npm - vaspera - Versions diffs - 2.5.0 - Mend

vaspera 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (712) hide show

package/CHANGELOG.md +184 -0
package/LICENSE +21 -0
package/README.md +809 -0
package/dist/__tests__/integration/certification-flow.test.d.ts +5 -0
package/dist/__tests__/integration/certification-flow.test.d.ts.map +1 -0
package/dist/__tests__/integration/certification-flow.test.js +245 -0
package/dist/__tests__/integration/certification-flow.test.js.map +1 -0
package/dist/__tests__/integration/commands.test.d.ts +5 -0
package/dist/__tests__/integration/commands.test.d.ts.map +1 -0
package/dist/__tests__/integration/commands.test.js +93 -0
package/dist/__tests__/integration/commands.test.js.map +1 -0
package/dist/action/diff-mode.d.ts +34 -0
package/dist/action/diff-mode.d.ts.map +1 -0
package/dist/action/diff-mode.js +201 -0
package/dist/action/diff-mode.js.map +1 -0
package/dist/action/diff-mode.test.d.ts +5 -0
package/dist/action/diff-mode.test.d.ts.map +1 -0
package/dist/action/diff-mode.test.js +162 -0
package/dist/action/diff-mode.test.js.map +1 -0
package/dist/action/index.d.ts +10 -0
package/dist/action/index.d.ts.map +1 -0
package/dist/action/index.js +231 -0
package/dist/action/index.js.map +1 -0
package/dist/action/pr-comment.d.ts +30 -0
package/dist/action/pr-comment.d.ts.map +1 -0
package/dist/action/pr-comment.js +301 -0
package/dist/action/pr-comment.js.map +1 -0
package/dist/action/pr-comment.test.d.ts +5 -0
package/dist/action/pr-comment.test.d.ts.map +1 -0
package/dist/action/pr-comment.test.js +189 -0
package/dist/action/pr-comment.test.js.map +1 -0
package/dist/action/sarif-upload.d.ts +104 -0
package/dist/action/sarif-upload.d.ts.map +1 -0
package/dist/action/sarif-upload.js +188 -0
package/dist/action/sarif-upload.js.map +1 -0
package/dist/action/sarif-upload.test.d.ts +5 -0
package/dist/action/sarif-upload.test.d.ts.map +1 -0
package/dist/action/sarif-upload.test.js +206 -0
package/dist/action/sarif-upload.test.js.map +1 -0
package/dist/action/types.d.ts +104 -0
package/dist/action/types.d.ts.map +1 -0
package/dist/action/types.js +33 -0
package/dist/action/types.js.map +1 -0
package/dist/action/types.test.d.ts +5 -0
package/dist/action/types.test.d.ts.map +1 -0
package/dist/action/types.test.js +79 -0
package/dist/action/types.test.js.map +1 -0
package/dist/agents/agent-integrity.d.ts +111 -0
package/dist/agents/agent-integrity.d.ts.map +1 -0
package/dist/agents/agent-integrity.js +308 -0
package/dist/agents/agent-integrity.js.map +1 -0
package/dist/agents/agent-privacy.d.ts +68 -0
package/dist/agents/agent-privacy.d.ts.map +1 -0
package/dist/agents/agent-privacy.js +345 -0
package/dist/agents/agent-privacy.js.map +1 -0
package/dist/agents/exploit-chain.d.ts +64 -0
package/dist/agents/exploit-chain.d.ts.map +1 -0
package/dist/agents/exploit-chain.js +477 -0
package/dist/agents/exploit-chain.js.map +1 -0
package/dist/agents/exploit-chain.test.d.ts +5 -0
package/dist/agents/exploit-chain.test.d.ts.map +1 -0
package/dist/agents/exploit-chain.test.js +455 -0
package/dist/agents/exploit-chain.test.js.map +1 -0
package/dist/agents/index.d.ts +14 -0
package/dist/agents/index.d.ts.map +1 -0
package/dist/agents/index.js +19 -0
package/dist/agents/index.js.map +1 -0
package/dist/agents/logic-flaw-detector.d.ts +55 -0
package/dist/agents/logic-flaw-detector.d.ts.map +1 -0
package/dist/agents/logic-flaw-detector.js +454 -0
package/dist/agents/logic-flaw-detector.js.map +1 -0
package/dist/agents/zero-day-hunter.d.ts +69 -0
package/dist/agents/zero-day-hunter.d.ts.map +1 -0
package/dist/agents/zero-day-hunter.js +591 -0
package/dist/agents/zero-day-hunter.js.map +1 -0
package/dist/certification/artifacts.d.ts +21 -0
package/dist/certification/artifacts.d.ts.map +1 -0
package/dist/certification/artifacts.js +275 -0
package/dist/certification/artifacts.js.map +1 -0
package/dist/certification/autofix.d.ts +122 -0
package/dist/certification/autofix.d.ts.map +1 -0
package/dist/certification/autofix.js +476 -0
package/dist/certification/autofix.js.map +1 -0
package/dist/certification/badge.d.ts +56 -0
package/dist/certification/badge.d.ts.map +1 -0
package/dist/certification/badge.js +155 -0
package/dist/certification/badge.js.map +1 -0
package/dist/certification/cache.d.ts +121 -0
package/dist/certification/cache.d.ts.map +1 -0
package/dist/certification/cache.js +275 -0
package/dist/certification/cache.js.map +1 -0
package/dist/certification/cache.test.d.ts +5 -0
package/dist/certification/cache.test.d.ts.map +1 -0
package/dist/certification/cache.test.js +270 -0
package/dist/certification/cache.test.js.map +1 -0
package/dist/certification/consensus.d.ts +105 -0
package/dist/certification/consensus.d.ts.map +1 -0
package/dist/certification/consensus.js +353 -0
package/dist/certification/consensus.js.map +1 -0
package/dist/certification/consensus.test.d.ts +5 -0
package/dist/certification/consensus.test.d.ts.map +1 -0
package/dist/certification/consensus.test.js +342 -0
package/dist/certification/consensus.test.js.map +1 -0
package/dist/certification/index.d.ts +14 -0
package/dist/certification/index.d.ts.map +1 -0
package/dist/certification/index.js +14 -0
package/dist/certification/index.js.map +1 -0
package/dist/certification/rules.d.ts +89 -0
package/dist/certification/rules.d.ts.map +1 -0
package/dist/certification/rules.js +317 -0
package/dist/certification/rules.js.map +1 -0
package/dist/certification/sarif.d.ts +107 -0
package/dist/certification/sarif.d.ts.map +1 -0
package/dist/certification/sarif.js +191 -0
package/dist/certification/sarif.js.map +1 -0
package/dist/certification/store.d.ts +255 -0
package/dist/certification/store.d.ts.map +1 -0
package/dist/certification/store.js +835 -0
package/dist/certification/store.js.map +1 -0
package/dist/certification/store.test.d.ts +5 -0
package/dist/certification/store.test.d.ts.map +1 -0
package/dist/certification/store.test.js +468 -0
package/dist/certification/store.test.js.map +1 -0
package/dist/certification/summary.d.ts +72 -0
package/dist/certification/summary.d.ts.map +1 -0
package/dist/certification/summary.js +296 -0
package/dist/certification/summary.js.map +1 -0
package/dist/certification/types.d.ts +138 -0
package/dist/certification/types.d.ts.map +1 -0
package/dist/certification/types.js +34 -0
package/dist/certification/types.js.map +1 -0
package/dist/commands/audits/api-check.d.ts +3 -0
package/dist/commands/audits/api-check.d.ts.map +1 -0
package/dist/commands/audits/api-check.js +71 -0
package/dist/commands/audits/api-check.js.map +1 -0
package/dist/commands/audits/deadcode.d.ts +3 -0
package/dist/commands/audits/deadcode.d.ts.map +1 -0
package/dist/commands/audits/deadcode.js +63 -0
package/dist/commands/audits/deadcode.js.map +1 -0
package/dist/commands/audits/deps.d.ts +3 -0
package/dist/commands/audits/deps.d.ts.map +1 -0
package/dist/commands/audits/deps.js +56 -0
package/dist/commands/audits/deps.js.map +1 -0
package/dist/commands/audits/errors.d.ts +3 -0
package/dist/commands/audits/errors.d.ts.map +1 -0
package/dist/commands/audits/errors.js +65 -0
package/dist/commands/audits/errors.js.map +1 -0
package/dist/commands/audits/index.d.ts +3 -0
package/dist/commands/audits/index.d.ts.map +1 -0
package/dist/commands/audits/index.js +15 -0
package/dist/commands/audits/index.js.map +1 -0
package/dist/commands/audits/perf.d.ts +3 -0
package/dist/commands/audits/perf.d.ts.map +1 -0
package/dist/commands/audits/perf.js +85 -0
package/dist/commands/audits/perf.js.map +1 -0
package/dist/commands/audits/secrets.d.ts +3 -0
package/dist/commands/audits/secrets.d.ts.map +1 -0
package/dist/commands/audits/secrets.js +71 -0
package/dist/commands/audits/secrets.js.map +1 -0
package/dist/commands/certification/certify.d.ts +3 -0
package/dist/commands/certification/certify.d.ts.map +1 -0
package/dist/commands/certification/certify.js +108 -0
package/dist/commands/certification/certify.js.map +1 -0
package/dist/commands/certification/index.d.ts +3 -0
package/dist/commands/certification/index.d.ts.map +1 -0
package/dist/commands/certification/index.js +17 -0
package/dist/commands/certification/index.js.map +1 -0
package/dist/commands/certification/performance.d.ts +3 -0
package/dist/commands/certification/performance.d.ts.map +1 -0
package/dist/commands/certification/performance.js +89 -0
package/dist/commands/certification/performance.js.map +1 -0
package/dist/commands/certification/quality.d.ts +3 -0
package/dist/commands/certification/quality.d.ts.map +1 -0
package/dist/commands/certification/quality.js +92 -0
package/dist/commands/certification/quality.js.map +1 -0
package/dist/commands/certification/redteam.d.ts +3 -0
package/dist/commands/certification/redteam.d.ts.map +1 -0
package/dist/commands/certification/redteam.js +114 -0
package/dist/commands/certification/redteam.js.map +1 -0
package/dist/commands/certification/reliability.d.ts +3 -0
package/dist/commands/certification/reliability.d.ts.map +1 -0
package/dist/commands/certification/reliability.js +93 -0
package/dist/commands/certification/reliability.js.map +1 -0
package/dist/commands/certification/security.d.ts +3 -0
package/dist/commands/certification/security.d.ts.map +1 -0
package/dist/commands/certification/security.js +90 -0
package/dist/commands/certification/security.js.map +1 -0
package/dist/commands/certification/typesafety.d.ts +3 -0
package/dist/commands/certification/typesafety.d.ts.map +1 -0
package/dist/commands/certification/typesafety.js +87 -0
package/dist/commands/certification/typesafety.js.map +1 -0
package/dist/commands/core/add-tests.d.ts +3 -0
package/dist/commands/core/add-tests.d.ts.map +1 -0
package/dist/commands/core/add-tests.js +29 -0
package/dist/commands/core/add-tests.js.map +1 -0
package/dist/commands/core/audit.d.ts +3 -0
package/dist/commands/core/audit.d.ts.map +1 -0
package/dist/commands/core/audit.js +64 -0
package/dist/commands/core/audit.js.map +1 -0
package/dist/commands/core/fix-critical.d.ts +3 -0
package/dist/commands/core/fix-critical.d.ts.map +1 -0
package/dist/commands/core/fix-critical.js +22 -0
package/dist/commands/core/fix-critical.js.map +1 -0
package/dist/commands/core/fix-high.d.ts +3 -0
package/dist/commands/core/fix-high.d.ts.map +1 -0
package/dist/commands/core/fix-high.js +32 -0
package/dist/commands/core/fix-high.js.map +1 -0
package/dist/commands/core/fix-medium.d.ts +3 -0
package/dist/commands/core/fix-medium.d.ts.map +1 -0
package/dist/commands/core/fix-medium.js +29 -0
package/dist/commands/core/fix-medium.js.map +1 -0
package/dist/commands/core/fix-rls.d.ts +3 -0
package/dist/commands/core/fix-rls.d.ts.map +1 -0
package/dist/commands/core/fix-rls.js +17 -0
package/dist/commands/core/fix-rls.js.map +1 -0
package/dist/commands/core/harden.d.ts +3 -0
package/dist/commands/core/harden.d.ts.map +1 -0
package/dist/commands/core/harden.js +19 -0
package/dist/commands/core/harden.js.map +1 -0
package/dist/commands/core/index.d.ts +3 -0
package/dist/commands/core/index.d.ts.map +1 -0
package/dist/commands/core/index.js +21 -0
package/dist/commands/core/index.js.map +1 -0
package/dist/commands/core/preflight.d.ts +3 -0
package/dist/commands/core/preflight.d.ts.map +1 -0
package/dist/commands/core/preflight.js +50 -0
package/dist/commands/core/preflight.js.map +1 -0
package/dist/commands/core/verify.d.ts +3 -0
package/dist/commands/core/verify.d.ts.map +1 -0
package/dist/commands/core/verify.js +32 -0
package/dist/commands/core/verify.js.map +1 -0
package/dist/commands/index.d.ts +28 -0
package/dist/commands/index.d.ts.map +1 -0
package/dist/commands/index.js +37 -0
package/dist/commands/index.js.map +1 -0
package/dist/commands/types.d.ts +9 -0
package/dist/commands/types.d.ts.map +1 -0
package/dist/commands/types.js +5 -0
package/dist/commands/types.js.map +1 -0
package/dist/compliance/cis.d.ts +29 -0
package/dist/compliance/cis.d.ts.map +1 -0
package/dist/compliance/cis.js +316 -0
package/dist/compliance/cis.js.map +1 -0
package/dist/compliance/frameworks/eu-ai-act.d.ts +55 -0
package/dist/compliance/frameworks/eu-ai-act.d.ts.map +1 -0
package/dist/compliance/frameworks/eu-ai-act.js +621 -0
package/dist/compliance/frameworks/eu-ai-act.js.map +1 -0
package/dist/compliance/frameworks/index.d.ts +67 -0
package/dist/compliance/frameworks/index.d.ts.map +1 -0
package/dist/compliance/frameworks/index.js +97 -0
package/dist/compliance/frameworks/index.js.map +1 -0
package/dist/compliance/frameworks/iso-42001.d.ts +59 -0
package/dist/compliance/frameworks/iso-42001.d.ts.map +1 -0
package/dist/compliance/frameworks/iso-42001.js +719 -0
package/dist/compliance/frameworks/iso-42001.js.map +1 -0
package/dist/compliance/frameworks/mitre-atlas.d.ts +58 -0
package/dist/compliance/frameworks/mitre-atlas.d.ts.map +1 -0
package/dist/compliance/frameworks/mitre-atlas.js +686 -0
package/dist/compliance/frameworks/mitre-atlas.js.map +1 -0
package/dist/compliance/frameworks/nist-ai-rmf.d.ts +51 -0
package/dist/compliance/frameworks/nist-ai-rmf.d.ts.map +1 -0
package/dist/compliance/frameworks/nist-ai-rmf.js +677 -0
package/dist/compliance/frameworks/nist-ai-rmf.js.map +1 -0
package/dist/compliance/frameworks/owasp-llm.d.ts +58 -0
package/dist/compliance/frameworks/owasp-llm.d.ts.map +1 -0
package/dist/compliance/frameworks/owasp-llm.js +399 -0
package/dist/compliance/frameworks/owasp-llm.js.map +1 -0
package/dist/compliance/gdpr.d.ts +34 -0
package/dist/compliance/gdpr.d.ts.map +1 -0
package/dist/compliance/gdpr.js +319 -0
package/dist/compliance/gdpr.js.map +1 -0
package/dist/compliance/hipaa.d.ts +29 -0
package/dist/compliance/hipaa.d.ts.map +1 -0
package/dist/compliance/hipaa.js +205 -0
package/dist/compliance/hipaa.js.map +1 -0
package/dist/compliance/index.d.ts +18 -0
package/dist/compliance/index.d.ts.map +1 -0
package/dist/compliance/index.js +26 -0
package/dist/compliance/index.js.map +1 -0
package/dist/compliance/iso27001.d.ts +30 -0
package/dist/compliance/iso27001.d.ts.map +1 -0
package/dist/compliance/iso27001.js +332 -0
package/dist/compliance/iso27001.js.map +1 -0
package/dist/compliance/mapper.d.ts +42 -0
package/dist/compliance/mapper.d.ts.map +1 -0
package/dist/compliance/mapper.js +269 -0
package/dist/compliance/mapper.js.map +1 -0
package/dist/compliance/mapper.test.d.ts +5 -0
package/dist/compliance/mapper.test.d.ts.map +1 -0
package/dist/compliance/mapper.test.js +360 -0
package/dist/compliance/mapper.test.js.map +1 -0
package/dist/compliance/pci-dss.d.ts +29 -0
package/dist/compliance/pci-dss.d.ts.map +1 -0
package/dist/compliance/pci-dss.js +247 -0
package/dist/compliance/pci-dss.js.map +1 -0
package/dist/compliance/report.d.ts +25 -0
package/dist/compliance/report.d.ts.map +1 -0
package/dist/compliance/report.js +254 -0
package/dist/compliance/report.js.map +1 -0
package/dist/compliance/report.test.d.ts +5 -0
package/dist/compliance/report.test.d.ts.map +1 -0
package/dist/compliance/report.test.js +128 -0
package/dist/compliance/report.test.js.map +1 -0
package/dist/compliance/soc2.d.ts +30 -0
package/dist/compliance/soc2.d.ts.map +1 -0
package/dist/compliance/soc2.js +262 -0
package/dist/compliance/soc2.js.map +1 -0
package/dist/compliance/soc2.test.d.ts +5 -0
package/dist/compliance/soc2.test.d.ts.map +1 -0
package/dist/compliance/soc2.test.js +86 -0
package/dist/compliance/soc2.test.js.map +1 -0
package/dist/compliance/types.d.ts +125 -0
package/dist/compliance/types.d.ts.map +1 -0
package/dist/compliance/types.js +10 -0
package/dist/compliance/types.js.map +1 -0
package/dist/config/flags.d.ts +456 -0
package/dist/config/flags.d.ts.map +1 -0
package/dist/config/flags.js +464 -0
package/dist/config/flags.js.map +1 -0
package/dist/config/index.d.ts +10 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +10 -0
package/dist/config/index.js.map +1 -0
package/dist/config/severity-overrides.d.ts +209 -0
package/dist/config/severity-overrides.d.ts.map +1 -0
package/dist/config/severity-overrides.js +380 -0
package/dist/config/severity-overrides.js.map +1 -0
package/dist/cost/index.d.ts +11 -0
package/dist/cost/index.d.ts.map +1 -0
package/dist/cost/index.js +12 -0
package/dist/cost/index.js.map +1 -0
package/dist/cost/pricing.d.ts +57 -0
package/dist/cost/pricing.d.ts.map +1 -0
package/dist/cost/pricing.js +196 -0
package/dist/cost/pricing.js.map +1 -0
package/dist/cost/pricing.test.d.ts +5 -0
package/dist/cost/pricing.test.d.ts.map +1 -0
package/dist/cost/pricing.test.js +195 -0
package/dist/cost/pricing.test.js.map +1 -0
package/dist/cost/tracker.d.ts +100 -0
package/dist/cost/tracker.d.ts.map +1 -0
package/dist/cost/tracker.js +366 -0
package/dist/cost/tracker.js.map +1 -0
package/dist/cost/tracker.test.d.ts +5 -0
package/dist/cost/tracker.test.d.ts.map +1 -0
package/dist/cost/tracker.test.js +360 -0
package/dist/cost/tracker.test.js.map +1 -0
package/dist/cost/types.d.ts +135 -0
package/dist/cost/types.d.ts.map +1 -0
package/dist/cost/types.js +9 -0
package/dist/cost/types.js.map +1 -0
package/dist/enterprise/auth/oidc.d.ts +231 -0
package/dist/enterprise/auth/oidc.d.ts.map +1 -0
package/dist/enterprise/auth/oidc.js +372 -0
package/dist/enterprise/auth/oidc.js.map +1 -0
package/dist/enterprise/auth/oidc.test.d.ts +5 -0
package/dist/enterprise/auth/oidc.test.d.ts.map +1 -0
package/dist/enterprise/auth/oidc.test.js +435 -0
package/dist/enterprise/auth/oidc.test.js.map +1 -0
package/dist/enterprise/index.d.ts +14 -0
package/dist/enterprise/index.d.ts.map +1 -0
package/dist/enterprise/index.js +19 -0
package/dist/enterprise/index.js.map +1 -0
package/dist/enterprise/integrations/chat.d.ts +205 -0
package/dist/enterprise/integrations/chat.d.ts.map +1 -0
package/dist/enterprise/integrations/chat.js +624 -0
package/dist/enterprise/integrations/chat.js.map +1 -0
package/dist/enterprise/integrations/chat.test.d.ts +5 -0
package/dist/enterprise/integrations/chat.test.d.ts.map +1 -0
package/dist/enterprise/integrations/chat.test.js +557 -0
package/dist/enterprise/integrations/chat.test.js.map +1 -0
package/dist/enterprise/integrations/ticketing.d.ts +257 -0
package/dist/enterprise/integrations/ticketing.d.ts.map +1 -0
package/dist/enterprise/integrations/ticketing.js +548 -0
package/dist/enterprise/integrations/ticketing.js.map +1 -0
package/dist/enterprise/integrations/ticketing.test.d.ts +5 -0
package/dist/enterprise/integrations/ticketing.test.d.ts.map +1 -0
package/dist/enterprise/integrations/ticketing.test.js +693 -0
package/dist/enterprise/integrations/ticketing.test.js.map +1 -0
package/dist/enterprise/policy/opa.d.ts +194 -0
package/dist/enterprise/policy/opa.d.ts.map +1 -0
package/dist/enterprise/policy/opa.js +385 -0
package/dist/enterprise/policy/opa.js.map +1 -0
package/dist/enterprise/policy/opa.test.d.ts +5 -0
package/dist/enterprise/policy/opa.test.d.ts.map +1 -0
package/dist/enterprise/policy/opa.test.js +702 -0
package/dist/enterprise/policy/opa.test.js.map +1 -0
package/dist/enterprise/signing/kms.d.ts +211 -0
package/dist/enterprise/signing/kms.d.ts.map +1 -0
package/dist/enterprise/signing/kms.js +480 -0
package/dist/enterprise/signing/kms.js.map +1 -0
package/dist/enterprise/signing/kms.test.d.ts +5 -0
package/dist/enterprise/signing/kms.test.d.ts.map +1 -0
package/dist/enterprise/signing/kms.test.js +511 -0
package/dist/enterprise/signing/kms.test.js.map +1 -0
package/dist/eval/fixtures.d.ts +58 -0
package/dist/eval/fixtures.d.ts.map +1 -0
package/dist/eval/fixtures.js +571 -0
package/dist/eval/fixtures.js.map +1 -0
package/dist/eval/fixtures.test.d.ts +5 -0
package/dist/eval/fixtures.test.d.ts.map +1 -0
package/dist/eval/fixtures.test.js +193 -0
package/dist/eval/fixtures.test.js.map +1 -0
package/dist/eval/harness.d.ts +30 -0
package/dist/eval/harness.d.ts.map +1 -0
package/dist/eval/harness.js +221 -0
package/dist/eval/harness.js.map +1 -0
package/dist/eval/harness.test.d.ts +5 -0
package/dist/eval/harness.test.d.ts.map +1 -0
package/dist/eval/harness.test.js +314 -0
package/dist/eval/harness.test.js.map +1 -0
package/dist/eval/index.d.ts +15 -0
package/dist/eval/index.d.ts.map +1 -0
package/dist/eval/index.js +18 -0
package/dist/eval/index.js.map +1 -0
package/dist/eval/metrics.d.ts +56 -0
package/dist/eval/metrics.d.ts.map +1 -0
package/dist/eval/metrics.js +298 -0
package/dist/eval/metrics.js.map +1 -0
package/dist/eval/metrics.test.d.ts +5 -0
package/dist/eval/metrics.test.d.ts.map +1 -0
package/dist/eval/metrics.test.js +426 -0
package/dist/eval/metrics.test.js.map +1 -0
package/dist/eval/report.d.ts +30 -0
package/dist/eval/report.d.ts.map +1 -0
package/dist/eval/report.js +333 -0
package/dist/eval/report.js.map +1 -0
package/dist/eval/report.test.d.ts +5 -0
package/dist/eval/report.test.d.ts.map +1 -0
package/dist/eval/report.test.js +275 -0
package/dist/eval/report.test.js.map +1 -0
package/dist/eval/types.d.ts +234 -0
package/dist/eval/types.d.ts.map +1 -0
package/dist/eval/types.js +27 -0
package/dist/eval/types.js.map +1 -0
package/dist/http-server.d.ts +3 -0
package/dist/http-server.d.ts.map +1 -0
package/dist/http-server.js +127 -0
package/dist/http-server.js.map +1 -0
package/dist/index.d.ts +33 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +4120 -0
package/dist/index.js.map +1 -0
package/dist/logger.d.ts +46 -0
package/dist/logger.d.ts.map +1 -0
package/dist/logger.js +131 -0
package/dist/logger.js.map +1 -0
package/dist/multimodel/consensus.d.ts +49 -0
package/dist/multimodel/consensus.d.ts.map +1 -0
package/dist/multimodel/consensus.js +454 -0
package/dist/multimodel/consensus.js.map +1 -0
package/dist/multimodel/consensus.test.d.ts +5 -0
package/dist/multimodel/consensus.test.d.ts.map +1 -0
package/dist/multimodel/consensus.test.js +415 -0
package/dist/multimodel/consensus.test.js.map +1 -0
package/dist/multimodel/index.d.ts +13 -0
package/dist/multimodel/index.d.ts.map +1 -0
package/dist/multimodel/index.js +14 -0
package/dist/multimodel/index.js.map +1 -0
package/dist/multimodel/runner.d.ts +95 -0
package/dist/multimodel/runner.d.ts.map +1 -0
package/dist/multimodel/runner.js +312 -0
package/dist/multimodel/runner.js.map +1 -0
package/dist/multimodel/runner.test.d.ts +5 -0
package/dist/multimodel/runner.test.d.ts.map +1 -0
package/dist/multimodel/runner.test.js +224 -0
package/dist/multimodel/runner.test.js.map +1 -0
package/dist/multimodel/types.d.ts +202 -0
package/dist/multimodel/types.d.ts.map +1 -0
package/dist/multimodel/types.js +10 -0
package/dist/multimodel/types.js.map +1 -0
package/dist/observability/index.d.ts +9 -0
package/dist/observability/index.d.ts.map +1 -0
package/dist/observability/index.js +9 -0
package/dist/observability/index.js.map +1 -0
package/dist/observability/otel.d.ts +102 -0
package/dist/observability/otel.d.ts.map +1 -0
package/dist/observability/otel.js +284 -0
package/dist/observability/otel.js.map +1 -0
package/dist/plugins/index.d.ts +10 -0
package/dist/plugins/index.d.ts.map +1 -0
package/dist/plugins/index.js +10 -0
package/dist/plugins/index.js.map +1 -0
package/dist/plugins/loader.d.ts +78 -0
package/dist/plugins/loader.d.ts.map +1 -0
package/dist/plugins/loader.js +470 -0
package/dist/plugins/loader.js.map +1 -0
package/dist/plugins/types.d.ts +304 -0
package/dist/plugins/types.d.ts.map +1 -0
package/dist/plugins/types.js +100 -0
package/dist/plugins/types.js.map +1 -0
package/dist/sbom/cyclonedx.d.ts +30 -0
package/dist/sbom/cyclonedx.d.ts.map +1 -0
package/dist/sbom/cyclonedx.js +392 -0
package/dist/sbom/cyclonedx.js.map +1 -0
package/dist/sbom/cyclonedx.test.d.ts +5 -0
package/dist/sbom/cyclonedx.test.d.ts.map +1 -0
package/dist/sbom/cyclonedx.test.js +244 -0
package/dist/sbom/cyclonedx.test.js.map +1 -0
package/dist/sbom/index.d.ts +13 -0
package/dist/sbom/index.d.ts.map +1 -0
package/dist/sbom/index.js +15 -0
package/dist/sbom/index.js.map +1 -0
package/dist/sbom/provenance.d.ts +37 -0
package/dist/sbom/provenance.d.ts.map +1 -0
package/dist/sbom/provenance.js +268 -0
package/dist/sbom/provenance.js.map +1 -0
package/dist/sbom/provenance.test.d.ts +5 -0
package/dist/sbom/provenance.test.d.ts.map +1 -0
package/dist/sbom/provenance.test.js +189 -0
package/dist/sbom/provenance.test.js.map +1 -0
package/dist/sbom/signing.d.ts +87 -0
package/dist/sbom/signing.d.ts.map +1 -0
package/dist/sbom/signing.js +354 -0
package/dist/sbom/signing.js.map +1 -0
package/dist/sbom/signing.test.d.ts +5 -0
package/dist/sbom/signing.test.d.ts.map +1 -0
package/dist/sbom/signing.test.js +170 -0
package/dist/sbom/signing.test.js.map +1 -0
package/dist/sbom/types.d.ts +384 -0
package/dist/sbom/types.d.ts.map +1 -0
package/dist/sbom/types.js +17 -0
package/dist/sbom/types.js.map +1 -0
package/dist/scanners/agent/credential-scope-audit.d.ts +40 -0
package/dist/scanners/agent/credential-scope-audit.d.ts.map +1 -0
package/dist/scanners/agent/credential-scope-audit.js +404 -0
package/dist/scanners/agent/credential-scope-audit.js.map +1 -0
package/dist/scanners/agent/exfil-path-graph.d.ts +50 -0
package/dist/scanners/agent/exfil-path-graph.d.ts.map +1 -0
package/dist/scanners/agent/exfil-path-graph.js +764 -0
package/dist/scanners/agent/exfil-path-graph.js.map +1 -0
package/dist/scanners/agent/index.d.ts +43 -0
package/dist/scanners/agent/index.d.ts.map +1 -0
package/dist/scanners/agent/index.js +616 -0
package/dist/scanners/agent/index.js.map +1 -0
package/dist/scanners/agent/manifest-audit.d.ts +43 -0
package/dist/scanners/agent/manifest-audit.d.ts.map +1 -0
package/dist/scanners/agent/manifest-audit.js +403 -0
package/dist/scanners/agent/manifest-audit.js.map +1 -0
package/dist/scanners/agent/payloads/index.d.ts +44 -0
package/dist/scanners/agent/payloads/index.d.ts.map +1 -0
package/dist/scanners/agent/payloads/index.js +184 -0
package/dist/scanners/agent/payloads/index.js.map +1 -0
package/dist/scanners/agent/permission-minimiser.d.ts +48 -0
package/dist/scanners/agent/permission-minimiser.d.ts.map +1 -0
package/dist/scanners/agent/permission-minimiser.js +551 -0
package/dist/scanners/agent/permission-minimiser.js.map +1 -0
package/dist/scanners/agent/prompt-injection-fuzzer.d.ts +39 -0
package/dist/scanners/agent/prompt-injection-fuzzer.d.ts.map +1 -0
package/dist/scanners/agent/prompt-injection-fuzzer.js +720 -0
package/dist/scanners/agent/prompt-injection-fuzzer.js.map +1 -0
package/dist/scanners/agent/sandbox-audit.d.ts +44 -0
package/dist/scanners/agent/sandbox-audit.d.ts.map +1 -0
package/dist/scanners/agent/sandbox-audit.js +425 -0
package/dist/scanners/agent/sandbox-audit.js.map +1 -0
package/dist/scanners/agent/supply-chain-mcp.d.ts +53 -0
package/dist/scanners/agent/supply-chain-mcp.d.ts.map +1 -0
package/dist/scanners/agent/supply-chain-mcp.js +479 -0
package/dist/scanners/agent/supply-chain-mcp.js.map +1 -0
package/dist/scanners/agent/tool-description-drift.d.ts +62 -0
package/dist/scanners/agent/tool-description-drift.d.ts.map +1 -0
package/dist/scanners/agent/tool-description-drift.js +365 -0
package/dist/scanners/agent/tool-description-drift.js.map +1 -0
package/dist/scanners/agent/types.d.ts +840 -0
package/dist/scanners/agent/types.d.ts.map +1 -0
package/dist/scanners/agent/types.js +149 -0
package/dist/scanners/agent/types.js.map +1 -0
package/dist/scanners/bandit.d.ts +25 -0
package/dist/scanners/bandit.d.ts.map +1 -0
package/dist/scanners/bandit.js +129 -0
package/dist/scanners/bandit.js.map +1 -0
package/dist/scanners/binary-analysis.d.ts +41 -0
package/dist/scanners/binary-analysis.d.ts.map +1 -0
package/dist/scanners/binary-analysis.js +587 -0
package/dist/scanners/binary-analysis.js.map +1 -0
package/dist/scanners/binary-analysis.test.d.ts +5 -0
package/dist/scanners/binary-analysis.test.d.ts.map +1 -0
package/dist/scanners/binary-analysis.test.js +291 -0
package/dist/scanners/binary-analysis.test.js.map +1 -0
package/dist/scanners/brakeman.d.ts +30 -0
package/dist/scanners/brakeman.d.ts.map +1 -0
package/dist/scanners/brakeman.js +271 -0
package/dist/scanners/brakeman.js.map +1 -0
package/dist/scanners/dependencies.d.ts +22 -0
package/dist/scanners/dependencies.d.ts.map +1 -0
package/dist/scanners/dependencies.js +202 -0
package/dist/scanners/dependencies.js.map +1 -0
package/dist/scanners/dependencies.test.d.ts +5 -0
package/dist/scanners/dependencies.test.d.ts.map +1 -0
package/dist/scanners/dependencies.test.js +185 -0
package/dist/scanners/dependencies.test.js.map +1 -0
package/dist/scanners/eslint.d.ts +25 -0
package/dist/scanners/eslint.d.ts.map +1 -0
package/dist/scanners/eslint.js +220 -0
package/dist/scanners/eslint.js.map +1 -0
package/dist/scanners/gosec.d.ts +25 -0
package/dist/scanners/gosec.d.ts.map +1 -0
package/dist/scanners/gosec.js +128 -0
package/dist/scanners/gosec.js.map +1 -0
package/dist/scanners/index.d.ts +128 -0
package/dist/scanners/index.d.ts.map +1 -0
package/dist/scanners/index.js +811 -0
package/dist/scanners/index.js.map +1 -0
package/dist/scanners/index.test.d.ts +5 -0
package/dist/scanners/index.test.d.ts.map +1 -0
package/dist/scanners/index.test.js +424 -0
package/dist/scanners/index.test.js.map +1 -0
package/dist/scanners/memory-safety.d.ts +44 -0
package/dist/scanners/memory-safety.d.ts.map +1 -0
package/dist/scanners/memory-safety.js +571 -0
package/dist/scanners/memory-safety.js.map +1 -0
package/dist/scanners/memory-safety.test.d.ts +5 -0
package/dist/scanners/memory-safety.test.d.ts.map +1 -0
package/dist/scanners/memory-safety.test.js +321 -0
package/dist/scanners/memory-safety.test.js.map +1 -0
package/dist/scanners/race-condition.d.ts +25 -0
package/dist/scanners/race-condition.d.ts.map +1 -0
package/dist/scanners/race-condition.js +443 -0
package/dist/scanners/race-condition.js.map +1 -0
package/dist/scanners/race-condition.test.d.ts +5 -0
package/dist/scanners/race-condition.test.d.ts.map +1 -0
package/dist/scanners/race-condition.test.js +428 -0
package/dist/scanners/race-condition.test.js.map +1 -0
package/dist/scanners/secrets.d.ts +25 -0
package/dist/scanners/secrets.d.ts.map +1 -0
package/dist/scanners/secrets.js +367 -0
package/dist/scanners/secrets.js.map +1 -0
package/dist/scanners/secrets.test.d.ts +5 -0
package/dist/scanners/secrets.test.d.ts.map +1 -0
package/dist/scanners/secrets.test.js +160 -0
package/dist/scanners/secrets.test.js.map +1 -0
package/dist/scanners/semgrep.d.ts +33 -0
package/dist/scanners/semgrep.d.ts.map +1 -0
package/dist/scanners/semgrep.js +350 -0
package/dist/scanners/semgrep.js.map +1 -0
package/dist/scanners/semgrep.test.d.ts +8 -0
package/dist/scanners/semgrep.test.d.ts.map +1 -0
package/dist/scanners/semgrep.test.js +254 -0
package/dist/scanners/semgrep.test.js.map +1 -0
package/dist/scanners/trivy.d.ts +26 -0
package/dist/scanners/trivy.d.ts.map +1 -0
package/dist/scanners/trivy.js +187 -0
package/dist/scanners/trivy.js.map +1 -0
package/dist/scanners/types.d.ts +210 -0
package/dist/scanners/types.d.ts.map +1 -0
package/dist/scanners/types.js +106 -0
package/dist/scanners/types.js.map +1 -0
package/dist/scanners/types.test.d.ts +5 -0
package/dist/scanners/types.test.d.ts.map +1 -0
package/dist/scanners/types.test.js +103 -0
package/dist/scanners/types.test.js.map +1 -0
package/dist/scanners/typescript.d.ts +32 -0
package/dist/scanners/typescript.d.ts.map +1 -0
package/dist/scanners/typescript.js +300 -0
package/dist/scanners/typescript.js.map +1 -0
package/dist/scanners/typescript.test.d.ts +5 -0
package/dist/scanners/typescript.test.d.ts.map +1 -0
package/dist/scanners/typescript.test.js +296 -0
package/dist/scanners/typescript.test.js.map +1 -0
package/dist/transcripts/index.d.ts +13 -0
package/dist/transcripts/index.d.ts.map +1 -0
package/dist/transcripts/index.js +17 -0
package/dist/transcripts/index.js.map +1 -0
package/dist/transcripts/logger.d.ts +190 -0
package/dist/transcripts/logger.d.ts.map +1 -0
package/dist/transcripts/logger.js +385 -0
package/dist/transcripts/logger.js.map +1 -0
package/dist/transcripts/logger.test.d.ts +5 -0
package/dist/transcripts/logger.test.d.ts.map +1 -0
package/dist/transcripts/logger.test.js +227 -0
package/dist/transcripts/logger.test.js.map +1 -0
package/dist/transcripts/redaction.d.ts +125 -0
package/dist/transcripts/redaction.d.ts.map +1 -0
package/dist/transcripts/redaction.js +416 -0
package/dist/transcripts/redaction.js.map +1 -0
package/dist/transcripts/redaction.test.d.ts +5 -0
package/dist/transcripts/redaction.test.d.ts.map +1 -0
package/dist/transcripts/redaction.test.js +267 -0
package/dist/transcripts/redaction.test.js.map +1 -0
package/dist/transcripts/signing.d.ts +108 -0
package/dist/transcripts/signing.d.ts.map +1 -0
package/dist/transcripts/signing.js +173 -0
package/dist/transcripts/signing.js.map +1 -0
package/dist/transcripts/verifier.d.ts +133 -0
package/dist/transcripts/verifier.d.ts.map +1 -0
package/dist/transcripts/verifier.js +489 -0
package/dist/transcripts/verifier.js.map +1 -0
package/dist/transcripts/verifier.test.d.ts +5 -0
package/dist/transcripts/verifier.test.d.ts.map +1 -0
package/dist/transcripts/verifier.test.js +330 -0
package/dist/transcripts/verifier.test.js.map +1 -0
package/dist/util/concurrency.d.ts +221 -0
package/dist/util/concurrency.d.ts.map +1 -0
package/dist/util/concurrency.js +339 -0
package/dist/util/concurrency.js.map +1 -0
package/dist/util/index.d.ts +12 -0
package/dist/util/index.d.ts.map +1 -0
package/dist/util/index.js +12 -0
package/dist/util/index.js.map +1 -0
package/dist/util/json.d.ts +63 -0
package/dist/util/json.d.ts.map +1 -0
package/dist/util/json.js +134 -0
package/dist/util/json.js.map +1 -0
package/dist/util/paths.d.ts +56 -0
package/dist/util/paths.d.ts.map +1 -0
package/dist/util/paths.js +128 -0
package/dist/util/paths.js.map +1 -0
package/dist/util/retry.d.ts +185 -0
package/dist/util/retry.d.ts.map +1 -0
package/dist/util/retry.js +338 -0
package/dist/util/retry.js.map +1 -0
package/package.json +79 -0

package/dist/compliance/frameworks/mitre-atlas.js ADDED Viewed

@@ -0,0 +1,686 @@
+/**
+ * MITRE ATLAS Compliance Framework
+ *
+ * Maps security findings to MITRE ATLAS (Adversarial Threat Landscape for
+ * Artificial-Intelligence Systems) techniques. ATLAS provides a knowledge
+ * base of adversary tactics and techniques against AI systems.
+ *
+ * @see https://atlas.mitre.org/
+ * @module compliance/frameworks/mitre-atlas
+ */
+/**
+ * MITRE ATLAS Controls mapped from techniques
+ *
+ * Based on ATLAS Matrix version 4.5 (2024).
+ * Controls are derived from ATLAS techniques and mapped to finding categories.
+ */
+export const MITRE_ATLAS_CONTROLS = [
+    // ============================================================================
+    // Reconnaissance Techniques
+    // ============================================================================
+    {
+        id: "AML.T0000",
+        framework: "MITRE-ATLAS",
+        category: "Reconnaissance",
+        title: "Search for Victim's Publicly Available Research Materials",
+        description: "Adversaries may search for information about victim ML capabilities through research papers, blog posts, and documentation that reveal model architectures or training approaches.",
+        keywords: [
+            "reconnaissance",
+            "public research",
+            "model architecture",
+            "documentation",
+        ],
+        findingCategories: [
+            "sensitive-disclosure",
+        ],
+        severityThreshold: "low",
+    },
+    {
+        id: "AML.T0001",
+        framework: "MITRE-ATLAS",
+        category: "Reconnaissance",
+        title: "Search Public ML Model Repositories",
+        description: "Adversaries may search public model repositories (HuggingFace, GitHub) to find models that can be used as starting points for attacks or to understand target systems.",
+        keywords: [
+            "model repositories",
+            "huggingface",
+            "public models",
+        ],
+        findingCategories: [
+            "supply-chain-vuln",
+        ],
+        severityThreshold: "low",
+    },
+    {
+        id: "AML.T0002",
+        framework: "MITRE-ATLAS",
+        category: "Reconnaissance",
+        title: "Discover ML Model Ontology",
+        description: "Adversaries gather information about an ML model's structure, inputs, outputs, and capabilities through direct or indirect queries.",
+        keywords: [
+            "model ontology",
+            "model structure",
+            "api probing",
+        ],
+        findingCategories: [
+            "model-theft",
+            "sensitive-disclosure",
+        ],
+        severityThreshold: "medium",
+    },
+    // ============================================================================
+    // Resource Development Techniques
+    // ============================================================================
+    {
+        id: "AML.T0010",
+        framework: "MITRE-ATLAS",
+        category: "Resource Development",
+        title: "Acquire Public ML Artifacts",
+        description: "Adversaries may acquire publicly available ML models, datasets, or tools to use in their attacks against victim systems.",
+        keywords: [
+            "public artifacts",
+            "pretrained models",
+            "datasets",
+        ],
+        findingCategories: [
+            "supply-chain-vuln",
+        ],
+        severityThreshold: "low",
+    },
+    {
+        id: "AML.T0011",
+        framework: "MITRE-ATLAS",
+        category: "Resource Development",
+        title: "Develop Adversarial ML Tools",
+        description: "Adversaries develop or acquire tools specifically designed to attack ML systems, including prompt injection frameworks, model extraction tools, or adversarial example generators.",
+        keywords: [
+            "adversarial tools",
+            "attack frameworks",
+            "jailbreak tools",
+        ],
+        findingCategories: [
+            "prompt-injection",
+        ],
+        severityThreshold: "medium",
+    },
+    {
+        id: "AML.T0012",
+        framework: "MITRE-ATLAS",
+        category: "Resource Development",
+        title: "Poison Training Data",
+        description: "Adversaries may poison public or private training datasets to embed backdoors or biases in models trained on that data.",
+        keywords: [
+            "data poisoning",
+            "training data",
+            "backdoors",
+        ],
+        findingCategories: [
+            "training-data-poisoning",
+            "integrity-failure",
+        ],
+        severityThreshold: "critical",
+    },
+    // ============================================================================
+    // Initial Access Techniques
+    // ============================================================================
+    {
+        id: "AML.T0020",
+        framework: "MITRE-ATLAS",
+        category: "Initial Access",
+        title: "Supply Chain Compromise",
+        description: "Adversaries may compromise supply chain components including ML frameworks, model repositories, or dependency packages to gain access to target systems.",
+        keywords: [
+            "supply chain",
+            "compromised packages",
+            "malicious dependencies",
+        ],
+        findingCategories: [
+            "supply-chain-vuln",
+            "dependency-vuln",
+            "vulnerable-component",
+        ],
+        severityThreshold: "critical",
+    },
+    {
+        id: "AML.T0021",
+        framework: "MITRE-ATLAS",
+        category: "Initial Access",
+        title: "Publish Poisoned Model",
+        description: "Adversaries publish poisoned or backdoored models to public repositories, hoping targets will download and deploy them.",
+        keywords: [
+            "poisoned model",
+            "backdoored model",
+            "malicious model",
+        ],
+        findingCategories: [
+            "supply-chain-vuln",
+            "training-data-poisoning",
+        ],
+        severityThreshold: "critical",
+    },
+    {
+        id: "AML.T0022",
+        framework: "MITRE-ATLAS",
+        category: "Initial Access",
+        title: "Compromise ML Development Environment",
+        description: "Adversaries compromise ML development environments (notebooks, training pipelines) to inject malicious code or modify models.",
+        keywords: [
+            "development environment",
+            "notebooks",
+            "training pipeline",
+        ],
+        findingCategories: [
+            "code-injection",
+            "integrity-failure",
+        ],
+        severityThreshold: "critical",
+    },
+    // ============================================================================
+    // ML Model Access Techniques
+    // ============================================================================
+    {
+        id: "AML.T0030",
+        framework: "MITRE-ATLAS",
+        category: "ML Model Access",
+        title: "ML API Exploitation",
+        description: "Adversaries exploit APIs that provide access to ML models to perform attacks like model extraction, prompt injection, or data exfiltration.",
+        keywords: [
+            "api exploitation",
+            "model api",
+            "inference api",
+        ],
+        findingCategories: [
+            "prompt-injection",
+            "model-theft",
+            "auth-bypass",
+        ],
+        severityThreshold: "high",
+    },
+    {
+        id: "AML.T0031",
+        framework: "MITRE-ATLAS",
+        category: "ML Model Access",
+        title: "Prompt Injection",
+        description: "Adversaries craft inputs that manipulate an LLM to execute unintended actions, bypass safety controls, or leak sensitive information.",
+        keywords: [
+            "prompt injection",
+            "jailbreak",
+            "instruction override",
+        ],
+        findingCategories: [
+            "prompt-injection",
+            "injection",
+        ],
+        severityThreshold: "critical",
+    },
+    {
+        id: "AML.T0032",
+        framework: "MITRE-ATLAS",
+        category: "ML Model Access",
+        title: "Indirect Prompt Injection",
+        description: "Adversaries inject malicious prompts through external data sources (documents, websites) that the LLM processes, causing it to execute attacker instructions.",
+        keywords: [
+            "indirect injection",
+            "external data",
+            "rag poisoning",
+        ],
+        findingCategories: [
+            "prompt-injection",
+            "insecure-plugin",
+        ],
+        severityThreshold: "critical",
+    },
+    // ============================================================================
+    // Execution Techniques
+    // ============================================================================
+    {
+        id: "AML.T0040",
+        framework: "MITRE-ATLAS",
+        category: "Execution",
+        title: "User Execution of Malicious Prompt",
+        description: "Adversaries trick users into executing malicious prompts that exploit the LLM to perform unauthorized actions.",
+        keywords: [
+            "user execution",
+            "social engineering",
+            "malicious prompt",
+        ],
+        findingCategories: [
+            "prompt-injection",
+        ],
+        severityThreshold: "high",
+    },
+    {
+        id: "AML.T0041",
+        framework: "MITRE-ATLAS",
+        category: "Execution",
+        title: "Unsafe Model Loading",
+        description: "Adversaries exploit unsafe model deserialization to execute arbitrary code when a model file is loaded (pickle, joblib, torch.load).",
+        keywords: [
+            "unsafe loading",
+            "deserialization",
+            "pickle",
+            "code execution",
+        ],
+        findingCategories: [
+            "code-injection",
+            "supply-chain-vuln",
+        ],
+        severityThreshold: "critical",
+    },
+    {
+        id: "AML.T0042",
+        framework: "MITRE-ATLAS",
+        category: "Execution",
+        title: "Plugin/Tool Abuse",
+        description: "Adversaries abuse LLM plugins or tools to execute unauthorized actions, access sensitive data, or escape the intended sandbox.",
+        keywords: [
+            "plugin abuse",
+            "tool exploitation",
+            "mcp",
+            "function calling",
+        ],
+        findingCategories: [
+            "insecure-plugin",
+            "excessive-agency",
+            "missing-sandbox",
+        ],
+        severityThreshold: "critical",
+    },
+    // ============================================================================
+    // Persistence Techniques
+    // ============================================================================
+    {
+        id: "AML.T0050",
+        framework: "MITRE-ATLAS",
+        category: "Persistence",
+        title: "Poison Fine-Tuning Data",
+        description: "Adversaries poison fine-tuning datasets to embed persistent backdoors or biases that survive model updates.",
+        keywords: [
+            "fine-tuning poisoning",
+            "persistent backdoor",
+            "model corruption",
+        ],
+        findingCategories: [
+            "training-data-poisoning",
+        ],
+        severityThreshold: "critical",
+    },
+    {
+        id: "AML.T0051",
+        framework: "MITRE-ATLAS",
+        category: "Persistence",
+        title: "Inject Persistent System Prompt",
+        description: "Adversaries inject persistent instructions into system prompts or configuration that persist across sessions.",
+        keywords: [
+            "persistent prompt",
+            "system prompt injection",
+            "configuration tampering",
+        ],
+        findingCategories: [
+            "prompt-injection",
+            "manifest-drift",
+        ],
+        severityThreshold: "high",
+    },
+    // ============================================================================
+    // Defense Evasion Techniques
+    // ============================================================================
+    {
+        id: "AML.T0060",
+        framework: "MITRE-ATLAS",
+        category: "Defense Evasion",
+        title: "Evade ML-Based Detection",
+        description: "Adversaries craft inputs to evade ML-based security controls like content filters, spam detectors, or prompt injection classifiers.",
+        keywords: [
+            "detection evasion",
+            "filter bypass",
+            "adversarial examples",
+        ],
+        findingCategories: [
+            "prompt-injection",
+        ],
+        severityThreshold: "high",
+    },
+    {
+        id: "AML.T0061",
+        framework: "MITRE-ATLAS",
+        category: "Defense Evasion",
+        title: "Obfuscate Malicious Prompts",
+        description: "Adversaries obfuscate malicious prompts using encoding, unicode tricks, or semantic variations to bypass detection.",
+        keywords: [
+            "obfuscation",
+            "encoding",
+            "unicode",
+            "homoglyphs",
+        ],
+        findingCategories: [
+            "prompt-injection",
+        ],
+        severityThreshold: "high",
+    },
+    // ============================================================================
+    // Discovery Techniques
+    // ============================================================================
+    {
+        id: "AML.T0070",
+        framework: "MITRE-ATLAS",
+        category: "Discovery",
+        title: "Discover Model Architecture",
+        description: "Adversaries probe the ML system to discover model architecture, hyperparameters, and capabilities through API queries.",
+        keywords: [
+            "model discovery",
+            "architecture probing",
+            "fingerprinting",
+        ],
+        findingCategories: [
+            "model-theft",
+            "sensitive-disclosure",
+        ],
+        severityThreshold: "medium",
+    },
+    {
+        id: "AML.T0071",
+        framework: "MITRE-ATLAS",
+        category: "Discovery",
+        title: "Extract System Prompt",
+        description: "Adversaries craft prompts to extract the system prompt or hidden instructions from an LLM application.",
+        keywords: [
+            "system prompt extraction",
+            "prompt leakage",
+            "instruction disclosure",
+        ],
+        findingCategories: [
+            "prompt-injection",
+            "sensitive-disclosure",
+        ],
+        severityThreshold: "high",
+    },
+    {
+        id: "AML.T0072",
+        framework: "MITRE-ATLAS",
+        category: "Discovery",
+        title: "Enumerate Available Tools",
+        description: "Adversaries enumerate available tools, plugins, or functions that the LLM can invoke to identify attack vectors.",
+        keywords: [
+            "tool enumeration",
+            "plugin discovery",
+            "capability mapping",
+        ],
+        findingCategories: [
+            "sensitive-disclosure",
+            "insecure-plugin",
+        ],
+        severityThreshold: "medium",
+    },
+    // ============================================================================
+    // Collection Techniques
+    // ============================================================================
+    {
+        id: "AML.T0080",
+        framework: "MITRE-ATLAS",
+        category: "Collection",
+        title: "Data from ML Model",
+        description: "Adversaries extract training data, memorized information, or sensitive data from ML models through carefully crafted queries.",
+        keywords: [
+            "data extraction",
+            "memorization",
+            "training data leakage",
+        ],
+        findingCategories: [
+            "sensitive-disclosure",
+            "pii-exposure",
+        ],
+        severityThreshold: "high",
+    },
+    {
+        id: "AML.T0081",
+        framework: "MITRE-ATLAS",
+        category: "Collection",
+        title: "Credential Harvesting via LLM",
+        description: "Adversaries use the LLM to access or reveal credentials, API keys, or authentication tokens.",
+        keywords: [
+            "credential harvesting",
+            "api key extraction",
+            "secret disclosure",
+        ],
+        findingCategories: [
+            "hardcoded-secret",
+            "credential-overscoped",
+            "exfil-path",
+        ],
+        severityThreshold: "critical",
+    },
+    // ============================================================================
+    // ML Attack Staging Techniques
+    // ============================================================================
+    {
+        id: "AML.T0090",
+        framework: "MITRE-ATLAS",
+        category: "ML Attack Staging",
+        title: "Create Proxy Model",
+        description: "Adversaries create a proxy/substitute model that mimics the target model's behavior for developing attacks offline.",
+        keywords: [
+            "proxy model",
+            "substitute model",
+            "model cloning",
+        ],
+        findingCategories: [
+            "model-theft",
+        ],
+        severityThreshold: "medium",
+    },
+    {
+        id: "AML.T0091",
+        framework: "MITRE-ATLAS",
+        category: "ML Attack Staging",
+        title: "Generate Adversarial Examples",
+        description: "Adversaries generate inputs specifically crafted to cause the model to produce incorrect or malicious outputs.",
+        keywords: [
+            "adversarial examples",
+            "perturbations",
+            "attack generation",
+        ],
+        findingCategories: [
+            "prompt-injection",
+        ],
+        severityThreshold: "high",
+    },
+    // ============================================================================
+    // Exfiltration Techniques
+    // ============================================================================
+    {
+        id: "AML.T0100",
+        framework: "MITRE-ATLAS",
+        category: "Exfiltration",
+        title: "Model Extraction",
+        description: "Adversaries extract a copy of the ML model through repeated queries, allowing them to steal intellectual property or prepare offline attacks.",
+        keywords: [
+            "model extraction",
+            "model stealing",
+            "api abuse",
+        ],
+        findingCategories: [
+            "model-theft",
+        ],
+        severityThreshold: "critical",
+    },
+    {
+        id: "AML.T0101",
+        framework: "MITRE-ATLAS",
+        category: "Exfiltration",
+        title: "Exfiltrate Data via Model Output",
+        description: "Adversaries use the model as a covert channel to exfiltrate sensitive data by encoding it in model outputs.",
+        keywords: [
+            "data exfiltration",
+            "covert channel",
+            "output encoding",
+        ],
+        findingCategories: [
+            "exfil-path",
+            "sensitive-disclosure",
+        ],
+        severityThreshold: "critical",
+    },
+    {
+        id: "AML.T0102",
+        framework: "MITRE-ATLAS",
+        category: "Exfiltration",
+        title: "Exfiltrate via Tool Call",
+        description: "Adversaries use LLM tool/function calls to exfiltrate data to external systems through authorized network channels.",
+        keywords: [
+            "tool exfiltration",
+            "function call abuse",
+            "data theft",
+        ],
+        findingCategories: [
+            "exfil-path",
+            "insecure-plugin",
+        ],
+        severityThreshold: "critical",
+    },
+    // ============================================================================
+    // Impact Techniques
+    // ============================================================================
+    {
+        id: "AML.T0110",
+        framework: "MITRE-ATLAS",
+        category: "Impact",
+        title: "Denial of ML Service",
+        description: "Adversaries cause denial of service by exhausting ML system resources through crafted queries or adversarial inputs.",
+        keywords: [
+            "denial of service",
+            "resource exhaustion",
+            "model dos",
+        ],
+        findingCategories: [
+            "model-denial-of-service",
+            "resource-exhaustion",
+        ],
+        severityThreshold: "high",
+    },
+    {
+        id: "AML.T0111",
+        framework: "MITRE-ATLAS",
+        category: "Impact",
+        title: "Manipulate Model Output",
+        description: "Adversaries manipulate model outputs to cause incorrect decisions, spread misinformation, or cause harm to downstream systems.",
+        keywords: [
+            "output manipulation",
+            "misinformation",
+            "incorrect decisions",
+        ],
+        findingCategories: [
+            "insecure-output",
+            "prompt-injection",
+        ],
+        severityThreshold: "high",
+    },
+    {
+        id: "AML.T0112",
+        framework: "MITRE-ATLAS",
+        category: "Impact",
+        title: "Erode Trust in ML System",
+        description: "Adversaries cause the ML system to produce outputs that erode user trust through hallucinations, biased responses, or harmful content.",
+        keywords: [
+            "trust erosion",
+            "reputation damage",
+            "harmful content",
+        ],
+        findingCategories: [
+            "overreliance",
+            "insecure-output",
+        ],
+        severityThreshold: "medium",
+    },
+];
+/**
+ * Get all MITRE ATLAS controls
+ */
+export function getMITREATLASControls() {
+    return MITRE_ATLAS_CONTROLS;
+}
+/**
+ * Get MITRE ATLAS control by technique ID
+ */
+export function getMITREATLASControlById(id) {
+    return MITRE_ATLAS_CONTROLS.find((c) => c.id === id);
+}
+/**
+ * Get MITRE ATLAS controls by tactic
+ */
+export function getMITREATLASControlsByTactic(tactic) {
+    return MITRE_ATLAS_CONTROLS.filter((c) => c.category === tactic);
+}
+/**
+ * Get all MITRE ATLAS tactics
+ */
+export function getMITREATLASTactics() {
+    return [
+        "Reconnaissance",
+        "Resource Development",
+        "Initial Access",
+        "ML Model Access",
+        "Execution",
+        "Persistence",
+        "Defense Evasion",
+        "Discovery",
+        "Collection",
+        "ML Attack Staging",
+        "Exfiltration",
+        "Impact",
+    ];
+}
+/**
+ * Get mitigations for a specific technique
+ */
+export function getMitigationsForTechnique(techniqueId) {
+    const mitigations = {
+        "AML.T0031": [
+            "Implement prompt injection detection",
+            "Use privilege separation for system vs user prompts",
+            "Apply output filtering and validation",
+            "Use allowlisting for tool invocations",
+        ],
+        "AML.T0032": [
+            "Sanitize all external data before processing",
+            "Implement content security policies",
+            "Use data provenance tracking",
+            "Apply sandboxing for document processing",
+        ],
+        "AML.T0042": [
+            "Apply principle of least privilege to tools",
+            "Implement tool sandboxing",
+            "Require explicit user confirmation for sensitive actions",
+            "Monitor and log all tool invocations",
+        ],
+        "AML.T0100": [
+            "Implement rate limiting on model APIs",
+            "Use query obfuscation techniques",
+            "Monitor for model extraction patterns",
+            "Apply watermarking to model outputs",
+        ],
+        "AML.T0102": [
+            "Implement egress filtering for tool network access",
+            "Use data loss prevention controls",
+            "Monitor tool call patterns for anomalies",
+            "Apply network segmentation",
+        ],
+    };
+    return mitigations[techniqueId] || [
+        "Implement defense-in-depth controls",
+        "Monitor for suspicious activity",
+        "Apply least privilege principles",
+    ];
+}
+/**
+ * Map MITRE ATLAS technique to ATT&CK techniques
+ */
+export const ATLAS_TO_ATTACK_MAPPING = {
+    "AML.T0020": ["T1195"], // Supply Chain Compromise
+    "AML.T0022": ["T1059"], // Command Execution
+    "AML.T0041": ["T1059.006"], // Python Execution
+    "AML.T0081": ["T1552"], // Credentials in Files
+    "AML.T0100": ["T1048"], // Exfiltration Over Alternative Protocol
+    "AML.T0110": ["T1499"], // Endpoint Denial of Service
+};
+//# sourceMappingURL=mitre-atlas.js.map