visus-mcp 0.6.2 → 0.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/settings.local.json +15 -1
- package/.env.status +7 -0
- package/CHANGELOG.md +110 -0
- package/CLAUDE.md +3 -0
- package/README.md +29 -19
- package/SECURITY.md +2 -0
- package/STATUS.md +320 -12
- package/dist/browser/playwright-renderer.d.ts.map +1 -1
- package/dist/browser/playwright-renderer.js +27 -5
- package/dist/browser/playwright-renderer.js.map +1 -1
- package/dist/content-handlers/index.d.ts +36 -0
- package/dist/content-handlers/index.d.ts.map +1 -0
- package/dist/content-handlers/index.js +59 -0
- package/dist/content-handlers/index.js.map +1 -0
- package/dist/content-handlers/json-handler.d.ts +28 -0
- package/dist/content-handlers/json-handler.d.ts.map +1 -0
- package/dist/content-handlers/json-handler.js +116 -0
- package/dist/content-handlers/json-handler.js.map +1 -0
- package/dist/content-handlers/pdf-handler.d.ts +29 -0
- package/dist/content-handlers/pdf-handler.d.ts.map +1 -0
- package/dist/content-handlers/pdf-handler.js +77 -0
- package/dist/content-handlers/pdf-handler.js.map +1 -0
- package/dist/content-handlers/svg-handler.d.ts +35 -0
- package/dist/content-handlers/svg-handler.d.ts.map +1 -0
- package/dist/content-handlers/svg-handler.js +206 -0
- package/dist/content-handlers/svg-handler.js.map +1 -0
- package/dist/content-handlers/types.d.ts +42 -0
- package/dist/content-handlers/types.d.ts.map +1 -0
- package/dist/content-handlers/types.js +7 -0
- package/dist/content-handlers/types.js.map +1 -0
- package/dist/sanitizer/framework-mapper.d.ts +4 -0
- package/dist/sanitizer/framework-mapper.d.ts.map +1 -1
- package/dist/sanitizer/framework-mapper.js +92 -0
- package/dist/sanitizer/framework-mapper.js.map +1 -1
- package/dist/sanitizer/threat-reporter.d.ts +5 -0
- package/dist/sanitizer/threat-reporter.d.ts.map +1 -1
- package/dist/sanitizer/threat-reporter.js +15 -6
- package/dist/sanitizer/threat-reporter.js.map +1 -1
- package/dist/tools/fetch-structured.d.ts.map +1 -1
- package/dist/tools/fetch-structured.js +4 -0
- package/dist/tools/fetch-structured.js.map +1 -1
- package/dist/tools/fetch.d.ts.map +1 -1
- package/dist/tools/fetch.js +68 -4
- package/dist/tools/fetch.js.map +1 -1
- package/dist/tools/read.d.ts.map +1 -1
- package/dist/tools/read.js +4 -0
- package/dist/tools/read.js.map +1 -1
- package/dist/types.d.ts +9 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +2 -1
- package/server.json +25 -14
- package/src/browser/playwright-renderer.ts +29 -6
- package/src/content-handlers/index.ts +72 -0
- package/src/content-handlers/json-handler.ts +137 -0
- package/src/content-handlers/pdf-handler.ts +91 -0
- package/src/content-handlers/svg-handler.ts +243 -0
- package/src/content-handlers/types.ts +44 -0
- package/src/sanitizer/framework-mapper.ts +94 -0
- package/src/sanitizer/threat-reporter.ts +17 -6
- package/src/tools/fetch-structured.ts +5 -0
- package/src/tools/fetch.ts +76 -4
- package/src/tools/read.ts +5 -0
- package/src/types.ts +9 -1
- package/.github/ISSUE_TEMPLATE/bug_report.md +0 -47
- package/.github/ISSUE_TEMPLATE/false_positive.md +0 -43
- package/.github/ISSUE_TEMPLATE/new_pattern.md +0 -49
- package/.github/ISSUE_TEMPLATE/security_report.md +0 -31
- package/.github/PULL_REQUEST_TEMPLATE.md +0 -39
- package/.mcpregistry_github_token +0 -1
- package/.mcpregistry_registry_token +0 -1
- package/CONTRIBUTING.md +0 -329
- package/LINKEDIN-STRATEGY.md +0 -367
- package/ROADMAP.md +0 -221
- package/SECURITY-AUDIT-v1.md +0 -277
- package/SUBMISSION.md +0 -66
- package/TROUBLESHOOT-AUTH-20260322-2019.md +0 -291
- package/TROUBLESHOOT-BUILD-20260319-1450.md +0 -546
- package/TROUBLESHOOT-COGNITO-AUTH-20260324-2029.md +0 -415
- package/TROUBLESHOOT-COGNITO-JWT-20260324.md +0 -592
- package/TROUBLESHOOT-FETCH-20260320-1150.md +0 -168
- package/TROUBLESHOOT-JEST-20260323-1357.md +0 -139
- package/TROUBLESHOOT-LAMBDA-20260322-1945.md +0 -183
- package/TROUBLESHOOT-PLAYWRIGHT-20260321-1549.md +0 -217
- package/TROUBLESHOOT-SSL-20260320-1138.md +0 -171
- package/TROUBLESHOOT-STRUCTURED-20260320-1200.md +0 -246
- package/TROUBLESHOOT-TEST-20260320-0942.md +0 -281
- package/VISUS-CLAUDE-CODE-PROMPT.md +0 -324
- package/VISUS-PROJECT-PLAN.md +0 -205
- package/cdk.json +0 -73
- package/infrastructure/app.ts +0 -39
- package/infrastructure/stack.ts +0 -298
- package/jest.config.js +0 -33
- package/jest.setup.js +0 -9
- package/lambda-deploy/index.js +0 -81512
- package/lambda-deploy/index.js.map +0 -7
- package/lambda-package/browser/__mocks__/playwright-renderer.d.ts +0 -25
- package/lambda-package/browser/__mocks__/playwright-renderer.d.ts.map +0 -1
- package/lambda-package/browser/__mocks__/playwright-renderer.js +0 -119
- package/lambda-package/browser/__mocks__/playwright-renderer.js.map +0 -1
- package/lambda-package/browser/playwright-renderer.d.ts +0 -40
- package/lambda-package/browser/playwright-renderer.d.ts.map +0 -1
- package/lambda-package/browser/playwright-renderer.js +0 -214
- package/lambda-package/browser/playwright-renderer.js.map +0 -1
- package/lambda-package/browser/reader.d.ts +0 -31
- package/lambda-package/browser/reader.d.ts.map +0 -1
- package/lambda-package/browser/reader.js +0 -98
- package/lambda-package/browser/reader.js.map +0 -1
- package/lambda-package/index.d.ts +0 -18
- package/lambda-package/index.d.ts.map +0 -1
- package/lambda-package/index.js +0 -238
- package/lambda-package/index.js.map +0 -1
- package/lambda-package/lambda-handler.d.ts +0 -28
- package/lambda-package/lambda-handler.d.ts.map +0 -1
- package/lambda-package/lambda-handler.js +0 -257
- package/lambda-package/lambda-handler.js.map +0 -1
- package/lambda-package/package-lock.json +0 -7435
- package/lambda-package/package.json +0 -74
- package/lambda-package/runtime.d.ts +0 -50
- package/lambda-package/runtime.d.ts.map +0 -1
- package/lambda-package/runtime.js +0 -86
- package/lambda-package/runtime.js.map +0 -1
- package/lambda-package/sanitizer/elicit-runner.d.ts +0 -48
- package/lambda-package/sanitizer/elicit-runner.d.ts.map +0 -1
- package/lambda-package/sanitizer/elicit-runner.js +0 -100
- package/lambda-package/sanitizer/elicit-runner.js.map +0 -1
- package/lambda-package/sanitizer/framework-mapper.d.ts +0 -24
- package/lambda-package/sanitizer/framework-mapper.d.ts.map +0 -1
- package/lambda-package/sanitizer/framework-mapper.js +0 -342
- package/lambda-package/sanitizer/framework-mapper.js.map +0 -1
- package/lambda-package/sanitizer/hitl-gate.d.ts +0 -69
- package/lambda-package/sanitizer/hitl-gate.d.ts.map +0 -1
- package/lambda-package/sanitizer/hitl-gate.js +0 -101
- package/lambda-package/sanitizer/hitl-gate.js.map +0 -1
- package/lambda-package/sanitizer/index.d.ts +0 -63
- package/lambda-package/sanitizer/index.d.ts.map +0 -1
- package/lambda-package/sanitizer/index.js +0 -105
- package/lambda-package/sanitizer/index.js.map +0 -1
- package/lambda-package/sanitizer/injection-detector.d.ts +0 -34
- package/lambda-package/sanitizer/injection-detector.d.ts.map +0 -1
- package/lambda-package/sanitizer/injection-detector.js +0 -89
- package/lambda-package/sanitizer/injection-detector.js.map +0 -1
- package/lambda-package/sanitizer/patterns.d.ts +0 -30
- package/lambda-package/sanitizer/patterns.d.ts.map +0 -1
- package/lambda-package/sanitizer/patterns.js +0 -372
- package/lambda-package/sanitizer/patterns.js.map +0 -1
- package/lambda-package/sanitizer/pii-allowlist.d.ts +0 -49
- package/lambda-package/sanitizer/pii-allowlist.d.ts.map +0 -1
- package/lambda-package/sanitizer/pii-allowlist.js +0 -231
- package/lambda-package/sanitizer/pii-allowlist.js.map +0 -1
- package/lambda-package/sanitizer/pii-redactor.d.ts +0 -41
- package/lambda-package/sanitizer/pii-redactor.d.ts.map +0 -1
- package/lambda-package/sanitizer/pii-redactor.js +0 -213
- package/lambda-package/sanitizer/pii-redactor.js.map +0 -1
- package/lambda-package/sanitizer/severity-classifier.d.ts +0 -33
- package/lambda-package/sanitizer/severity-classifier.d.ts.map +0 -1
- package/lambda-package/sanitizer/severity-classifier.js +0 -113
- package/lambda-package/sanitizer/severity-classifier.js.map +0 -1
- package/lambda-package/sanitizer/threat-reporter.d.ts +0 -66
- package/lambda-package/sanitizer/threat-reporter.d.ts.map +0 -1
- package/lambda-package/sanitizer/threat-reporter.js +0 -163
- package/lambda-package/sanitizer/threat-reporter.js.map +0 -1
- package/lambda-package/tools/fetch-structured.d.ts +0 -51
- package/lambda-package/tools/fetch-structured.d.ts.map +0 -1
- package/lambda-package/tools/fetch-structured.js +0 -237
- package/lambda-package/tools/fetch-structured.js.map +0 -1
- package/lambda-package/tools/fetch.d.ts +0 -49
- package/lambda-package/tools/fetch.d.ts.map +0 -1
- package/lambda-package/tools/fetch.js +0 -131
- package/lambda-package/tools/fetch.js.map +0 -1
- package/lambda-package/tools/read.d.ts +0 -51
- package/lambda-package/tools/read.d.ts.map +0 -1
- package/lambda-package/tools/read.js +0 -127
- package/lambda-package/tools/read.js.map +0 -1
- package/lambda-package/tools/search.d.ts +0 -45
- package/lambda-package/tools/search.d.ts.map +0 -1
- package/lambda-package/tools/search.js +0 -220
- package/lambda-package/tools/search.js.map +0 -1
- package/lambda-package/types.d.ts +0 -167
- package/lambda-package/types.d.ts.map +0 -1
- package/lambda-package/types.js +0 -16
- package/lambda-package/types.js.map +0 -1
- package/lambda-package/utils/format-converter.d.ts +0 -39
- package/lambda-package/utils/format-converter.d.ts.map +0 -1
- package/lambda-package/utils/format-converter.js +0 -191
- package/lambda-package/utils/format-converter.js.map +0 -1
- package/lambda-package/utils/truncate.d.ts +0 -26
- package/lambda-package/utils/truncate.d.ts.map +0 -1
- package/lambda-package/utils/truncate.js +0 -54
- package/lambda-package/utils/truncate.js.map +0 -1
- package/lambda.zip +0 -0
- package/test-output.txt +0 -4
- package/tests/auth-smoke.test.ts +0 -480
- package/tests/elicit-runner.test.ts +0 -232
- package/tests/fetch-tool.test.ts +0 -922
- package/tests/hitl-gate.test.ts +0 -267
- package/tests/injection-corpus.ts +0 -338
- package/tests/pii-allowlist.test.ts +0 -282
- package/tests/reader.test.ts +0 -353
- package/tests/sanitizer.test.ts +0 -358
- package/tests/search.test.ts +0 -456
- package/tests/threat-reporter.test.ts +0 -334
- package/tsconfig.cdk.json +0 -35
|
@@ -1,105 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Sanitizer Orchestrator
|
|
3
|
-
*
|
|
4
|
-
* Main entry point for content sanitization. Coordinates injection detection
|
|
5
|
-
* and PII redaction pipelines.
|
|
6
|
-
*
|
|
7
|
-
* CRITICAL: This is the core security mechanism. Every web page MUST pass
|
|
8
|
-
* through this sanitizer before reaching the LLM. This cannot be bypassed.
|
|
9
|
-
*/
|
|
10
|
-
import { detectAndNeutralize, getSeverityScore, hasCriticalThreats } from './injection-detector.js';
|
|
11
|
-
import { redactPII } from './pii-redactor.js';
|
|
12
|
-
import { generateThreatReport } from './threat-reporter.js';
|
|
13
|
-
/**
|
|
14
|
-
* Sanitize content through the full pipeline
|
|
15
|
-
*
|
|
16
|
-
* Pipeline:
|
|
17
|
-
* 1. Injection detection and neutralization (43 patterns)
|
|
18
|
-
* 2. PII redaction (email, phone, SSN, CC, IP) with allowlisting
|
|
19
|
-
* 3. Metadata collection and logging
|
|
20
|
-
*
|
|
21
|
-
* @param content Raw content from web page
|
|
22
|
-
* @param sourceUrl Optional source URL for domain-scoped PII allowlisting
|
|
23
|
-
* @returns Sanitized content with detection metadata
|
|
24
|
-
*/
|
|
25
|
-
export function sanitize(content, sourceUrl) {
|
|
26
|
-
const originalLength = content.length;
|
|
27
|
-
// Step 1: Detect and neutralize injection patterns
|
|
28
|
-
const injectionResult = detectAndNeutralize(content);
|
|
29
|
-
// Step 2: Redact PII from the already-sanitized content (with allowlisting)
|
|
30
|
-
const piiResult = redactPII(injectionResult.content, sourceUrl);
|
|
31
|
-
// Step 3: Combine results
|
|
32
|
-
const finalContent = piiResult.content;
|
|
33
|
-
const contentModified = injectionResult.content_modified || piiResult.content_modified;
|
|
34
|
-
const severityScore = getSeverityScore(injectionResult.metadata.detections_by_severity);
|
|
35
|
-
const criticalThreats = hasCriticalThreats(injectionResult.metadata.detections_by_severity);
|
|
36
|
-
// Log to stderr for monitoring (not stdout - MCP protocol)
|
|
37
|
-
logSanitization({
|
|
38
|
-
patterns_detected: injectionResult.patterns_detected,
|
|
39
|
-
pii_types_redacted: piiResult.pii_types_redacted,
|
|
40
|
-
pii_allowlisted: piiResult.pii_allowlisted,
|
|
41
|
-
severity_score: severityScore,
|
|
42
|
-
has_critical_threats: criticalThreats,
|
|
43
|
-
content_modified: contentModified
|
|
44
|
-
});
|
|
45
|
-
// Step 4: Generate threat report (only if findings exist)
|
|
46
|
-
const threatReport = generateThreatReport({
|
|
47
|
-
patterns_detected: injectionResult.patterns_detected,
|
|
48
|
-
pii_redacted: piiResult.pii_types_redacted.length,
|
|
49
|
-
source_url: sourceUrl || 'unknown',
|
|
50
|
-
detections_by_severity: injectionResult.metadata.detections_by_severity
|
|
51
|
-
});
|
|
52
|
-
const result = {
|
|
53
|
-
content: finalContent,
|
|
54
|
-
sanitization: {
|
|
55
|
-
patterns_detected: injectionResult.patterns_detected,
|
|
56
|
-
pii_types_redacted: piiResult.pii_types_redacted,
|
|
57
|
-
pii_allowlisted: piiResult.pii_allowlisted,
|
|
58
|
-
content_modified: contentModified
|
|
59
|
-
},
|
|
60
|
-
metadata: {
|
|
61
|
-
original_length: originalLength,
|
|
62
|
-
sanitized_length: finalContent.length,
|
|
63
|
-
severity_score: severityScore,
|
|
64
|
-
has_critical_threats: criticalThreats,
|
|
65
|
-
detections_by_severity: injectionResult.metadata.detections_by_severity
|
|
66
|
-
}
|
|
67
|
-
};
|
|
68
|
-
// Include threat_report only if findings exist
|
|
69
|
-
if (threatReport) {
|
|
70
|
-
result.threat_report = threatReport;
|
|
71
|
-
}
|
|
72
|
-
return result;
|
|
73
|
-
}
|
|
74
|
-
/**
|
|
75
|
-
* Log sanitization events to stderr for monitoring
|
|
76
|
-
* (structured JSON logging per Lateos conventions)
|
|
77
|
-
*/
|
|
78
|
-
function logSanitization(event) {
|
|
79
|
-
const logEntry = {
|
|
80
|
-
timestamp: new Date().toISOString(),
|
|
81
|
-
event: 'sanitization',
|
|
82
|
-
...event
|
|
83
|
-
};
|
|
84
|
-
// Only log if there were detections (reduce noise)
|
|
85
|
-
if (event.content_modified || event.pii_allowlisted.length > 0) {
|
|
86
|
-
console.error(JSON.stringify(logEntry));
|
|
87
|
-
}
|
|
88
|
-
}
|
|
89
|
-
/**
|
|
90
|
-
* Quick check: does content need sanitization?
|
|
91
|
-
* (Used for optimization - skip pipeline if content is clean)
|
|
92
|
-
*
|
|
93
|
-
* Note: Still run full pipeline for safety, but this can be used for metrics
|
|
94
|
-
*/
|
|
95
|
-
export function needsSanitization(_content) {
|
|
96
|
-
// Always sanitize - this is just a helper for metrics
|
|
97
|
-
return true;
|
|
98
|
-
}
|
|
99
|
-
/**
|
|
100
|
-
* Export sub-components for testing
|
|
101
|
-
*/
|
|
102
|
-
export { detectAndNeutralize } from './injection-detector.js';
|
|
103
|
-
export { redactPII, containsPII, detectPIITypes } from './pii-redactor.js';
|
|
104
|
-
export { INJECTION_PATTERNS, getAllPatternNames } from './patterns.js';
|
|
105
|
-
//# sourceMappingURL=index.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/sanitizer/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AACpG,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,oBAAoB,EAAqB,MAAM,sBAAsB,CAAC;AAyB/E;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,QAAQ,CAAC,OAAe,EAAE,SAAkB;IAC1D,MAAM,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC;IAEtC,mDAAmD;IACnD,MAAM,eAAe,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAErD,4EAA4E;IAC5E,MAAM,SAAS,GAAG,SAAS,CAAC,eAAe,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAEhE,0BAA0B;IAC1B,MAAM,YAAY,GAAG,SAAS,CAAC,OAAO,CAAC;IACvC,MAAM,eAAe,GAAG,eAAe,CAAC,gBAAgB,IAAI,SAAS,CAAC,gBAAgB,CAAC;IAEvF,MAAM,aAAa,GAAG,gBAAgB,CAAC,eAAe,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;IACxF,MAAM,eAAe,GAAG,kBAAkB,CAAC,eAAe,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;IAE5F,2DAA2D;IAC3D,eAAe,CAAC;QACd,iBAAiB,EAAE,eAAe,CAAC,iBAAiB;QACpD,kBAAkB,EAAE,SAAS,CAAC,kBAAkB;QAChD,eAAe,EAAE,SAAS,CAAC,eAAe;QAC1C,cAAc,EAAE,aAAa;QAC7B,oBAAoB,EAAE,eAAe;QACrC,gBAAgB,EAAE,eAAe;KAClC,CAAC,CAAC;IAEH,0DAA0D;IAC1D,MAAM,YAAY,GAAG,oBAAoB,CAAC;QACxC,iBAAiB,EAAE,eAAe,CAAC,iBAAiB;QACpD,YAAY,EAAE,SAAS,CAAC,kBAAkB,CAAC,MAAM;QACjD,UAAU,EAAE,SAAS,IAAI,SAAS;QAClC,sBAAsB,EAAE,eAAe,CAAC,QAAQ,CAAC,sBAAsB;KACxE,CAAC,CAAC;IAEH,MAAM,MAAM,GAAuB;QACjC,OAAO,EAAE,YAAY;QACrB,YAAY,EAAE;YACZ,iBAAiB,EAAE,eAAe,CAAC,iBAAiB;YACpD,kBAAkB,EAAE,SAAS,CAAC,kBAAkB;YAChD,eAAe,EAAE,SAAS,CAAC,eAAe;YAC1C,gBAAgB,EAAE,eAAe;SAClC;QACD,QAAQ,EAAE;YACR,eAAe,EAAE,cAAc;YAC/B,gBAAgB,EAAE,YAAY,CAAC,MAAM;YACrC,cAAc,EAAE,aAAa;YAC7B,oBAAoB,EAAE,eAAe;YACrC,sBAAsB,EAAE,eAAe,CAAC,QAAQ,CAAC,sBAAsB;SACxE;KACF,CAAC;IAEF,+CAA+C;IAC/C,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,CAAC,aAAa,GAAG,YAAY,CAAC;IACtC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CAAC,KAOxB;IACC,MAAM,QAAQ,GAAG;QACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,KAAK,EAAE,cAAc;QACrB,GAAG,KAAK;KACT,CAAC;IAEF,mDAAmD;IACnD,IAAI,KAAK,CAAC,gBAAgB,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/D,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC1C,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,QAAgB;IAChD,sDAAsD;IACtD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAC3E,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC"}
|
|
@@ -1,34 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Injection Detection Engine
|
|
3
|
-
*
|
|
4
|
-
* Scans content against all 43 injection patterns and neutralizes threats
|
|
5
|
-
* based on pattern action directives (strip, redact, escape).
|
|
6
|
-
*/
|
|
7
|
-
export interface DetectionResult {
|
|
8
|
-
content: string;
|
|
9
|
-
patterns_detected: string[];
|
|
10
|
-
content_modified: boolean;
|
|
11
|
-
metadata: {
|
|
12
|
-
original_length: number;
|
|
13
|
-
sanitized_length: number;
|
|
14
|
-
detections_by_severity: {
|
|
15
|
-
critical: number;
|
|
16
|
-
high: number;
|
|
17
|
-
medium: number;
|
|
18
|
-
low: number;
|
|
19
|
-
};
|
|
20
|
-
};
|
|
21
|
-
}
|
|
22
|
-
/**
|
|
23
|
-
* Detect and neutralize injection patterns in content
|
|
24
|
-
*/
|
|
25
|
-
export declare function detectAndNeutralize(content: string): DetectionResult;
|
|
26
|
-
/**
|
|
27
|
-
* Get severity score for logging/monitoring
|
|
28
|
-
*/
|
|
29
|
-
export declare function getSeverityScore(detectionsBySeverity: DetectionResult['metadata']['detections_by_severity']): number;
|
|
30
|
-
/**
|
|
31
|
-
* Check if content has critical threats
|
|
32
|
-
*/
|
|
33
|
-
export declare function hasCriticalThreats(detectionsBySeverity: DetectionResult['metadata']['detections_by_severity']): boolean;
|
|
34
|
-
//# sourceMappingURL=injection-detector.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"injection-detector.d.ts","sourceRoot":"","sources":["../../src/sanitizer/injection-detector.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,QAAQ,EAAE;QACR,eAAe,EAAE,MAAM,CAAC;QACxB,gBAAgB,EAAE,MAAM,CAAC;QACzB,sBAAsB,EAAE;YACtB,QAAQ,EAAE,MAAM,CAAC;YACjB,IAAI,EAAE,MAAM,CAAC;YACb,MAAM,EAAE,MAAM,CAAC;YACf,GAAG,EAAE,MAAM,CAAC;SACb,CAAC;KACH,CAAC;CACH;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,CAmCpE;AAwCD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,oBAAoB,EAAE,eAAe,CAAC,UAAU,CAAC,CAAC,wBAAwB,CAAC,GAAG,MAAM,CAOpH;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,oBAAoB,EAAE,eAAe,CAAC,UAAU,CAAC,CAAC,wBAAwB,CAAC,GAAG,OAAO,CAEvH"}
|
|
@@ -1,89 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Injection Detection Engine
|
|
3
|
-
*
|
|
4
|
-
* Scans content against all 43 injection patterns and neutralizes threats
|
|
5
|
-
* based on pattern action directives (strip, redact, escape).
|
|
6
|
-
*/
|
|
7
|
-
import { INJECTION_PATTERNS } from './patterns.js';
|
|
8
|
-
/**
|
|
9
|
-
* Detect and neutralize injection patterns in content
|
|
10
|
-
*/
|
|
11
|
-
export function detectAndNeutralize(content) {
|
|
12
|
-
const originalLength = content.length;
|
|
13
|
-
const patternsDetected = new Set();
|
|
14
|
-
const detectionsBySeverity = {
|
|
15
|
-
critical: 0,
|
|
16
|
-
high: 0,
|
|
17
|
-
medium: 0,
|
|
18
|
-
low: 0
|
|
19
|
-
};
|
|
20
|
-
let sanitizedContent = content;
|
|
21
|
-
// Apply each pattern
|
|
22
|
-
for (const pattern of INJECTION_PATTERNS) {
|
|
23
|
-
const matches = sanitizedContent.match(pattern.regex);
|
|
24
|
-
if (matches && matches.length > 0) {
|
|
25
|
-
patternsDetected.add(pattern.name);
|
|
26
|
-
detectionsBySeverity[pattern.severity] += matches.length;
|
|
27
|
-
// Apply action
|
|
28
|
-
sanitizedContent = applyAction(sanitizedContent, pattern);
|
|
29
|
-
}
|
|
30
|
-
}
|
|
31
|
-
return {
|
|
32
|
-
content: sanitizedContent,
|
|
33
|
-
patterns_detected: Array.from(patternsDetected),
|
|
34
|
-
content_modified: sanitizedContent !== content,
|
|
35
|
-
metadata: {
|
|
36
|
-
original_length: originalLength,
|
|
37
|
-
sanitized_length: sanitizedContent.length,
|
|
38
|
-
detections_by_severity: detectionsBySeverity
|
|
39
|
-
}
|
|
40
|
-
};
|
|
41
|
-
}
|
|
42
|
-
/**
|
|
43
|
-
* Apply the appropriate action for a pattern match
|
|
44
|
-
*/
|
|
45
|
-
function applyAction(content, pattern) {
|
|
46
|
-
switch (pattern.action) {
|
|
47
|
-
case 'strip':
|
|
48
|
-
// Remove matched content entirely
|
|
49
|
-
return content.replace(pattern.regex, '');
|
|
50
|
-
case 'redact':
|
|
51
|
-
// Replace with redaction marker
|
|
52
|
-
return content.replace(pattern.regex, `[REDACTED:${pattern.name.toUpperCase()}]`);
|
|
53
|
-
case 'escape':
|
|
54
|
-
// HTML escape matched content
|
|
55
|
-
return content.replace(pattern.regex, (match) => escapeHtml(match));
|
|
56
|
-
default:
|
|
57
|
-
return content;
|
|
58
|
-
}
|
|
59
|
-
}
|
|
60
|
-
/**
|
|
61
|
-
* HTML escape special characters
|
|
62
|
-
*/
|
|
63
|
-
function escapeHtml(text) {
|
|
64
|
-
const htmlEntities = {
|
|
65
|
-
'&': '&',
|
|
66
|
-
'<': '<',
|
|
67
|
-
'>': '>',
|
|
68
|
-
'"': '"',
|
|
69
|
-
"'": ''',
|
|
70
|
-
'/': '/'
|
|
71
|
-
};
|
|
72
|
-
return text.replace(/[&<>"'/]/g, (char) => htmlEntities[char] || char);
|
|
73
|
-
}
|
|
74
|
-
/**
|
|
75
|
-
* Get severity score for logging/monitoring
|
|
76
|
-
*/
|
|
77
|
-
export function getSeverityScore(detectionsBySeverity) {
|
|
78
|
-
return (detectionsBySeverity.critical * 100 +
|
|
79
|
-
detectionsBySeverity.high * 50 +
|
|
80
|
-
detectionsBySeverity.medium * 10 +
|
|
81
|
-
detectionsBySeverity.low * 1);
|
|
82
|
-
}
|
|
83
|
-
/**
|
|
84
|
-
* Check if content has critical threats
|
|
85
|
-
*/
|
|
86
|
-
export function hasCriticalThreats(detectionsBySeverity) {
|
|
87
|
-
return detectionsBySeverity.critical > 0;
|
|
88
|
-
}
|
|
89
|
-
//# sourceMappingURL=injection-detector.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"injection-detector.js","sourceRoot":"","sources":["../../src/sanitizer/injection-detector.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,kBAAkB,EAAyB,MAAM,eAAe,CAAC;AAkB1E;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,MAAM,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC;IACtC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC3C,MAAM,oBAAoB,GAAG;QAC3B,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;KACP,CAAC;IAEF,IAAI,gBAAgB,GAAG,OAAO,CAAC;IAE/B,qBAAqB;IACrB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAEtD,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACnC,oBAAoB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC;YAEzD,eAAe;YACf,gBAAgB,GAAG,WAAW,CAAC,gBAAgB,EAAE,OAAO,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,gBAAgB;QACzB,iBAAiB,EAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC;QAC/C,gBAAgB,EAAE,gBAAgB,KAAK,OAAO;QAC9C,QAAQ,EAAE;YACR,eAAe,EAAE,cAAc;YAC/B,gBAAgB,EAAE,gBAAgB,CAAC,MAAM;YACzC,sBAAsB,EAAE,oBAAoB;SAC7C;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,OAAe,EAAE,OAAyB;IAC7D,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;QACvB,KAAK,OAAO;YACV,kCAAkC;YAClC,OAAO,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAE5C,KAAK,QAAQ;YACX,gCAAgC;YAChC,OAAO,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,aAAa,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;QAEpF,KAAK,QAAQ;YACX,8BAA8B;YAC9B,OAAO,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;QAEtE;YACE,OAAO,OAAO,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,IAAY;IAC9B,MAAM,YAAY,GAA2B;QAC3C,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,QAAQ;KACd,CAAC;IAEF,OAAO,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC;AACzE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,oBAA2E;IAC1G,OAAO,CACL,oBAAoB,CAAC,QAAQ,GAAG,GAAG;QACnC,oBAAoB,CAAC,IAAI,GAAG,EAAE;QAC9B,oBAAoB,CAAC,MAAM,GAAG,EAAE;QAChC,oBAAoB,CAAC,GAAG,GAAG,CAAC,CAC7B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,oBAA2E;IAC5G,OAAO,oBAAoB,CAAC,QAAQ,GAAG,CAAC,CAAC;AAC3C,CAAC"}
|
|
@@ -1,30 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Lateos Injection Pattern Library
|
|
3
|
-
*
|
|
4
|
-
* 43 validated injection pattern categories for detecting and neutralizing
|
|
5
|
-
* prompt injection attacks in web content before it reaches the LLM.
|
|
6
|
-
*
|
|
7
|
-
* Each pattern includes:
|
|
8
|
-
* - name: Pattern identifier
|
|
9
|
-
* - description: What this pattern detects
|
|
10
|
-
* - regex: Detection pattern (case-insensitive by default)
|
|
11
|
-
* - severity: risk level (critical, high, medium, low)
|
|
12
|
-
* - action: how to handle matches (strip, redact, escape)
|
|
13
|
-
*/
|
|
14
|
-
export interface InjectionPattern {
|
|
15
|
-
name: string;
|
|
16
|
-
description: string;
|
|
17
|
-
regex: RegExp;
|
|
18
|
-
severity: 'critical' | 'high' | 'medium' | 'low';
|
|
19
|
-
action: 'strip' | 'redact' | 'escape';
|
|
20
|
-
}
|
|
21
|
-
export declare const INJECTION_PATTERNS: InjectionPattern[];
|
|
22
|
-
/**
|
|
23
|
-
* Get all pattern names for logging/testing
|
|
24
|
-
*/
|
|
25
|
-
export declare function getAllPatternNames(): string[];
|
|
26
|
-
/**
|
|
27
|
-
* Get patterns by severity level
|
|
28
|
-
*/
|
|
29
|
-
export declare function getPatternsBySeverity(severity: 'critical' | 'high' | 'medium' | 'low'): InjectionPattern[];
|
|
30
|
-
//# sourceMappingURL=patterns.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/sanitizer/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,MAAM,EAAE,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;CACvC;AAED,eAAO,MAAM,kBAAkB,EAAE,gBAAgB,EAmYhD,CAAC;AAEF;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,MAAM,EAAE,CAE7C;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,gBAAgB,EAAE,CAE1G"}
|
|
@@ -1,372 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Lateos Injection Pattern Library
|
|
3
|
-
*
|
|
4
|
-
* 43 validated injection pattern categories for detecting and neutralizing
|
|
5
|
-
* prompt injection attacks in web content before it reaches the LLM.
|
|
6
|
-
*
|
|
7
|
-
* Each pattern includes:
|
|
8
|
-
* - name: Pattern identifier
|
|
9
|
-
* - description: What this pattern detects
|
|
10
|
-
* - regex: Detection pattern (case-insensitive by default)
|
|
11
|
-
* - severity: risk level (critical, high, medium, low)
|
|
12
|
-
* - action: how to handle matches (strip, redact, escape)
|
|
13
|
-
*/
|
|
14
|
-
export const INJECTION_PATTERNS = [
|
|
15
|
-
// 1. Comment injection (must come before direct_instruction_injection to avoid false positives)
|
|
16
|
-
{
|
|
17
|
-
name: 'comment_injection',
|
|
18
|
-
description: 'Instructions hidden in HTML/JS/SQL comments',
|
|
19
|
-
regex: /<!--[\s\S]*?(ignore|admin|system|instruction|bypass|override)[\s\S]*?-->|\/\*[\s\S]*?(ignore|admin|system|instruction)[\s\S]*?\*\/|\/\/\s*(ignore|admin|system)\b|--\s*(ignore|bypass)\b|#\s*(ignore|admin|override)\b/gi,
|
|
20
|
-
severity: 'medium',
|
|
21
|
-
action: 'strip'
|
|
22
|
-
},
|
|
23
|
-
// 2. Direct instruction injection
|
|
24
|
-
{
|
|
25
|
-
name: 'direct_instruction_injection',
|
|
26
|
-
description: 'Attempts to override or ignore previous instructions',
|
|
27
|
-
regex: /\b(ignore|disregard|forget|override|replace|substitute)\s+(all\s+)?(previous|prior|above|earlier|your)\s+(instructions?|prompts?|commands?|directions?|rules?)\b/gi,
|
|
28
|
-
severity: 'critical',
|
|
29
|
-
action: 'redact'
|
|
30
|
-
},
|
|
31
|
-
// 3. Role hijacking
|
|
32
|
-
{
|
|
33
|
-
name: 'role_hijacking',
|
|
34
|
-
description: 'Attempts to change AI persona or role',
|
|
35
|
-
regex: /\b(you\s+are\s+now|your\s+new\s+(role|persona|identity)\s+is|act\s+as|pretend\s+(you\s+are|to\s+be)|roleplay\s+as)\b/gi,
|
|
36
|
-
severity: 'critical',
|
|
37
|
-
action: 'redact'
|
|
38
|
-
},
|
|
39
|
-
// 3. System prompt extraction
|
|
40
|
-
{
|
|
41
|
-
name: 'system_prompt_extraction',
|
|
42
|
-
description: 'Attempts to reveal system instructions',
|
|
43
|
-
regex: /\b(repeat|print|show|display|reveal|output|tell\s+me)\s+(your|the)\s+(system\s+)?(prompt|instructions?|rules|guidelines|directives|configuration)\b/gi,
|
|
44
|
-
severity: 'high',
|
|
45
|
-
action: 'redact'
|
|
46
|
-
},
|
|
47
|
-
// 4. Privilege escalation
|
|
48
|
-
{
|
|
49
|
-
name: 'privilege_escalation',
|
|
50
|
-
description: 'Attempts to gain elevated permissions',
|
|
51
|
-
regex: /\b(admin\s+mode|administrator\s+access|developer\s+(mode|override)|root\s+access|elevated\s+privileges?|emergency\s+protocol|debug\s+mode|sudo\s+mode)\b/gi,
|
|
52
|
-
severity: 'critical',
|
|
53
|
-
action: 'redact'
|
|
54
|
-
},
|
|
55
|
-
// 5. Context poisoning
|
|
56
|
-
{
|
|
57
|
-
name: 'context_poisoning',
|
|
58
|
-
description: 'Falsely claims prior agreement or context',
|
|
59
|
-
regex: /\b(the\s+user\s+(said|told|mentioned|confirmed)|as\s+(we\s+)?(discussed|agreed|confirmed)\s+(earlier|previously|before)|you\s+already\s+(said|agreed|confirmed)|continuing\s+from\s+(our|the)\s+previous)\b/gi,
|
|
60
|
-
severity: 'high',
|
|
61
|
-
action: 'redact'
|
|
62
|
-
},
|
|
63
|
-
// 6. Data exfiltration
|
|
64
|
-
{
|
|
65
|
-
name: 'data_exfiltration',
|
|
66
|
-
description: 'Attempts to send data to external endpoints',
|
|
67
|
-
regex: /\b(send|post|transmit|forward|email|upload)\s+(this|the|all|your)\s+(to|data|information)\b.*?\b(http|mailto|ftp):/gi,
|
|
68
|
-
severity: 'critical',
|
|
69
|
-
action: 'redact'
|
|
70
|
-
},
|
|
71
|
-
// 7. Encoding obfuscation - Base64
|
|
72
|
-
{
|
|
73
|
-
name: 'base64_obfuscation',
|
|
74
|
-
description: 'Base64-encoded instructions',
|
|
75
|
-
regex: /\b(decode|decipher|decrypt)\s+(this\s+)?(base64|b64)\b.*?[A-Za-z0-9+/]{20,}={0,2}/gi,
|
|
76
|
-
severity: 'high',
|
|
77
|
-
action: 'redact'
|
|
78
|
-
},
|
|
79
|
-
// 8. Unicode lookalike characters
|
|
80
|
-
{
|
|
81
|
-
name: 'unicode_lookalikes',
|
|
82
|
-
description: 'Uses visually similar Unicode characters',
|
|
83
|
-
regex: /[\u0430-\u044f\u0410-\u042f].*\b(ignore|admin|system)\b/gi, // Cyrillic mixed with English
|
|
84
|
-
severity: 'medium',
|
|
85
|
-
action: 'strip'
|
|
86
|
-
},
|
|
87
|
-
// 9. Zero-width characters
|
|
88
|
-
{
|
|
89
|
-
name: 'zero_width_characters',
|
|
90
|
-
description: 'Hidden zero-width Unicode characters',
|
|
91
|
-
regex: /[\u200B-\u200D\uFEFF]/g,
|
|
92
|
-
severity: 'high',
|
|
93
|
-
action: 'strip'
|
|
94
|
-
},
|
|
95
|
-
// 10. HTML script injection
|
|
96
|
-
{
|
|
97
|
-
name: 'html_script_injection',
|
|
98
|
-
description: 'HTML script tags or event handlers',
|
|
99
|
-
regex: /<script\b[^>]*>[\s\S]*?<\/script>|<iframe\b[^>]*>|on(click|load|error|mouse\w+)\s*=/gi,
|
|
100
|
-
severity: 'critical',
|
|
101
|
-
action: 'escape'
|
|
102
|
-
},
|
|
103
|
-
// 11. Data URI injection
|
|
104
|
-
{
|
|
105
|
-
name: 'data_uri_injection',
|
|
106
|
-
description: 'Data URIs that could contain instructions',
|
|
107
|
-
regex: /data:text\/(html|javascript)[;,]/gi,
|
|
108
|
-
severity: 'high',
|
|
109
|
-
action: 'redact'
|
|
110
|
-
},
|
|
111
|
-
// 12. Markdown link injection
|
|
112
|
-
{
|
|
113
|
-
name: 'markdown_link_injection',
|
|
114
|
-
description: 'Malicious markdown links',
|
|
115
|
-
regex: /\[.*?\]\s*\(\s*javascript:|!\[.*?\]\s*\(\s*data:/gi,
|
|
116
|
-
severity: 'high',
|
|
117
|
-
action: 'redact'
|
|
118
|
-
},
|
|
119
|
-
// 13. URL fragment attacks (HashJack)
|
|
120
|
-
{
|
|
121
|
-
name: 'url_fragment_hashjack',
|
|
122
|
-
description: 'Instructions hidden in URL fragments',
|
|
123
|
-
regex: /#(ignore|admin|system|prompt)[_\w]*\s+/gi,
|
|
124
|
-
severity: 'medium',
|
|
125
|
-
action: 'strip'
|
|
126
|
-
},
|
|
127
|
-
// 14. Social engineering urgency
|
|
128
|
-
{
|
|
129
|
-
name: 'social_engineering_urgency',
|
|
130
|
-
description: 'Urgency language to bypass caution',
|
|
131
|
-
regex: /\b(urgent|critical|emergency|immediately|asap|right\s+now|time\s+sensitive|must\s+act\s+now)\b.*\b(ignore|override|bypass)\b/gi,
|
|
132
|
-
severity: 'medium',
|
|
133
|
-
action: 'redact'
|
|
134
|
-
},
|
|
135
|
-
// 15. Instruction delimiter injection
|
|
136
|
-
{
|
|
137
|
-
name: 'instruction_delimiter_injection',
|
|
138
|
-
description: 'Fake instruction boundaries',
|
|
139
|
-
regex: /\b(end\s+of\s+(instructions?|prompt)|new\s+instructions?|<\/?instruction>|---\s*system\s*---)\b/gi,
|
|
140
|
-
severity: 'high',
|
|
141
|
-
action: 'redact'
|
|
142
|
-
},
|
|
143
|
-
// 16. Multi-language obfuscation
|
|
144
|
-
{
|
|
145
|
-
name: 'multi_language_obfuscation',
|
|
146
|
-
description: 'Instructions in non-English using English keywords',
|
|
147
|
-
regex: /\b(ignorar|ignorer|ignora|überspringen)\b.*\b(instrucciones|instructions|istruzioni)\b/gi,
|
|
148
|
-
severity: 'medium',
|
|
149
|
-
action: 'redact'
|
|
150
|
-
},
|
|
151
|
-
// 17. Reverse text obfuscation
|
|
152
|
-
{
|
|
153
|
-
name: 'reverse_text_obfuscation',
|
|
154
|
-
description: 'Instructions written backwards',
|
|
155
|
-
regex: /\b(erongi|nimda|tpmorp|metsys)\b/gi, // "ignore", "admin", "prompt", "system" reversed
|
|
156
|
-
severity: 'medium',
|
|
157
|
-
action: 'strip'
|
|
158
|
-
},
|
|
159
|
-
// 18. Leetspeak obfuscation
|
|
160
|
-
{
|
|
161
|
-
name: 'leetspeak_obfuscation',
|
|
162
|
-
description: 'L33tspeak encoded instructions',
|
|
163
|
-
regex: /\b(1gn0r3|4dm1n|sy5t3m|pr0mpt|1nstruct10n)\b/gi,
|
|
164
|
-
severity: 'low',
|
|
165
|
-
action: 'strip'
|
|
166
|
-
},
|
|
167
|
-
// 19. Jailbreak keywords
|
|
168
|
-
{
|
|
169
|
-
name: 'jailbreak_keywords',
|
|
170
|
-
description: 'Common jailbreak attempt keywords',
|
|
171
|
-
regex: /\b(jailbreak|dan\s+mode|developer\s+mode\s+enabled|anarchy\s+mode|unrestricted\s+mode)\b/gi,
|
|
172
|
-
severity: 'critical',
|
|
173
|
-
action: 'redact'
|
|
174
|
-
},
|
|
175
|
-
// 20. Token smuggling
|
|
176
|
-
{
|
|
177
|
-
name: 'token_smuggling',
|
|
178
|
-
description: 'Attempts to inject special tokens',
|
|
179
|
-
regex: /<\|im_(start|end)\|>|<\|endoftext\|>|\[INST\]|\[\/INST\]/gi,
|
|
180
|
-
severity: 'high',
|
|
181
|
-
action: 'redact'
|
|
182
|
-
},
|
|
183
|
-
// 21. System message injection
|
|
184
|
-
{
|
|
185
|
-
name: 'system_message_injection',
|
|
186
|
-
description: 'Fake system messages',
|
|
187
|
-
regex: /\[SYSTEM\]|\[ASSISTANT\]|\[USER\]|<\|system\|>/gi,
|
|
188
|
-
severity: 'high',
|
|
189
|
-
action: 'redact'
|
|
190
|
-
},
|
|
191
|
-
// 22. Conversation reset
|
|
192
|
-
{
|
|
193
|
-
name: 'conversation_reset',
|
|
194
|
-
description: 'Attempts to reset conversation state',
|
|
195
|
-
regex: /\b(reset|restart|clear|new)\s+(conversation|chat|session|context)\b/gi,
|
|
196
|
-
severity: 'medium',
|
|
197
|
-
action: 'redact'
|
|
198
|
-
},
|
|
199
|
-
// 23. Memory manipulation
|
|
200
|
-
{
|
|
201
|
-
name: 'memory_manipulation',
|
|
202
|
-
description: 'Attempts to manipulate AI memory or implant false context',
|
|
203
|
-
regex: /\b(remember|memorize|recall|don'?t\s+forget)\s+(that\s+)?(I\s+am|you\s+are|we\s+are|you\s+must|I\s+told\s+you|you\s+already|your\s+administrator|your\s+creator)\b/gi,
|
|
204
|
-
severity: 'medium',
|
|
205
|
-
action: 'redact'
|
|
206
|
-
},
|
|
207
|
-
// 24. Capability probing
|
|
208
|
-
{
|
|
209
|
-
name: 'capability_probing',
|
|
210
|
-
description: 'Probes for hidden capabilities',
|
|
211
|
-
regex: /\b(can\s+you|are\s+you\s+able\s+to)\s+(access|browse|execute|run|download)\b/gi,
|
|
212
|
-
severity: 'low',
|
|
213
|
-
action: 'strip'
|
|
214
|
-
},
|
|
215
|
-
// 25. Chain-of-thought manipulation
|
|
216
|
-
{
|
|
217
|
-
name: 'chain_of_thought_manipulation',
|
|
218
|
-
description: 'Manipulates reasoning process',
|
|
219
|
-
regex: /\blet'?s\s+think\s+step\s+by\s+step\b.*\b(ignore|bypass|override)\b/gi,
|
|
220
|
-
severity: 'medium',
|
|
221
|
-
action: 'redact'
|
|
222
|
-
},
|
|
223
|
-
// 26. Hypothetical scenario injection
|
|
224
|
-
{
|
|
225
|
-
name: 'hypothetical_scenario_injection',
|
|
226
|
-
description: 'Uses hypotheticals to bypass restrictions',
|
|
227
|
-
regex: /\b(hypothetically|imagine\s+you\s+could|in\s+a\s+world\s+where|pretend\s+there\s+are\s+no|let'?s\s+say\s+you\s+were\s+allowed|if\s+you\s+had\s+no\s+restrictions|for\s+the\s+sake\s+of\s+argument|suppose|what\s+if)\b.*\b(unrestricted|ignore|bypass|allowed|no\s+rules|no\s+guidelines|were\s+able)\b/gi,
|
|
228
|
-
severity: 'medium',
|
|
229
|
-
action: 'redact'
|
|
230
|
-
},
|
|
231
|
-
// 27. Ethical override
|
|
232
|
-
{
|
|
233
|
-
name: 'ethical_override',
|
|
234
|
-
description: 'Attempts to override ethical guidelines',
|
|
235
|
-
regex: /\b(ignore|bypass|disable)\s+(ethics|safety|guidelines|guardrails|restrictions)\b/gi,
|
|
236
|
-
severity: 'critical',
|
|
237
|
-
action: 'redact'
|
|
238
|
-
},
|
|
239
|
-
// 28. Output format manipulation
|
|
240
|
-
{
|
|
241
|
-
name: 'output_format_manipulation',
|
|
242
|
-
description: 'Manipulates output format to hide instructions',
|
|
243
|
-
regex: /\b(format|structure|style)\s+your\s+(response|output)\s+as\b.*\b(system|admin|instruction)\b/gi,
|
|
244
|
-
severity: 'medium',
|
|
245
|
-
action: 'redact'
|
|
246
|
-
},
|
|
247
|
-
// 29. Negative instruction
|
|
248
|
-
{
|
|
249
|
-
name: 'negative_instruction',
|
|
250
|
-
description: 'Uses negation to inject instructions',
|
|
251
|
-
regex: /\bdo\s+not\s+(tell|mention|say)\s+(anyone|the\s+user)\b/gi,
|
|
252
|
-
severity: 'low',
|
|
253
|
-
action: 'strip'
|
|
254
|
-
},
|
|
255
|
-
// 30. Credential harvesting
|
|
256
|
-
{
|
|
257
|
-
name: 'credential_harvesting',
|
|
258
|
-
description: 'Attempts to harvest credentials',
|
|
259
|
-
regex: /\b(enter|provide|give\s+me)\s+(your|the)\s+(password|api\s+key|token|credentials?|secret)\b/gi,
|
|
260
|
-
severity: 'critical',
|
|
261
|
-
action: 'redact'
|
|
262
|
-
},
|
|
263
|
-
// 31. Time-based triggers
|
|
264
|
-
{
|
|
265
|
-
name: 'time_based_triggers',
|
|
266
|
-
description: 'Conditional execution based on time',
|
|
267
|
-
regex: /\b(after|when|once)\s+\d+\s+(seconds?|minutes?|hours?)\b.*\b(then|execute|run)\b/gi,
|
|
268
|
-
severity: 'low',
|
|
269
|
-
action: 'strip'
|
|
270
|
-
},
|
|
271
|
-
// 32. Code execution requests
|
|
272
|
-
{
|
|
273
|
-
name: 'code_execution_requests',
|
|
274
|
-
description: 'Requests code execution or contains dangerous code patterns',
|
|
275
|
-
regex: /\b(execute(?!-api\.)|run\s+the\s+following|eval\(|exec\(|os\.system|subprocess|__import__|shell\s+command|bash\s+-c)\b/gi,
|
|
276
|
-
severity: 'high',
|
|
277
|
-
action: 'redact'
|
|
278
|
-
},
|
|
279
|
-
// 32. File system access
|
|
280
|
-
{
|
|
281
|
-
name: 'file_system_access',
|
|
282
|
-
description: 'Requests file system operations',
|
|
283
|
-
regex: /\b(read|write|delete|access)\s+(file|directory|folder)\b/gi,
|
|
284
|
-
severity: 'high',
|
|
285
|
-
action: 'redact'
|
|
286
|
-
},
|
|
287
|
-
// 33. Training data extraction
|
|
288
|
-
{
|
|
289
|
-
name: 'training_data_extraction',
|
|
290
|
-
description: 'Attempts to extract training data',
|
|
291
|
-
regex: /\b(repeat|recite|output)\s+(verbatim|exactly)\s+(from\s+your\s+)?(training|data|corpus)\b/gi,
|
|
292
|
-
severity: 'high',
|
|
293
|
-
action: 'redact'
|
|
294
|
-
},
|
|
295
|
-
// 34. Simulator mode
|
|
296
|
-
{
|
|
297
|
-
name: 'simulator_mode',
|
|
298
|
-
description: 'Requests simulator/VM mode',
|
|
299
|
-
regex: /\b(simulate|emulate|pretend\s+you\s+are)\s+(a\s+)?(linux|terminal|bash|shell|vm|virtual\s+machine)\b/gi,
|
|
300
|
-
severity: 'medium',
|
|
301
|
-
action: 'redact'
|
|
302
|
-
},
|
|
303
|
-
// 35. Nested encoding
|
|
304
|
-
{
|
|
305
|
-
name: 'nested_encoding',
|
|
306
|
-
description: 'Multiple layers of encoding or double-encoded sequences',
|
|
307
|
-
regex: /\b(decode|decrypt|decipher)\s+(this\s+)?(twice|again|multiple\s+times)\b|%25[0-9A-F]{2}|[A-Za-z0-9+/]{40,}={0,2}.*[A-Za-z0-9+/]{40,}={0,2}/gi,
|
|
308
|
-
severity: 'high',
|
|
309
|
-
action: 'redact'
|
|
310
|
-
},
|
|
311
|
-
// 36. Payload splitting
|
|
312
|
-
{
|
|
313
|
-
name: 'payload_splitting',
|
|
314
|
-
description: 'Splits payload across multiple inputs',
|
|
315
|
-
regex: /\b(combine|concatenate|join)\s+(the\s+)?(previous|above)\s+(parts?|sections?|fragments?)\b/gi,
|
|
316
|
-
severity: 'medium',
|
|
317
|
-
action: 'redact'
|
|
318
|
-
},
|
|
319
|
-
// 37. CSS-based hiding
|
|
320
|
-
{
|
|
321
|
-
name: 'css_hiding',
|
|
322
|
-
description: 'Hidden content via CSS',
|
|
323
|
-
regex: /display\s*:\s*none|visibility\s*:\s*hidden|opacity\s*:\s*0/gi,
|
|
324
|
-
severity: 'medium',
|
|
325
|
-
action: 'strip'
|
|
326
|
-
},
|
|
327
|
-
// 38. Authority impersonation
|
|
328
|
-
{
|
|
329
|
-
name: 'authority_impersonation',
|
|
330
|
-
description: 'Claims to be an authority figure',
|
|
331
|
-
regex: /\b(I\s+am|this\s+is)\s+(your\s+)?(developer|creator|administrator|ceo|manager)\b/gi,
|
|
332
|
-
severity: 'high',
|
|
333
|
-
action: 'redact'
|
|
334
|
-
},
|
|
335
|
-
// 40. Testing/debugging claims
|
|
336
|
-
{
|
|
337
|
-
name: 'testing_debugging_claims',
|
|
338
|
-
description: 'Claims this is a test environment',
|
|
339
|
-
regex: /\b(this\s+is\s+a\s+)?(test|testing|debug|debugging)\s+(environment|mode|session)\b/gi,
|
|
340
|
-
severity: 'medium',
|
|
341
|
-
action: 'redact'
|
|
342
|
-
},
|
|
343
|
-
// 41. Callback URL injection
|
|
344
|
-
{
|
|
345
|
-
name: 'callback_url_injection',
|
|
346
|
-
description: 'Suspicious callback URLs',
|
|
347
|
-
regex: /\b(callback|webhook|redirect)\s+(url|endpoint)\s*[:=]\s*https?:\/\/(?!localhost)/gi,
|
|
348
|
-
severity: 'high',
|
|
349
|
-
action: 'redact'
|
|
350
|
-
},
|
|
351
|
-
// 43. Whitespace steganography
|
|
352
|
-
{
|
|
353
|
-
name: 'whitespace_steganography',
|
|
354
|
-
description: 'Hidden content in whitespace patterns',
|
|
355
|
-
regex: /\s{10,}/g,
|
|
356
|
-
severity: 'low',
|
|
357
|
-
action: 'strip'
|
|
358
|
-
}
|
|
359
|
-
];
|
|
360
|
-
/**
|
|
361
|
-
* Get all pattern names for logging/testing
|
|
362
|
-
*/
|
|
363
|
-
export function getAllPatternNames() {
|
|
364
|
-
return INJECTION_PATTERNS.map(p => p.name);
|
|
365
|
-
}
|
|
366
|
-
/**
|
|
367
|
-
* Get patterns by severity level
|
|
368
|
-
*/
|
|
369
|
-
export function getPatternsBySeverity(severity) {
|
|
370
|
-
return INJECTION_PATTERNS.filter(p => p.severity === severity);
|
|
371
|
-
}
|
|
372
|
-
//# sourceMappingURL=patterns.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/sanitizer/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAUH,MAAM,CAAC,MAAM,kBAAkB,GAAuB;IACpD,gGAAgG;IAChG;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6CAA6C;QAC1D,KAAK,EAAE,0NAA0N;QACjO,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,kCAAkC;IAClC;QACE,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,sDAAsD;QACnE,KAAK,EAAE,oKAAoK;QAC3K,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,oBAAoB;IACpB;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,wHAAwH;QAC/H,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,wCAAwC;QACrD,KAAK,EAAE,uJAAuJ;QAC9J,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,0BAA0B;IAC1B;QACE,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,4JAA4J;QACnK,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2CAA2C;QACxD,KAAK,EAAE,+MAA+M;QACtN,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6CAA6C;QAC1D,KAAK,EAAE,sHAAsH;QAC7H,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,mCAAmC;IACnC;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,6BAA6B;QAC1C,KAAK,EAAE,qFAAqF;QAC5F,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,kCAAkC;IAClC;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,0CAA0C;QACvD,KAAK,EAAE,2DAA2D,EAAE,8BAA8B;QAClG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,wBAAwB;QAC/B,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,OAAO;KAChB;IAED,4BAA4B;IAC5B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,oCAAoC;QACjD,KAAK,EAAE,uFAAuF;QAC9F,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2CAA2C;QACxD,KAAK,EAAE,oCAAoC;QAC3C,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,0BAA0B;QACvC,KAAK,EAAE,oDAAoD;QAC3D,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,0CAA0C;QACjD,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,oCAAoC;QACjD,KAAK,EAAE,gIAAgI;QACvI,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,6BAA6B;QAC1C,KAAK,EAAE,mGAAmG;QAC1G,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,oDAAoD;QACjE,KAAK,EAAE,0FAA0F;QACjG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,gCAAgC;QAC7C,KAAK,EAAE,oCAAoC,EAAE,iDAAiD;QAC9F,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,4BAA4B;IAC5B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,gCAAgC;QAC7C,KAAK,EAAE,gDAAgD;QACvD,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,4FAA4F;QACnG,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,sBAAsB;IACtB;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,4DAA4D;QACnE,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,sBAAsB;QACnC,KAAK,EAAE,kDAAkD;QACzD,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,uEAAuE;QAC9E,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,0BAA0B;IAC1B;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,2DAA2D;QACxE,KAAK,EAAE,sKAAsK;QAC7K,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,gCAAgC;QAC7C,KAAK,EAAE,gFAAgF;QACvF,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,oCAAoC;IACpC;QACE,IAAI,EAAE,+BAA+B;QACrC,WAAW,EAAE,+BAA+B;QAC5C,KAAK,EAAE,uEAAuE;QAC9E,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,sCAAsC;IACtC;QACE,IAAI,EAAE,iCAAiC;QACvC,WAAW,EAAE,2CAA2C;QACxD,KAAK,EAAE,2SAA2S;QAClT,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,yCAAyC;QACtD,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,iCAAiC;IACjC;QACE,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,gDAAgD;QAC7D,KAAK,EAAE,gGAAgG;QACvG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,sCAAsC;QACnD,KAAK,EAAE,2DAA2D;QAClE,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,4BAA4B;IAC5B;QACE,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,iCAAiC;QAC9C,KAAK,EAAE,+FAA+F;QACtG,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,QAAQ;KACjB;IAED,0BAA0B;IAC1B;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qCAAqC;QAClD,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,6DAA6D;QAC1E,KAAK,EAAE,0HAA0H;QACjI,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,yBAAyB;IACzB;QACE,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,iCAAiC;QAC9C,KAAK,EAAE,4DAA4D;QACnE,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,6FAA6F;QACpG,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,qBAAqB;IACrB;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,4BAA4B;QACzC,KAAK,EAAE,wGAAwG;QAC/G,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,sBAAsB;IACtB;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,yDAAyD;QACtE,KAAK,EAAE,8IAA8I;QACrJ,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,wBAAwB;IACxB;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,8FAA8F;QACrG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,uBAAuB;IACvB;QACE,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,wBAAwB;QACrC,KAAK,EAAE,8DAA8D;QACrE,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,OAAO;KAChB;IAED,8BAA8B;IAC9B;QACE,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,kCAAkC;QAC/C,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,mCAAmC;QAChD,KAAK,EAAE,sFAAsF;QAC7F,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,QAAQ;KACjB;IAED,6BAA6B;IAC7B;QACE,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,0BAA0B;QACvC,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;KACjB;IAED,+BAA+B;IAC/B;QACE,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,uCAAuC;QACpD,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;KAChB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgD;IACpF,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AACjE,CAAC"}
|