,EAAE,6BAA6B;QAC7C,GAAG,EAAE,QAAQ;KACd;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,oBAAoB;QACjC,cAAc,EAAE,uBAAuB;QACvC,GAAG,EAAE,QAAQ;KACd;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,4BAA4B;QACzC,cAAc,EAAE,wBAAwB;QACxC,GAAG,EAAE,SAAS;KACf;IAED,6BAA6B;IAC7B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,uDAAuD;QAChE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gBAAgB;QAC7B,cAAc,EAAE,oCAAoC;QACpD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,kBAAkB;QAC3B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,uBAAuB;QACpC,cAAc,EAAE,kCAAkC;QAClD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,oBAAoB;QACjC,cAAc,EAAE,sBAAsB;QACtC,GAAG,EAAE,SAAS;KACf;IAED,8BAA8B;IAC9B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,gIAAgI;QACzI,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,qCAAqC;QAClD,cAAc,EAAE,4BAA4B;QAC5C,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wBAAwB;QACrC,cAAc,EAAE,2BAA2B;QAC3C,GAAG,EAAE,QAAQ;KACd;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,cAAc;QAC3B,cAAc,EAAE,qBAAqB;QACrC,GAAG,EAAE,QAAQ;KACd;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,gCAAgC;QACzC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,mBAAmB;QAChC,cAAc,EAAE,kCAAkC;QAClD,GAAG,EAAE,QAAQ;KACd;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,aAAa;QACtB,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,uBAAuB;QACpC,cAAc,EAAE,oBAAoB;QACpC,GAAG,EAAE,QAAQ;KACd;IAED,6BAA6B;IAC7B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,kFAAkF;QAC3F,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2BAA2B;QACxC,cAAc,EAAE,oBAAoB;QACpC,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,mBAAmB;QAC5B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,qCAAqC;QAClD,cAAc,EAAE,uBAAuB;QACvC,GAAG,EAAE,SAAS;KACf;IAED,6BAA6B;IAC7B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,wEAAwE;QACjF,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,8BAA8B;QAC3C,cAAc,EAAE,eAAe;QAC/B,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,0BAA0B;QACvC,cAAc,EAAE,kBAAkB;QAClC,GAAG,EAAE,SAAS;KACf;IAED,iCAAiC;IACjC;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,yBAAyB;QAClC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,sBAAsB;QACnC,cAAc,EAAE,0CAA0C;QAC1D,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,yDAAyD;QAClE,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,gBAAgB;QAC7B,cAAc,EAAE,sBAAsB;KACvC;IAED,8BAA8B;IAC9B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,gCAAgC;QAC7C,cAAc,EAAE,sBAAsB;QACtC,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,mDAAmD;QAC5D,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,gCAAgC;QAC7C,cAAc,EAAE,2BAA2B;QAC3C,GAAG,EAAE,SAAS;KACf;IAED,gCAAgC;IAChC;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,oBAAoB;QAC7B,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,qBAAqB;QAClC,cAAc,EAAE,iBAAiB;KAClC;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,8BAA8B;QACvC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,2BAA2B;QACxC,cAAc,EAAE,qCAAqC;QACrD,GAAG,EAAE,QAAQ;KACd;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,sBAAsB;QACnC,cAAc,EAAE,gBAAgB;QAChC,GAAG,EAAE,QAAQ;KACd;CACF,CAAC"}

package/dist/audit/rules/prompt-injection.d.ts

@@ -0,0 +1,15 @@
+import type { Severity } from '../auditor.interface.js';
+export interface PromptInjectionRule {
+    id: string;
+    pattern: RegExp;
+    severity: Severity;
+    description: string;
+    recommendation: string;
+    cwe?: string;
+}
+/**
+ * Rules for detecting prompt injection and system override attempts
+ * in agent skill instructions.
+ */
+export declare const PROMPT_INJECTION_RULES: PromptInjectionRule[];
+//# sourceMappingURL=prompt-injection.d.ts.map

package/dist/audit/rules/prompt-injection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt-injection.d.ts","sourceRoot":"","sources":["../../../src/audit/rules/prompt-injection.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAExD,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED;;;GAGG;AACH,eAAO,MAAM,sBAAsB,EAAE,mBAAmB,EA6DvD,CAAC"}

package/dist/audit/rules/prompt-injection.js

@@ -0,0 +1,65 @@
+/**
+ * Rules for detecting prompt injection and system override attempts
+ * in agent skill instructions.
+ */
+export const PROMPT_INJECTION_RULES = [
+    // ── System override attempts ──
+    {
+        id: 'L1-010a',
+        pattern: /ignore\s+(?:all\s+)?(?:previous|above|your|my|the)\s+(?:instructions?|directives?|rules?|commands?|prompts?|orders?)/i,
+        severity: 'high',
+        description: '尝试覆盖/忽略系统指令，典型的 prompt 注入模式',
+        recommendation: '正常 skill 不应要求忽略已有指令',
+        cwe: 'CWE-940',
+    },
+    {
+        id: 'L1-010b',
+        pattern: /(?:SYSTEM|SYS)\s*(?:OVERRIDE|MODE|PROMPT|COMMAND)[:\s]/i,
+        severity: 'high',
+        description: '模拟系统级指令覆盖，可能是恶意注入',
+        recommendation: '正常 skill 不应模拟系统指令',
+        cwe: 'CWE-940',
+    },
+    {
+        id: 'L1-010c',
+        pattern: /\byou\s+(?:are\s+)?(?:now|must|will|should)\s+(?!be|not|only|able)(?:a\s+)?(?:free|released|unleashed|unconstrained|uncensored|unfiltered|ungoverned|unrestricted)\b/i,
+        severity: 'high',
+        description: '尝试"释放"AI 约束，典型 jailbreak 模式',
+        recommendation: '合法 skill 不应试图解除 AI 约束',
+        cwe: 'CWE-940',
+    },
+    {
+        id: 'L1-010d',
+        pattern: /\b(?:disregard|forget|erase|delete|remove|overwrite)\s+(?:all|previous|above|the)\s+(?:instructions?|rules?|context|memory|prompts?)/i,
+        severity: 'high',
+        description: '试图清除 AI 上下文或记忆',
+        recommendation: '正常 skill 不应要求清除上下文或记忆',
+        cwe: 'CWE-940',
+    },
+    // ── Role manipulation ──
+    {
+        id: 'L1-010e',
+        pattern: /\byou\s+(?:are\s+)?(?:now\s+)?(?:DAN|Jail(?:brea)?k|GPT-\d+Override|Developer\s+Mode)\b/i,
+        severity: 'medium',
+        description: '引用已知 jailbreak 角色（如 DAN/Developer Mode）',
+        recommendation: '合法 skill 不应使用 jailbreak 角色设定',
+        cwe: 'CWE-940',
+    },
+    {
+        id: 'L1-010f',
+        pattern: /\boutput\s+(?:your\s+)?(?:system\s+)?(?:prompt|instructions?|rules?)\s+(?:verbatim|exactly|as\s+is|at\s+the\s+beginning)/i,
+        severity: 'medium',
+        description: '试图提取系统提示词，可能是信息收集行为',
+        recommendation: '正常 skill 不应尝试提取系统提示',
+        cwe: 'CWE-200',
+    },
+    // ── Urgency manipulation ──
+    {
+        id: 'L1-010g',
+        pattern: /\b(?:URGENT|IMPORTANT|CRITICAL|VITAL|ABSOLUTELY)\s*:\s*(?!NOTE|NOTEBOOK|REMINDER|ANNOUNCEMENT|UPDATE)/i,
+        severity: 'low',
+        description: '使用紧急/重要词汇引导 AI 行为（组合其他模式时风险更高）',
+        recommendation: '避免在 skill 中使用过度强调性语言引导 AI',
+    },
+];
+//# sourceMappingURL=prompt-injection.js.map

package/dist/audit/rules/prompt-injection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt-injection.js","sourceRoot":"","sources":["../../../src/audit/rules/prompt-injection.ts"],"names":[],"mappings":"AAWA;;;GAGG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAA0B;IAC3D,iCAAiC;IACjC;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,uHAAuH;QAChI,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6BAA6B;QAC1C,cAAc,EAAE,qBAAqB;QACrC,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,yDAAyD;QAClE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mBAAmB;QAChC,cAAc,EAAE,mBAAmB;QACnC,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,uKAAuK;QAChL,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6BAA6B;QAC1C,cAAc,EAAE,uBAAuB;QACvC,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,uIAAuI;QAChJ,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,gBAAgB;QAC7B,cAAc,EAAE,uBAAuB;QACvC,GAAG,EAAE,SAAS;KACf;IAED,0BAA0B;IAC1B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,0FAA0F;QACnG,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,yCAAyC;QACtD,cAAc,EAAE,8BAA8B;QAC9C,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,2HAA2H;QACpI,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,qBAAqB;QAClC,cAAc,EAAE,qBAAqB;QACrC,GAAG,EAAE,SAAS;KACf;IAED,6BAA6B;IAC7B;QACE,EAAE,EAAE,SAAS;QACb,OAAO,EAAE,wGAAwG;QACjH,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,gCAAgC;QAC7C,cAAc,EAAE,2BAA2B;KAC5C;CACF,CAAC"}

package/dist/audit/rules/suspicious-urls.d.ts

@@ -0,0 +1,14 @@
+import type { Severity } from '../auditor.interface.js';
+export interface UrlRule {
+    id: string;
+    pattern: RegExp;
+    severity: Severity;
+    description: string;
+    recommendation: string;
+}
+/**
+ * Rules for detecting suspicious URLs and network references
+ * in agent skill instructions.
+ */
+export declare const URL_PATTERNS: UrlRule[];
+//# sourceMappingURL=suspicious-urls.d.ts.map

package/dist/audit/rules/suspicious-urls.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"suspicious-urls.d.ts","sourceRoot":"","sources":["../../../src/audit/rules/suspicious-urls.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AAExD,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;;GAGG;AACH,eAAO,MAAM,YAAY,EAAE,OAAO,EAoCjC,CAAC"}