vaspera 2.8.0 → 2.9.0

package/dist/badge-service/index.js

@@ -0,0 +1,206 @@
+/**
+ * Badge Service
+ *
+ * HTTP service for serving certification badges with verification endpoints.
+ * Designed for deployment on Vercel/Cloudflare edge with caching.
+ *
+ * @module badge-service
+ */
+import { generateBadgeSvg } from "../certification/badge.js";
+/**
+ * In-memory storage for development/testing
+ */
+export class MemoryCertificationStorage {
+    certifications = new Map();
+    async getCertification(id) {
+        return this.certifications.get(id) || null;
+    }
+    async storeCertification(record) {
+        this.certifications.set(record.id, record);
+    }
+    async listCertifications() {
+        return Array.from(this.certifications.values());
+    }
+}
+// ============================================================================
+// Badge Generation
+// ============================================================================
+/**
+ * Generate an expired/invalid badge SVG
+ */
+export function generateExpiredBadgeSvg() {
+    const width = 140;
+    const height = 20;
+    return `<svg xmlns="http://www.w3.org/2000/svg" width="${width}" height="${height}" role="img" aria-label="certification: expired">
+  <title>certification: expired</title>
+  <linearGradient id="s" x2="0" y2="100%">
+    <stop offset="0" stop-color="#bbb" stop-opacity=".1"/>
+    <stop offset="1" stop-opacity=".1"/>
+  </linearGradient>
+  <clipPath id="r">
+    <rect width="${width}" height="${height}" rx="3" fill="#fff"/>
+  </clipPath>
+  <g clip-path="url(#r)">
+    <rect width="80" height="${height}" fill="#555"/>
+    <rect x="80" width="60" height="${height}" fill="#9ca3af"/>
+    <rect width="${width}" height="${height}" fill="url(#s)"/>
+  </g>
+  <g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="11">
+    <text aria-hidden="true" x="40" y="15" fill="#010101" fill-opacity=".3">certification</text>
+    <text x="40" y="14">certification</text>
+    <text aria-hidden="true" x="110" y="15" fill="#010101" fill-opacity=".3">expired</text>
+    <text x="110" y="14">expired</text>
+  </g>
+</svg>`;
+}
+/**
+ * Generate a not-found badge SVG
+ */
+export function generateNotFoundBadgeSvg() {
+    const width = 150;
+    const height = 20;
+    return `<svg xmlns="http://www.w3.org/2000/svg" width="${width}" height="${height}" role="img" aria-label="certification: not found">
+  <title>certification: not found</title>
+  <linearGradient id="s" x2="0" y2="100%">
+    <stop offset="0" stop-color="#bbb" stop-opacity=".1"/>
+    <stop offset="1" stop-opacity=".1"/>
+  </linearGradient>
+  <clipPath id="r">
+    <rect width="${width}" height="${height}" rx="3" fill="#fff"/>
+  </clipPath>
+  <g clip-path="url(#r)">
+    <rect width="80" height="${height}" fill="#555"/>
+    <rect x="80" width="70" height="${height}" fill="#dc2626"/>
+    <rect width="${width}" height="${height}" fill="url(#s)"/>
+  </g>
+  <g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="11">
+    <text aria-hidden="true" x="40" y="15" fill="#010101" fill-opacity=".3">certification</text>
+    <text x="40" y="14">certification</text>
+    <text aria-hidden="true" x="115" y="15" fill="#010101" fill-opacity=".3">not found</text>
+    <text x="115" y="14">not found</text>
+  </g>
+</svg>`;
+}
+// ============================================================================
+// Validation
+// ============================================================================
+/**
+ * Check if a certification is expired
+ */
+export function isExpired(cert, graceMinutes = 0) {
+    const expiresAt = new Date(cert.expiresAt);
+    const now = new Date();
+    const graceMs = graceMinutes * 60 * 1000;
+    return now.getTime() > expiresAt.getTime() + graceMs;
+}
+/**
+ * Add days to a date
+ */
+export function addDays(dateStr, days) {
+    const date = new Date(dateStr);
+    date.setDate(date.getDate() + days);
+    return date.toISOString();
+}
+// ============================================================================
+// Badge Embed Code Generation
+// ============================================================================
+/**
+ * Generate embed code for a certification badge
+ */
+export function generateBadgeEmbedCode(certificationId, baseUrl = "https://badges.vaspera.dev") {
+    const badgeUrl = `${baseUrl}/v/${certificationId}.svg`;
+    const verifyUrl = `${baseUrl}/v/${certificationId}/verify`;
+    return {
+        markdown: `[![Vaspera Certified](${badgeUrl})](${verifyUrl})`,
+        html: `<a href="${verifyUrl}"><img src="${badgeUrl}" alt="Vaspera Certified" /></a>`,
+        url: badgeUrl,
+        verifyUrl,
+    };
+}
+// ============================================================================
+// Request Handlers
+// ============================================================================
+/**
+ * Handle badge SVG request
+ */
+export async function handleBadgeRequest(certId, storage) {
+    const cert = await storage.getCertification(certId);
+    const headers = {
+        "Content-Type": "image/svg+xml",
+        "Cache-Control": "public, max-age=3600",
+    };
+    if (!cert) {
+        return {
+            svg: generateNotFoundBadgeSvg(),
+            status: 200, // Return 200 so badge still displays
+            headers,
+        };
+    }
+    if (isExpired(cert)) {
+        return {
+            svg: generateExpiredBadgeSvg(),
+            status: 200,
+            headers,
+        };
+    }
+    return {
+        svg: generateBadgeSvg(cert.level, cert.score),
+        status: 200,
+        headers,
+    };
+}
+/**
+ * Handle verification request
+ */
+export async function handleVerifyRequest(certId, storage) {
+    const cert = await storage.getCertification(certId);
+    if (!cert) {
+        return {
+            json: {
+                valid: false,
+                certificationId: certId,
+                error: "Certification not found",
+            },
+            status: 404,
+        };
+    }
+    const expired = isExpired(cert);
+    return {
+        json: {
+            valid: !expired,
+            certificationId: certId,
+            level: cert.level,
+            score: cert.score,
+            issuedAt: cert.issuedAt,
+            expiresAt: cert.expiresAt,
+            expired,
+            sigstoreBundle: cert.sigstoreBundle,
+            rekorLogIndex: cert.rekorLogIndex,
+            verifyCommand: cert.signatureUrl && cert.certUrl
+                ? `cosign verify-blob --signature ${cert.signatureUrl} --certificate ${cert.certUrl}`
+                : undefined,
+        },
+        status: expired ? 410 : 200,
+    };
+}
+/**
+ * Handle embed code request
+ */
+export async function handleEmbedRequest(certId, storage, baseUrl = "https://badges.vaspera.dev") {
+    const cert = await storage.getCertification(certId);
+    if (!cert) {
+        return {
+            json: { error: "Certification not found" },
+            status: 404,
+        };
+    }
+    return {
+        json: generateBadgeEmbedCode(certId, baseUrl),
+        status: 200,
+    };
+}
+// ============================================================================
+// Exports
+// ============================================================================
+export { generateBadgeSvg, generateScoreBadgeSvg, } from "../certification/badge.js";
+//# sourceMappingURL=index.js.map

package/dist/badge-service/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/badge-service/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,gBAAgB,EAAyB,MAAM,2BAA2B,CAAC;AAsHpF;;GAEG;AACH,MAAM,OAAO,0BAA0B;IAC7B,cAAc,GAAqC,IAAI,GAAG,EAAE,CAAC;IAErE,KAAK,CAAC,gBAAgB,CAAC,EAAU;QAC/B,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,MAA2B;QAClD,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,kBAAkB;QACtB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IAClD,CAAC;CACF;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,uBAAuB;IACrC,MAAM,KAAK,GAAG,GAAG,CAAC;IAClB,MAAM,MAAM,GAAG,EAAE,CAAC;IAElB,OAAO,kDAAkD,KAAK,aAAa,MAAM;;;;;;;mBAOhE,KAAK,aAAa,MAAM;;;+BAGZ,MAAM;sCACC,MAAM;mBACzB,KAAK,aAAa,MAAM;;;;;;;;OAQpC,CAAC;AACR,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB;IACtC,MAAM,KAAK,GAAG,GAAG,CAAC;IAClB,MAAM,MAAM,GAAG,EAAE,CAAC;IAElB,OAAO,kDAAkD,KAAK,aAAa,MAAM;;;;;;;mBAOhE,KAAK,aAAa,MAAM;;;+BAGZ,MAAM;sCACC,MAAM;mBACzB,KAAK,aAAa,MAAM;;;;;;;;OAQpC,CAAC;AACR,CAAC;AAED,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,IAAyB,EAAE,YAAY,GAAG,CAAC;IACnE,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,OAAO,GAAG,YAAY,GAAG,EAAE,GAAG,IAAI,CAAC;IACzC,OAAO,GAAG,CAAC,OAAO,EAAE,GAAG,SAAS,CAAC,OAAO,EAAE,GAAG,OAAO,CAAC;AACvD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,OAAO,CAAC,OAAe,EAAE,IAAY;IACnD,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/B,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;IACpC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;AAC5B,CAAC;AAED,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,sBAAsB,CACpC,eAAuB,EACvB,OAAO,GAAG,4BAA4B;IAEtC,MAAM,QAAQ,GAAG,GAAG,OAAO,MAAM,eAAe,MAAM,CAAC;IACvD,MAAM,SAAS,GAAG,GAAG,OAAO,MAAM,eAAe,SAAS,CAAC;IAE3D,OAAO;QACL,QAAQ,EAAE,yBAAyB,QAAQ,MAAM,SAAS,GAAG;QAC7D,IAAI,EAAE,YAAY,SAAS,eAAe,QAAQ,kCAAkC;QACpF,GAAG,EAAE,QAAQ;QACb,SAAS;KACV,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,OAA6B;IAE7B,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAEpD,MAAM,OAAO,GAA2B;QACtC,cAAc,EAAE,eAAe;QAC/B,eAAe,EAAE,sBAAsB;KACxC,CAAC;IAEF,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;YACL,GAAG,EAAE,wBAAwB,EAAE;YAC/B,MAAM,EAAE,GAAG,EAAE,qCAAqC;YAClD,OAAO;SACR,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;QACpB,OAAO;YACL,GAAG,EAAE,uBAAuB,EAAE;YAC9B,MAAM,EAAE,GAAG;YACX,OAAO;SACR,CAAC;IACJ,CAAC;IAED,OAAO;QACL,GAAG,EAAE,gBAAgB,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC;QAC7C,MAAM,EAAE,GAAG;QACX,OAAO;KACR,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAAc,EACd,OAA6B;IAE7B,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAEpD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;YACL,IAAI,EAAE;gBACJ,KAAK,EAAE,KAAK;gBACZ,eAAe,EAAE,MAAM;gBACvB,KAAK,EAAE,yBAAyB;aACjC;YACD,MAAM,EAAE,GAAG;SACZ,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAEhC,OAAO;QACL,IAAI,EAAE;YACJ,KAAK,EAAE,CAAC,OAAO;YACf,eAAe,EAAE,MAAM;YACvB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,OAAO;YACP,cAAc,EAAE,IAAI,CAAC,cAAc;YACnC,aAAa,EAAE,IAAI,CAAC,aAAa;YACjC,aAAa,EAAE,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,OAAO;gBAC9C,CAAC,CAAC,kCAAkC,IAAI,CAAC,YAAY,kBAAkB,IAAI,CAAC,OAAO,EAAE;gBACrF,CAAC,CAAC,SAAS;SACd;QACD,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG;KAC5B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,OAA6B,EAC7B,OAAO,GAAG,4BAA4B;IAEtC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAEpD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;YACL,IAAI,EAAE,EAAE,KAAK,EAAE,yBAAyB,EAAE;YAC1C,MAAM,EAAE,GAAG;SACZ,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,sBAAsB,CAAC,MAAM,EAAE,OAAO,CAAC;QAC7C,MAAM,EAAE,GAAG;KACZ,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,UAAU;AACV,+EAA+E;AAE/E,OAAO,EACL,gBAAgB,EAChB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC"}

package/dist/certification/types.d.ts

@@ -9,7 +9,7 @@ export type VerificationVerdict = "confirmed" | "disputed" | "inconclusive";
 /**
  * Standard finding categories
  */
-export type FindingCategory = "sql-injection" | "xss" | "auth-bypass" | "broken-access-control" | "session-management" | "cryptographic-failure" | "injection" | "insecure-design" | "security-misconfiguration" | "vulnerable-component" | "identification-failure" | "integrity-failure" | "logging-failure" | "ssrf" | "path-traversal" | "command-injection" | "code-injection" | "hardcoded-secret" | "weak-password" | "insecure-random" | "missing-encryption" | "pii-exposure" | "dependency-vuln" | "type-safety" | "error-handling" | "resource-exhaustion" | "race-condition" | "prompt-injection" | "insecure-output" | "training-data-poisoning" | "model-denial-of-service" | "supply-chain-vuln" | "sensitive-disclosure" | "insecure-plugin" | "excessive-agency" | "overreliance" | "model-theft" | "manifest-drift" | "exfil-path" | "overscoped-permission" | "missing-sandbox" | "credential-overscoped" | "tool-drift" | "unsigned-change" | "consensus-manipulation" | "binary-security" | "memory-safety" | "logic-flaw" | "exploit-chain" | "zero-day" | "authentication" | "authorization" | "cryptography" | "input-validation" | "api-security" | "resource-management" | "deserialization" | "open-redirect" | "secret-management" | "code-quality" | "other";
+export type FindingCategory = "sql-injection" | "xss" | "auth-bypass" | "broken-access-control" | "session-management" | "cryptographic-failure" | "injection" | "insecure-design" | "security-misconfiguration" | "vulnerable-component" | "identification-failure" | "integrity-failure" | "logging-failure" | "ssrf" | "path-traversal" | "command-injection" | "code-injection" | "hardcoded-secret" | "weak-password" | "insecure-random" | "missing-encryption" | "pii-exposure" | "dependency-vuln" | "type-safety" | "error-handling" | "resource-exhaustion" | "race-condition" | "prompt-injection" | "insecure-output" | "training-data-poisoning" | "model-denial-of-service" | "supply-chain-vuln" | "sensitive-disclosure" | "insecure-plugin" | "excessive-agency" | "overreliance" | "model-theft" | "manifest-drift" | "exfil-path" | "overscoped-permission" | "missing-sandbox" | "credential-overscoped" | "tool-drift" | "unsigned-change" | "consensus-manipulation" | "binary-security" | "memory-safety" | "logic-flaw" | "exploit-chain" | "zero-day" | "authentication" | "authorization" | "cryptography" | "input-validation" | "api-security" | "resource-management" | "deserialization" | "open-redirect" | "secret-management" | "code-quality" | "phi-exposure" | "sud-disclosure" | "consent-bypass" | "consent-missing" | "redisclosure-violation" | "qsoa-violation" | "audit-gap" | "phi-in-logs" | "data-retention" | "third-party-risk" | "other";
 /**
  * Location of a finding instance
  */

package/dist/certification/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/certification/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,SAAS,GACjB,UAAU,GACV,aAAa,GACb,YAAY,GACZ,aAAa,GACb,SAAS,GACT,SAAS,GACT,eAAe,GACf,eAAe,GACf,iBAAiB,GACjB,WAAW,CAAC;AAEhB,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,MAAM,kBAAkB,GAC1B,WAAW,GACX,UAAU,GACV,iBAAiB,GACjB,SAAS,CAAC;AAEd,MAAM,MAAM,mBAAmB,GAC3B,aAAa,GACb,aAAa,GACb,WAAW,GACX,QAAQ,CAAC;AAEb,MAAM,MAAM,mBAAmB,GAAG,WAAW,GAAG,UAAU,GAAG,cAAc,CAAC;AAE5E;;GAEG;AACH,MAAM,MAAM,eAAe,GAEvB,eAAe,GACf,KAAK,GACL,aAAa,GACb,uBAAuB,GACvB,oBAAoB,GACpB,uBAAuB,GACvB,WAAW,GACX,iBAAiB,GACjB,2BAA2B,GAC3B,sBAAsB,GACtB,wBAAwB,GACxB,mBAAmB,GACnB,iBAAiB,GACjB,MAAM,GACN,gBAAgB,GAChB,mBAAmB,GACnB,gBAAgB,GAChB,kBAAkB,GAClB,eAAe,GACf,iBAAiB,GACjB,oBAAoB,GACpB,cAAc,GACd,iBAAiB,GACjB,aAAa,GACb,gBAAgB,GAChB,qBAAqB,GACrB,gBAAgB,GAEhB,kBAAkB,GAClB,iBAAiB,GACjB,yBAAyB,GACzB,yBAAyB,GACzB,mBAAmB,GACnB,sBAAsB,GACtB,iBAAiB,GACjB,kBAAkB,GAClB,cAAc,GACd,aAAa,GAEb,gBAAgB,GAChB,YAAY,GACZ,uBAAuB,GACvB,iBAAiB,GACjB,uBAAuB,GACvB,YAAY,GACZ,iBAAiB,GACjB,wBAAwB,GAExB,iBAAiB,GACjB,eAAe,GACf,YAAY,GACZ,eAAe,GACf,UAAU,GACV,gBAAgB,GAChB,eAAe,GACf,cAAc,GACd,kBAAkB,GAClB,cAAc,GACd,qBAAqB,GACrB,iBAAiB,GACjB,eAAe,GACf,mBAAmB,GACnB,cAAc,GAEd,OAAO,CAAC;AAEZ;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,eAAe,GAAG,MAAM,CAAC;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,iEAAiE;IACjE,SAAS,CAAC,EAAE,eAAe,EAAE,CAAC;IAC9B,0EAA0E;IAC1E,cAAc,CAAC,EACX,SAAS,GACT,WAAW,GACX,UAAU,GACV,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,OAAO,GACP,UAAU,GACV,OAAO,GAEP,iBAAiB,GACjB,eAAe,GACf,gBAAgB,GAEhB,iBAAiB,GACjB,qBAAqB,GACrB,wBAAwB,GAExB,gBAAgB,GAChB,wBAAwB,GACxB,yBAAyB,GACzB,kBAAkB,GAClB,sBAAsB,GACtB,kBAAkB,GAClB,eAAe,GACf,wBAAwB,GAExB,WAAW,CAAC;IAChB,wCAAwC;IACxC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,kDAAkD;IAClD,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,YAAY;IAC3B,eAAe,EAAE,SAAS,CAAC;IAC3B,OAAO,EAAE,mBAAmB,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,gBAAgB,EAAE,MAAM,CAAC;IACzB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,SAAS,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,SAAS,GAAG,WAAW,GAAG,QAAQ,CAAC;IAC3C,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,YAAY,CAAC;CACxB;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,SAAS,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE,cAAc,GAAG,gBAAgB,GAAG,qBAAqB,GAAG,WAAW,CAAC;IACxF,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,QAAQ,CAAC;IAC5B,UAAU,CAAC,EAAE;QACX,QAAQ,EAAE,OAAO,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,SAAS,CAAC;IAC3B,OAAO,EAAE,mBAAmB,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,eAAe;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,kBAAkB,CAAC;IACxC,YAAY,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACxC,iBAAiB,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC7C,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,uBAAuB,EAAE,MAAM,CAAC;IAChC,4BAA4B,EAAE,MAAM,CAAC;IACrC,yBAAyB,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,mBAAmB,CAAC;IAC5B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,mBAAmB,CAAC,EAAE,kBAAkB,CAAC;IACzC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,8CAA8C;IAC9C,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,wCAAwC;IACxC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,oDAAoD;IACpD,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,qBAAqB,CAAC;IAChC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC;IAClD,mBAAmB,EAAE,iBAAiB,EAAE,CAAC;IACzC,mBAAmB,EAAE,gBAAgB,EAAE,CAAC;IACxC,SAAS,CAAC,EAAE,eAAe,CAAC;CAC7B;AAGD,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAanD,CAAC;AAGF,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAMvD,CAAC;AAGF,eAAO,MAAM,wBAAwB;;;;;CAKpC,CAAC;AAGF,eAAO,MAAM,2BAA2B,KAAK,CAAC"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/certification/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,SAAS,GACjB,UAAU,GACV,aAAa,GACb,YAAY,GACZ,aAAa,GACb,SAAS,GACT,SAAS,GACT,eAAe,GACf,eAAe,GACf,iBAAiB,GACjB,WAAW,CAAC;AAEhB,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,MAAM,kBAAkB,GAC1B,WAAW,GACX,UAAU,GACV,iBAAiB,GACjB,SAAS,CAAC;AAEd,MAAM,MAAM,mBAAmB,GAC3B,aAAa,GACb,aAAa,GACb,WAAW,GACX,QAAQ,CAAC;AAEb,MAAM,MAAM,mBAAmB,GAAG,WAAW,GAAG,UAAU,GAAG,cAAc,CAAC;AAE5E;;GAEG;AACH,MAAM,MAAM,eAAe,GAEvB,eAAe,GACf,KAAK,GACL,aAAa,GACb,uBAAuB,GACvB,oBAAoB,GACpB,uBAAuB,GACvB,WAAW,GACX,iBAAiB,GACjB,2BAA2B,GAC3B,sBAAsB,GACtB,wBAAwB,GACxB,mBAAmB,GACnB,iBAAiB,GACjB,MAAM,GACN,gBAAgB,GAChB,mBAAmB,GACnB,gBAAgB,GAChB,kBAAkB,GAClB,eAAe,GACf,iBAAiB,GACjB,oBAAoB,GACpB,cAAc,GACd,iBAAiB,GACjB,aAAa,GACb,gBAAgB,GAChB,qBAAqB,GACrB,gBAAgB,GAEhB,kBAAkB,GAClB,iBAAiB,GACjB,yBAAyB,GACzB,yBAAyB,GACzB,mBAAmB,GACnB,sBAAsB,GACtB,iBAAiB,GACjB,kBAAkB,GAClB,cAAc,GACd,aAAa,GAEb,gBAAgB,GAChB,YAAY,GACZ,uBAAuB,GACvB,iBAAiB,GACjB,uBAAuB,GACvB,YAAY,GACZ,iBAAiB,GACjB,wBAAwB,GAExB,iBAAiB,GACjB,eAAe,GACf,YAAY,GACZ,eAAe,GACf,UAAU,GACV,gBAAgB,GAChB,eAAe,GACf,cAAc,GACd,kBAAkB,GAClB,cAAc,GACd,qBAAqB,GACrB,iBAAiB,GACjB,eAAe,GACf,mBAAmB,GACnB,cAAc,GAEd,cAAc,GACd,gBAAgB,GAChB,gBAAgB,GAChB,iBAAiB,GACjB,wBAAwB,GACxB,gBAAgB,GAChB,WAAW,GACX,aAAa,GACb,gBAAgB,GAChB,kBAAkB,GAElB,OAAO,CAAC;AAEZ;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,eAAe,GAAG,MAAM,CAAC;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,iEAAiE;IACjE,SAAS,CAAC,EAAE,eAAe,EAAE,CAAC;IAC9B,0EAA0E;IAC1E,cAAc,CAAC,EACX,SAAS,GACT,WAAW,GACX,UAAU,GACV,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,OAAO,GACP,UAAU,GACV,OAAO,GAEP,iBAAiB,GACjB,eAAe,GACf,gBAAgB,GAEhB,iBAAiB,GACjB,qBAAqB,GACrB,wBAAwB,GAExB,gBAAgB,GAChB,wBAAwB,GACxB,yBAAyB,GACzB,kBAAkB,GAClB,sBAAsB,GACtB,kBAAkB,GAClB,eAAe,GACf,wBAAwB,GAExB,WAAW,CAAC;IAChB,wCAAwC;IACxC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,kDAAkD;IAClD,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,YAAY;IAC3B,eAAe,EAAE,SAAS,CAAC;IAC3B,OAAO,EAAE,mBAAmB,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,gBAAgB,EAAE,MAAM,CAAC;IACzB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,SAAS,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,SAAS,GAAG,WAAW,GAAG,QAAQ,CAAC;IAC3C,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,YAAY,CAAC;CACxB;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,SAAS,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE,cAAc,GAAG,gBAAgB,GAAG,qBAAqB,GAAG,WAAW,CAAC;IACxF,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,QAAQ,CAAC;IAC5B,UAAU,CAAC,EAAE;QACX,QAAQ,EAAE,OAAO,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,SAAS,CAAC;IAC3B,OAAO,EAAE,mBAAmB,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,eAAe;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,kBAAkB,CAAC;IACxC,YAAY,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACxC,iBAAiB,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC7C,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,uBAAuB,EAAE,MAAM,CAAC;IAChC,4BAA4B,EAAE,MAAM,CAAC;IACrC,yBAAyB,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,mBAAmB,CAAC;IAC5B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,mBAAmB,CAAC,EAAE,kBAAkB,CAAC;IACzC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,8CAA8C;IAC9C,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,wCAAwC;IACxC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,oDAAoD;IACpD,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,qBAAqB,CAAC;IAChC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC;IAClD,mBAAmB,EAAE,iBAAiB,EAAE,CAAC;IACzC,mBAAmB,EAAE,gBAAgB,EAAE,CAAC;IACxC,SAAS,CAAC,EAAE,eAAe,CAAC;CAC7B;AAGD,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAanD,CAAC;AAGF,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAMvD,CAAC;AAGF,eAAO,MAAM,wBAAwB;;;;;CAKpC,CAAC;AAGF,eAAO,MAAM,2BAA2B,KAAK,CAAC"}

package/dist/certification/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/certification/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AA+PH,4BAA4B;AAC5B,MAAM,CAAC,MAAM,aAAa,GAA8B;IACtD,QAAQ,EAAE,IAAI;IACd,WAAW,EAAE,IAAI;IACjB,UAAU,EAAE,IAAI;IAChB,WAAW,EAAE,IAAI;IACjB,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,IAAI;IACb,kEAAkE;IAClE,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,IAAI;IACrB,iBAAiB,EAAE,IAAI;IACvB,sCAAsC;IACtC,SAAS,EAAE,IAAI;CAChB,CAAC;AAEF,iCAAiC;AACjC,MAAM,CAAC,MAAM,kBAAkB,GAA6B;IAC1D,QAAQ,EAAE,EAAE;IACZ,IAAI,EAAE,EAAE;IACR,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,2BAA2B;AAC3B,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,SAAS,EAAE,EAAE;IACb,QAAQ,EAAE,EAAE;IACZ,eAAe,EAAE,EAAE;IACnB,OAAO,EAAE,CAAC;CACX,CAAC;AAEF,0CAA0C;AAC1C,MAAM,CAAC,MAAM,2BAA2B,GAAG,EAAE,CAAC"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/certification/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AA0QH,4BAA4B;AAC5B,MAAM,CAAC,MAAM,aAAa,GAA8B;IACtD,QAAQ,EAAE,IAAI;IACd,WAAW,EAAE,IAAI;IACjB,UAAU,EAAE,IAAI;IAChB,WAAW,EAAE,IAAI;IACjB,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,IAAI;IACb,kEAAkE;IAClE,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,IAAI;IACrB,iBAAiB,EAAE,IAAI;IACvB,sCAAsC;IACtC,SAAS,EAAE,IAAI;CAChB,CAAC;AAEF,iCAAiC;AACjC,MAAM,CAAC,MAAM,kBAAkB,GAA6B;IAC1D,QAAQ,EAAE,EAAE;IACZ,IAAI,EAAE,EAAE;IACR,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,2BAA2B;AAC3B,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,SAAS,EAAE,EAAE;IACb,QAAQ,EAAE,EAAE;IACZ,eAAe,EAAE,EAAE;IACnB,OAAO,EAAE,CAAC;CACX,CAAC;AAEF,0CAA0C;AAC1C,MAAM,CAAC,MAAM,2BAA2B,GAAG,EAAE,CAAC"}

package/dist/commands/certification/certify.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"certify.d.ts","sourceRoot":"","sources":["../../../src/commands/certification/certify.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,eAAO,MAAM,OAAO,EAAE,gBA0GrB,CAAC"}
+{"version":3,"file":"certify.d.ts","sourceRoot":"","sources":["../../../src/commands/certification/certify.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,eAAO,MAAM,OAAO,EAAE,gBAwHrB,CAAC"}

package/dist/commands/certification/certify.js

@@ -31,7 +31,14 @@ Each agent scans the codebase and outputs findings. There are two modes:
 
 **Option B: JSON Output (if running as subagents via Task tool)**
 Since subagents don't have MCP tool access, they output findings as JSON.
-After ALL agents complete, YOU (the main orchestrator) must:
+After ALL agents complete, YOU (the main orchestrator) must submit findings using ONE of these methods:
+
+**Method 1: Batch Submit (Recommended)**
+- Call agent_batch_submit for each agent's output
+- Pass the findings array and summary directly
+- This handles all submissions in one call per agent
+
+**Method 2: Individual Submit**
 1. Parse the JSON output from each subagent's response
 2. Call agent_submit_finding for EACH finding from each agent
 3. Call agent_complete for each agent's summary
@@ -40,12 +47,19 @@ The JSON format each agent outputs:
 \`\`\`json
 {
   "agent": "security",
-  "findings": [...],
-  "summary": {...}
+  "findings": [
+    { "id": "sec-001", "severity": "high", "category": "...", "description": "...", "evidence": "...", "confidence": 85 }
+  ],
+  "summary": {
+    "total_findings": 5,
+    "by_severity": { "critical": 0, "high": 2, "medium": 2, "low": 1, "info": 0 },
+    "confidence_score": 85,
+    "coverage_areas": ["auth", "input-validation"]
+  }
 }
 \`\`\`
 
-Submit each finding and summary via MCP tools before proceeding to Phase 3
+Submit findings via agent_batch_submit or individual tools before proceeding to Phase 3
 
 ### Phase 3: Cross-Verification
 After all 5 agents complete, critical findings must be cross-verified:

package/dist/commands/certification/certify.js.map

@@ -1 +1 @@
-{"version":3,"file":"certify.js","sourceRoot":"","sources":["../../../src/commands/certification/certify.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,OAAO,GAAqB;IACvC,IAAI,EAAE,SAAS;IACf,WAAW,EAAE,qFAAqF;IAClG,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;2FAsGgF;CAC1F,CAAC"}
+{"version":3,"file":"certify.js","sourceRoot":"","sources":["../../../src/commands/certification/certify.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,OAAO,GAAqB;IACvC,IAAI,EAAE,SAAS;IACf,WAAW,EAAE,qFAAqF;IAClG,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;2FAoHgF;CAC1F,CAAC"}

package/dist/compliance/attestation.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Framework Attestation Content
+ *
+ * Framework-specific attestation text for audit-defensible compliance reports.
+ * Each framework has methodology, scope limitations, and auditor notes.
+ *
+ * @module compliance/attestation
+ */
+import type { ComplianceFramework } from "./types.js";
+/**
+ * Attestation content for a compliance framework
+ */
+export interface FrameworkAttestation {
+    /** Full name of the framework */
+    fullName: string;
+    /** Steps in the assessment methodology */
+    methodology: string[];
+    /** What this assessment does NOT replace */
+    scopeLimitations: string[];
+    /** Note about formal audits */
+    auditorNote: string;
+}
+/**
+ * Attestation content for each compliance framework
+ */
+export declare const FRAMEWORK_ATTESTATIONS: Record<ComplianceFramework, FrameworkAttestation>;
+/**
+ * Get attestation content for a framework
+ */
+export declare function getFrameworkAttestation(framework: ComplianceFramework): FrameworkAttestation;
+/**
+ * Format attestation section as markdown
+ */
+export declare function formatAttestationAsMarkdown(framework: ComplianceFramework): string;
+/**
+ * Format attestation for multi-framework report
+ */
+export declare function formatMultiFrameworkAttestationAsMarkdown(frameworks: ComplianceFramework[]): string;
+//# sourceMappingURL=attestation.d.ts.map

package/dist/compliance/attestation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"attestation.d.ts","sourceRoot":"","sources":["../../src/compliance/attestation.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAEtD;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,0CAA0C;IAC1C,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,4CAA4C;IAC5C,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,+BAA+B;IAC/B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,eAAO,MAAM,sBAAsB,EAAE,MAAM,CAAC,mBAAmB,EAAE,oBAAoB,CA4RpF,CAAC;AAEF;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,mBAAmB,GAAG,oBAAoB,CAE5F;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,SAAS,EAAE,mBAAmB,GAAG,MAAM,CA8BlF;AAED;;GAEG;AACH,wBAAgB,yCAAyC,CAAC,UAAU,EAAE,mBAAmB,EAAE,GAAG,MAAM,CA6CnG"}